diff --git a/install/sql/ispconfig3.sql b/install/sql/ispconfig3.sql index 77425fe7338f86c42ab801406b6b6dceb95bd068..8311bec186905f002b074f006929f0cf0f68b3a4 100644 --- a/install/sql/ispconfig3.sql +++ b/install/sql/ispconfig3.sql @@ -2217,5 +2217,6 @@ INSERT INTO `sys_user` (`userid`, `sys_userid`, `sys_groupid`, `sys_perm_user`, -- INSERT INTO sys_config VALUES ('1','db','db_version','3.0.5.3'); +INSERT INTO sys_config VALUES ('2','interface','session_timeout','0'); SET FOREIGN_KEY_CHECKS = 1; \ No newline at end of file diff --git a/install/tpl/system.ini.master b/install/tpl/system.ini.master index dd278de51b73b1bc8171c33e10203c5ee352d8ad..0d4a300f8060086c36f007ee3d1c89003dc16c2a 100644 --- a/install/tpl/system.ini.master +++ b/install/tpl/system.ini.master @@ -49,3 +49,4 @@ client_dashlets_right= customer_no_template=C[CUSTOMER_NO] customer_no_start=1 customer_no_counter=0 +session_timeout=0 diff --git a/interface/lib/app.inc.php b/interface/lib/app.inc.php index e1929d3aa71aea4d415bf6615b5c3a8d679dfbbd..6c19f57cf370d3c9ddd1e8662635fbd38061d2ba 100755 --- a/interface/lib/app.inc.php +++ b/interface/lib/app.inc.php @@ -66,6 +66,14 @@ class app { if($this->_conf['start_session'] == true) { $this->uses('session'); + $tmp = $this->db->queryOneRecord("SELECT `value` FROM sys_config WHERE `config_id` = 2 AND `group` = 'interface' AND `name` = 'session_timeout'"); + if($tmp && $tmp['value'] > 0) { + $this->session->set_timeout($tmp['value']); + session_set_cookie_params(($tmp['value'] * 60) + 300); // make the cookie live 5 minutes longer + } else { + session_set_cookie_params(0); // until browser is closed + } + session_set_save_handler( array($this->session, 'open'), array($this->session, 'close'), array($this->session, 'read'), @@ -74,7 +82,7 @@ class app { array($this->session, 'gc')); session_start(); - + //* Initialize session variables if(!isset($_SESSION['s']['id']) ) $_SESSION['s']['id'] = session_id(); if(empty($_SESSION['s']['theme'])) $_SESSION['s']['theme'] = $conf['theme']; diff --git a/interface/lib/classes/session.inc.php b/interface/lib/classes/session.inc.php index be0ca84ab0c8dde9657e3396aa813f7a777fd607..03fad95b006bb9c49cfd9547d462fe886ef60df0 100644 --- a/interface/lib/classes/session.inc.php +++ b/interface/lib/classes/session.inc.php @@ -32,9 +32,17 @@ class session { private $session_array = array(); private $db; + private $timeout = 0; - function __construct() { + function __construct($session_timeout = 0) { $this->db = new db; + $this->timeout = $session_timeout; + } + + function set_timeout($session_timeout = 0) { + $old_timeout = $this->timeout; + $this->timeout = $session_timeout; + return $old_timeout; } function open ($save_path, $session_name) { @@ -51,8 +59,12 @@ class session { } function read ($session_id) { - - $rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = '".$this->db->quote($session_id)."'"); + + if($this->timeout > 0) { + $rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = '".$this->db->quote($session_id)."' AND last_updated >= DATE_SUB(NOW(), INTERVAL " . intval($this->timeout) . " MINUTE)"); + } else { + $rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = '".$this->db->quote($session_id)."'"); + } if (is_array($rec)) { $this->session_array = $rec; @@ -108,12 +120,16 @@ class session { function gc ($max_lifetime) { - $real_now = date('Y-m-d H:i:s'); - $dt1 = strtotime("$real_now -$max_lifetime seconds"); - $dt2 = date('Y-m-d H:i:s', $dt1); + /*if($this->timeout > 0) { + $this->db->query("DELETE FROM sys_session WHERE last_updated < DATE_SUB(NOW(), INTERVAL " . intval($this->timeout) . " MINUTE)"); + } else {*/ + $real_now = date('Y-m-d H:i:s'); + $dt1 = strtotime("$real_now -$max_lifetime seconds"); + $dt2 = date('Y-m-d H:i:s', $dt1); - $sql = "DELETE FROM sys_session WHERE last_updated < '$dt2'"; - $this->db->query($sql); + $sql = "DELETE FROM sys_session WHERE last_updated < '$dt2'"; + $this->db->query($sql); + //} return true; diff --git a/interface/web/admin/form/system_config.tform.php b/interface/web/admin/form/system_config.tform.php index 4a530ee397b1178839cb0904403ea30eb89c4d5b..28d2ac8905274b8dcc0070ec4ea15a7433ae0353 100644 --- a/interface/web/admin/form/system_config.tform.php +++ b/interface/web/admin/form/system_config.tform.php @@ -473,6 +473,14 @@ $form["tabs"]['misc'] = array ( 'width' => '30', 'maxlength' => '255' ), + 'session_timeout' => array ( + 'datatype' => 'INTEGER', + 'formtype' => 'TEXT', + 'default' => '', + 'value' => '', + 'width' => '30', + 'maxlength' => '255' + ), //################################# // ENDE Datatable fields //################################# diff --git a/interface/web/admin/lib/lang/de_system_config.lng b/interface/web/admin/lib/lang/de_system_config.lng index 6495015f354aefbd39684a175a62591552f9f13f..06733187f7cfe6a434cdcc7d1d43b59c77acdba1 100644 --- a/interface/web/admin/lib/lang/de_system_config.lng +++ b/interface/web/admin/lib/lang/de_system_config.lng @@ -59,4 +59,9 @@ $wb['reseller_dashlets_left_txt'] = 'Reseller-Dashlets links'; $wb['reseller_dashlets_right_txt'] = 'Reseller-Dashlets rechts'; $wb['client_dashlets_left_txt'] = 'Kunden-Dashlets links'; $wb['client_dashlets_right_txt'] = 'Kunden-Dashlets rechts'; +$wb['customer_no_template_txt'] = 'Kundennummer-Vorlage'; +$wb['customer_no_template_error_regex_txt'] = 'Die Kundennummer-Vorlage enthält ungültige Zeichen'; +$wb['customer_no_start_txt'] = 'Kundennummer Startwert'; +$wb['customer_no_counter_txt'] = 'Kundennummer Zähler'; +$wb['session_timeout_txt'] = 'Session-Timeout (Minuten)'; ?> \ No newline at end of file diff --git a/interface/web/admin/lib/lang/en_system_config.lng b/interface/web/admin/lib/lang/en_system_config.lng index b91c990afe178de36b0f00ffa3d4a41442679f7a..d9bd9ec6f0a0eb03370832ee7f0efe31fbce48d6 100644 --- a/interface/web/admin/lib/lang/en_system_config.lng +++ b/interface/web/admin/lib/lang/en_system_config.lng @@ -63,4 +63,5 @@ $wb['customer_no_template_txt'] = 'Customer No. template'; $wb['customer_no_template_error_regex_txt'] = 'The customer No. template contains invalid characters'; $wb['customer_no_start_txt'] = 'Customer No. start value'; $wb['customer_no_counter_txt'] = 'Customer No. counter'; +$wb['session_timeout_txt'] = 'Session timeout (minutes)'; ?> diff --git a/interface/web/admin/system_config_edit.php b/interface/web/admin/system_config_edit.php index eab73f66558484d0c73bb73f8457346f313708f1..35140b459d2fd5da781827984837d31688697e29 100644 --- a/interface/web/admin/system_config_edit.php +++ b/interface/web/admin/system_config_edit.php @@ -141,14 +141,17 @@ class page_action extends tform_actions { */ $new_config = $app->tform->encode($this->dataRecord, $section); - if($section == 'sites' && $new_config['vhost_subdomains'] != 'y' && $server_config_array['vhost_subdomains'] == 'y') { + if($section == 'sites' && $new_config['vhost_subdomains'] != 'y' && $server_config_array['sites']['vhost_subdomains'] == 'y') { // check for existing vhost subdomains, if found the mode cannot be disabled $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_domain` WHERE `type` = 'vhostsubdomain'"); if($check['cnt'] > 0) { $new_config['vhost_subdomains'] = 'y'; } } elseif($section == 'mail') { - if($new_config['smtp_pass'] == '') $new_config['smtp_pass'] = $server_config_array['smtp_pass']; + if($new_config['smtp_pass'] == '') $new_config['smtp_pass'] = $server_config_array['mail']['smtp_pass']; + } elseif($section == 'misc' && $new_config['session_timeout'] != $server_config_array['misc']['session_timeout']) { + $app->db->query("DELETE FROM sys_config WHERE `config_id` = 2 AND `group` = 'interface' AND `name` = 'session_timeout'"); + $app->db->query("INSERT INTO sys_config (`config_id`, `group`, `name`, `value`) VALUES (2, 'interface', 'session_timeout', '" . intval($new_config['session_timeout']) . "')"); } $server_config_array[$section] = $new_config; $server_config_str = $app->ini_parser->get_ini_string($server_config_array); diff --git a/interface/web/admin/templates/system_config_misc_edit.htm b/interface/web/admin/templates/system_config_misc_edit.htm index d58550727e3184de499a51da91dbde6f448cc7b3..de9e3c3458c24c7a2b803cd457d3b9baea265e6f 100644 --- a/interface/web/admin/templates/system_config_misc_edit.htm +++ b/interface/web/admin/templates/system_config_misc_edit.htm @@ -81,7 +81,11 @@ -
+
+ + +
+

{tmpl_var name='maintenance_mode_txt'}

{tmpl_var name='maintenance_mode'} diff --git a/interface/web/login/index.php b/interface/web/login/index.php index c9c412c1b308718796dc3da4e8bd2ec732987ec4..6e8f9ce5b123000a9a173d902659d0dc297cc30e 100644 --- a/interface/web/login/index.php +++ b/interface/web/login/index.php @@ -230,7 +230,8 @@ class login_index { $_SESSION['s']['user']['theme'] = isset($user['app_theme']) ? $user['app_theme'] : 'default'; $_SESSION['s']['language'] = $user['language']; $_SESSION["s"]['theme'] = $_SESSION['s']['user']['theme']; - + $_SESSION['s']['session_timeout'] = $server_config_array['session_timeout']; + if(is_file($_SESSION['s']['user']['startmodule'].'/lib/module.conf.php')) { include_once $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php'; $menu_dir = ISPC_WEB_PATH.'/' . $_SESSION['s']['user']['startmodule'] . '/lib/menu.d';