mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-04 05:37:32 +02:00
Code Issues Releases Wiki Activity

Merge pull request #4132 from Deltik/fix-4113

Browse Source 
Enable PHP session file garbage collection
This commit is contained in:
Cameron
2020-04-18 12:25:52 -07:00
committed by GitHub
parent 5b34bc9bf1 5d982561c3
commit 23e62915db
1 changed files with 61 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
e107_handlers/session_handler.php
View File

@@ -194,8 +194,8 @@ class e_session
*/ */
public function setDefaultSystemConfig() public function setDefaultSystemConfig()
{ {
if(!$this->getSessionId()) if ($this->getSessionId()) return $this;
{
$config = array( $config = array(
'ValidateRemoteAddr' => (e_SECURITY_LEVEL >= self::SECURITY_LEVEL_BALANCED), 'ValidateRemoteAddr' => (e_SECURITY_LEVEL >= self::SECURITY_LEVEL_BALANCED),
'ValidateHttpVia' => (e_SECURITY_LEVEL >= self::SECURITY_LEVEL_HIGH), 'ValidateHttpVia' => (e_SECURITY_LEVEL >= self::SECURITY_LEVEL_HIGH),
@@ -208,7 +208,7 @@ class e_session
'httponly' => true, 'httponly' => true,
); );
if(!defined('E107_INSTALL')) if (!defined('E107_INSTALL'))
{ {
$systemSaveMethod = ini_get('session.save_handler'); $systemSaveMethod = ini_get('session.save_handler');
@@ -218,37 +218,54 @@ class e_session
$config['SavePath'] = e107::getPref('session_save_path', false); // FIXME - new pref $config['SavePath'] = e107::getPref('session_save_path', false); // FIXME - new pref
$config['SaveMethod'] = e107::getPref('session_save_method', $saveMethod); // FIXME - new pref $config['SaveMethod'] = e107::getPref('session_save_method', $saveMethod); // FIXME - new pref
$options['lifetime'] = (integer) e107::getPref('session_lifetime', 86400); // $options['lifetime'] = (integer)e107::getPref('session_lifetime', 86400); //
$options['path'] = e107::getPref('session_cookie_path', ''); // FIXME - new pref $options['path'] = e107::getPref('session_cookie_path', ''); // FIXME - new pref
$options['secure'] = e107::getPref('ssl_enabled', false); // $options['secure'] = e107::getPref('ssl_enabled', false); //
if(!empty($options['secure'])) if (!empty($options['secure']))
{ {
ini_set('session.cookie_secure', 1); ini_set('session.cookie_secure', 1);
} }
} }
if(defined('SESSION_SAVE_PATH')) // safer than a pref. if (defined('SESSION_SAVE_PATH')) // safer than a pref.
{ {
$config['SavePath'] = e_BASE. SESSION_SAVE_PATH; $config['SavePath'] = e_BASE . SESSION_SAVE_PATH;
} }
$hashes = hash_algos(); $hashes = hash_algos();
if((e_SECURITY_LEVEL >= self::SECURITY_LEVEL_BALANCED) && in_array('sha512',$hashes)) if ((e_SECURITY_LEVEL >= self::SECURITY_LEVEL_BALANCED) && in_array('sha512', $hashes))
{ {
ini_set('session.hash_function', 'sha512'); ini_set('session.hash_function', 'sha512');
ini_set('session.hash_bits_per_character', 5); ini_set('session.hash_bits_per_character', 5);
} }
$this->fixSessionFileGarbageCollection();
$this->setConfig($config) $this->setConfig($config)
->setOptions($options); ->setOptions($options);
}
return $this; return $this;
} }
/**
* Modify PHP ini at runtime to enable session file garbage collection
*
* Takes no action if the garbage collector is already enabled.
*
* @see https://github.com/e107inc/e107/issues/4113
* @return void
*/
private function fixSessionFileGarbageCollection()
{
$gc_probability = ini_get('session.gc_probability');
if ($gc_probability > 0) return;
ini_set('session.gc_probability', 1);
ini_set('session.gc_divisor', 100);
}
/** /**
* Retrieve value from current session namespace * Retrieve value from current session namespace
* Equals to $_SESSION[NAMESPACE][$key] * Equals to $_SESSION[NAMESPACE][$key]