mirror of
https://github.com/moparisthebest/wallabag
synced 2024-11-23 17:42:15 -05:00
Merge pull request #581 from mariroz/fix-session-livetime
fix of issue under nginx and php-fpm
This commit is contained in:
commit
028e34b6c4
6
inc/3rdparty/Session.class.php
vendored
6
inc/3rdparty/Session.class.php
vendored
@ -51,7 +51,7 @@ class Session
|
||||
public static function init($longlastingsession = false)
|
||||
{
|
||||
//check if session name is correct
|
||||
if ( session_id() && session_id()!=self::$sessionName ) {
|
||||
if ( (session_id() && !empty(self::$sessionName) && session_name()!=self::$sessionName) || $longlastingsession ) {
|
||||
session_destroy();
|
||||
}
|
||||
|
||||
@ -71,7 +71,7 @@ class Session
|
||||
session_set_cookie_params(self::$longSessionTimeout, $cookiedir, $_SERVER['HTTP_HOST'], $ssl, true);
|
||||
}
|
||||
else {
|
||||
session_set_cookie_params('', $cookiedir, $_SERVER['HTTP_HOST'], $ssl, true);
|
||||
session_set_cookie_params(0, $cookiedir, $_SERVER['HTTP_HOST'], $ssl, true);
|
||||
}
|
||||
//set server side valid session timeout
|
||||
//WARNING! this may not work in shared session environment. See http://www.php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime about min value: it can be set in any application
|
||||
@ -183,7 +183,7 @@ class Session
|
||||
|| (self::$disableSessionProtection === false
|
||||
&& $_SESSION['ip'] !== self::_allIPs())
|
||||
|| time() >= $_SESSION['expires_on']) {
|
||||
self::logout();
|
||||
//self::logout();
|
||||
|
||||
return false;
|
||||
}
|
||||
|
@ -14,9 +14,7 @@ require_once 'inc/poche/global.inc.php';
|
||||
|
||||
# Start session
|
||||
Session::$sessionName = 'poche';
|
||||
if ( !isset($_GET['login']) ) {
|
||||
Session::init();
|
||||
}
|
||||
Session::init();
|
||||
|
||||
# Start Poche
|
||||
$poche = new Poche();
|
||||
@ -122,6 +120,7 @@ if (Session::isLogged()) {
|
||||
} else {
|
||||
$tpl_file = Tools::getTplFile('login');
|
||||
$tpl_vars['http_auth'] = 0;
|
||||
Session::logout();
|
||||
}
|
||||
|
||||
# because messages can be added in $poche->action(), we have to add this entry now (we can add it before)
|
||||
|
Loading…
Reference in New Issue
Block a user