Commit c951bbf3 authored by Marius Cramer's avatar Marius Cramer
Browse files

Added session timeout to system settings

parent 3dbe806b
......@@ -2210,5 +2210,6 @@ INSERT INTO `sys_user` (`userid`, `sys_userid`, `sys_groupid`, `sys_perm_user`,
--
INSERT INTO sys_config VALUES ('1','db','db_version','3.0.5.3');
INSERT INTO sys_config VALUES ('2','interface','session_timeout','0');
SET FOREIGN_KEY_CHECKS = 1;
\ No newline at end of file
......@@ -49,3 +49,4 @@ client_dashlets_right=
customer_no_template=C[CUSTOMER_NO]
customer_no_start=1
customer_no_counter=0
session_timeout=0
......@@ -65,7 +65,12 @@ class app {
//* Start the session
if($this->_conf['start_session'] == true) {
$this->uses('session');
$this->uses('session,ini_parser');
$tmp = $this->db->queryOneRecord("SELECT value FROM sys_config WHERE config_id = 2 AND group = 'interface' AND name = 'session_timeout'");
if($tmp && $tmp['value'] > 0) {
$this->session->set_timeout($tmp['value']);
}
session_set_save_handler( array($this->session, 'open'),
array($this->session, 'close'),
array($this->session, 'read'),
......
......@@ -32,9 +32,17 @@ class session {
private $session_array = array();
private $db;
private $timeout = 0;
function __construct() {
function __construct($session_timeout = 0) {
$this->db = new db;
$this->timeout = $session_timeout;
}
function set_timeout($session_timeout = 0) {
$old_timeout = $this->timeout;
$this->timeout = $session_timeout;
return $old_timeout;
}
function open ($save_path, $session_name) {
......@@ -51,8 +59,12 @@ class session {
}
function read ($session_id) {
$rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = '".$this->db->quote($session_id)."'");
if($this->timeout > 0) {
$rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = '".$this->db->quote($session_id)."' AND last_updated >= DATE_SUB(NOW(), INTERVAL " . intval($this->timeout) . " MINUTE)");
} else {
$rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = '".$this->db->quote($session_id)."'");
}
if (is_array($rec)) {
$this->session_array = $rec;
......@@ -108,12 +120,16 @@ class session {
function gc ($max_lifetime) {
$real_now = date('Y-m-d H:i:s');
$dt1 = strtotime("$real_now -$max_lifetime seconds");
$dt2 = date('Y-m-d H:i:s', $dt1);
/*if($this->timeout > 0) {
$this->db->query("DELETE FROM sys_session WHERE last_updated < DATE_SUB(NOW(), INTERVAL " . intval($this->timeout) . " MINUTE)");
} else {*/
$real_now = date('Y-m-d H:i:s');
$dt1 = strtotime("$real_now -$max_lifetime seconds");
$dt2 = date('Y-m-d H:i:s', $dt1);
$sql = "DELETE FROM sys_session WHERE last_updated < '$dt2'";
$this->db->query($sql);
$sql = "DELETE FROM sys_session WHERE last_updated < '$dt2'";
$this->db->query($sql);
//}
return true;
......
......@@ -473,6 +473,14 @@ $form["tabs"]['misc'] = array (
'width' => '30',
'maxlength' => '255'
),
'session_timeout' => array (
'datatype' => 'INTEGER',
'formtype' => 'TEXT',
'default' => '',
'value' => '',
'width' => '30',
'maxlength' => '255'
),
//#################################
// ENDE Datatable fields
//#################################
......
......@@ -59,4 +59,9 @@ $wb['reseller_dashlets_left_txt'] = 'Reseller-Dashlets links';
$wb['reseller_dashlets_right_txt'] = 'Reseller-Dashlets rechts';
$wb['client_dashlets_left_txt'] = 'Kunden-Dashlets links';
$wb['client_dashlets_right_txt'] = 'Kunden-Dashlets rechts';
$wb['customer_no_template_txt'] = 'Kundennummer-Vorlage';
$wb['customer_no_template_error_regex_txt'] = 'Die Kundennummer-Vorlage enthält ungültige Zeichen';
$wb['customer_no_start_txt'] = 'Kundennummer Startwert';
$wb['customer_no_counter_txt'] = 'Kundennummer Zähler';
$wb['session_timeout_txt'] = 'Session-Timeout (Minuten)';
?>
\ No newline at end of file
......@@ -63,4 +63,5 @@ $wb['customer_no_template_txt'] = 'Customer No. template';
$wb['customer_no_template_error_regex_txt'] = 'The customer No. template contains invalid characters';
$wb['customer_no_start_txt'] = 'Customer No. start value';
$wb['customer_no_counter_txt'] = 'Customer No. counter';
$wb['session_timeout_txt'] = 'Session timeout (minutes)';
?>
......@@ -141,14 +141,17 @@ class page_action extends tform_actions {
*/
$new_config = $app->tform->encode($this->dataRecord, $section);
if($section == 'sites' && $new_config['vhost_subdomains'] != 'y' && $server_config_array['vhost_subdomains'] == 'y') {
if($section == 'sites' && $new_config['vhost_subdomains'] != 'y' && $server_config_array['sites']['vhost_subdomains'] == 'y') {
// check for existing vhost subdomains, if found the mode cannot be disabled
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_domain` WHERE `type` = 'vhostsubdomain'");
if($check['cnt'] > 0) {
$new_config['vhost_subdomains'] = 'y';
}
} elseif($section == 'mail') {
if($new_config['smtp_pass'] == '') $new_config['smtp_pass'] = $server_config_array['smtp_pass'];
if($new_config['smtp_pass'] == '') $new_config['smtp_pass'] = $server_config_array['mail']['smtp_pass'];
} elseif($section == 'misc' && $new_config['session_timeout'] != $server_config_array['misc']['session_timeout']) {
$app->db->query("DELETE FROM sys_config WHERE `config_id` = 2 AND `group` = 'interface' AND `name` = 'session_timeout'");
$app->db->query("INSERT INTO sys_config (`config_id`, `group`, `name`, `value`) VALUES (2, 'interface', 'session_timeout', '" . intval($new_config['session_timeout']) . "')");
}
$server_config_array[$section] = $new_config;
$server_config_str = $app->ini_parser->get_ini_string($server_config_array);
......
......@@ -81,7 +81,11 @@
<label for="customer_no_counter">{tmpl_var name='customer_no_counter_txt'}</label>
<input name="customer_no_counter" id="customer_no_counter" value="{tmpl_var name='customer_no_counter'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" />
</div>
<div class="ctrlHolder">
<div class="ctrlHolder">
<label for="session_timeout">{tmpl_var name='session_timeout_txt'}</label>
<input name="session_timeout" id="session_timeout" value="{tmpl_var name='session_timeout'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" />
</div>
<div class="ctrlHolder">
<p class="label">{tmpl_var name='maintenance_mode_txt'}</p>
<div class="multiField">
{tmpl_var name='maintenance_mode'}
......
......@@ -230,7 +230,8 @@ class login_index {
$_SESSION['s']['user']['theme'] = isset($user['app_theme']) ? $user['app_theme'] : 'default';
$_SESSION['s']['language'] = $user['language'];
$_SESSION["s"]['theme'] = $_SESSION['s']['user']['theme'];
$_SESSION['s']['session_timeout'] = $server_config_array['session_timeout'];
if(is_file($_SESSION['s']['user']['startmodule'].'/lib/module.conf.php')) {
include_once $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php';
$menu_dir = ISPC_WEB_PATH.'/' . $_SESSION['s']['user']['startmodule'] . '/lib/menu.d';
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment