mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-19 14:27:22 +01:00
Code Issues Projects Releases Wiki Activity
68,513 Commits 36 Branches 519 Tags
Commit Graph

92 Commits

Author SHA1 Message Date
Petr Škoda
d79d5ac276 MDL-31501 rework user session architecture 
List of changes:
 * New OOP API using PHP namespace \core\session\.
 * All handlers now update the sessions table consistently.
 * Experimental DB session support in Oracle.
 * Full support for session file handler (filesystem locking required).
 * New option for alternative session directory.
 * Official memcached session handler support.
 * Workaround for memcached version with non-functional gc.
 * Improved security - forced session id regeneration.
 * Improved compatibility with recent PHP releases.
 * Fixed borked CSS during install in debug mode.
 * Switched to file based sessions in new installs.
 * DB session setting disappears if DB does not support sessions.
 * DB session setting disappears if session handler specified in config.php.
 * Fast purging of sessions used in request only.
 * No legacy distinction -  file, database and memcached support the same functionality.
 * Session handler name included in performance info.
 * Fixed user_loggedin and user_loggedout event triggering.
 * Other minor bugfixing and improvements.
 * Fixed database session segfault if MUC disposed before $DB.

Limitations:
 * Session access time is now updated right after session start.
 * Support for $CFG->sessionlockloggedinonly was removed.
 * First request does not update userid in sessions table.
 * The timeouts may break badly if server hosting forces PHP.ini session settings.
 * The session GC is a lot slower, we do not rely on external session timeouts.
 * There cannot be any hooks triggered at the session write time.
 * File and memcached handlers do not support session lock acquire timeouts.
 * Some low level PHP session functions can not be used directly in Moodle code.
 2013-09-21 13:11:56 +02:00
Rajesh Taneja
71298fea03 MDL-40043 Events API: Added user_loggedinas event to replace add_to_log 2013-08-20 14:07:35 +08:00
David Monllao
cfcbc34a61 MDL-39478 behat: New constant to detect when the test site is running 
Also removing an unused var and method.
 2013-05-07 11:12:01 +08:00
David Monllao
f5ceb6c233 MDL-37656 behat: Adding hooks 
At suite, scenario and step levels
 2013-01-29 12:57:03 +08:00
Sam Hemelryk
7a6ef4ee8f Merge branch 'w49_MDL-37060_m25_sessinit' of git://github.com/skodak/moodle 2012-12-11 15:27:26 +13:00
Petr Škoda
25336547e8 MDL-37061 always validate lang when setting session user 
This should resolve problems with TinyMCE langs and some unknown MUCH caching issue.
 2012-12-09 11:28:36 +01:00
Petr Škoda
3277509a60 MDL-37060 prevent notice in session_get_instance() 2012-12-08 12:31:05 +01:00
Petr Škoda
cbf99010bc MDL-36779 fix undefined NO_MOODLE_COOKIE after failed db connect 2012-11-23 12:05:49 +08:00
Petr Škoda
5705796638 MDL-36211 fix log message typo 
Credit goes to Dan Poltawski, thanks.
 2012-11-17 10:42:47 +01:00
Petr Škoda
61c651c379 MDL-36211 try to not update session record on every request 2012-11-17 10:42:47 +01:00
Petr Škoda
46a86dbbc2 MDL-36211 do not lock sessions for guests and not-logged-in users 2012-11-17 10:42:47 +01:00
Sam Hemelryk
52642d0d24 MDL-25290 cache: Fixed up issue with unit test blowing away cachedir 2012-10-08 09:53:51 +13:00
David Monllao
65cd3f9c16 MDL-35029 core_session Refresh guest session if autologin as guest is enabled 2012-08-27 17:03:11 +08:00
Petr Škoda
e8f4b30638 MDL-33734 remove unused session code 
Credit goes to Davo Smith, thanks!
 2012-08-12 14:25:18 +02:00
Dan Poltawski
5c46aee8fd Revert "MDL-32379: Fix memory leak in session_set_user" 
This reverts commit 22dc32042a92f1ed521afaf4352cd931c20b11ea.

This integrator didn't properly read the diff, sorry.
 2012-05-07 14:39:43 +08:00
Tony Levi
22dc32042a MDL-32379: Fix memory leak in session_set_user 
session_set_user mistakingly sets the session user to be a reference to the passed object.

This is a problem when alot of data is attached to the session user object,
as any process holding a list of these users will use more memory each time it changes user.
 2012-04-10 14:07:59 +09:30
Petr Skoda
458b33866d MDL-32149 reset all globals in PHPUnit tests, fix setting of $USER 2012-04-03 22:30:54 +02:00
Adrian Greeve
40fe364713 MDL-31248 - lib - Retaining the old password key and creating a new cookie prefix. 2012-03-09 13:38:51 +08:00
Eloy Lafuente (stronk7)
12dfd6df01 MDL-30026 improve session lock - unit tests & minor comment fixup 2011-11-13 19:05:57 +01:00
Petr Skoda
2b0e3941e9 MDL-30026 improve session lock acquire timeouts and other minor cleanup 
This is partially based on original patch by Tony Levi.
 2011-11-06 17:52:15 +01:00
Petr Skoda
e922fe23b6 MDL-29602 accesslib improvements 
Refactoring and improvements of the accesslib.php library including prevention of access for not-logged-in users when forcelogin enabled, improved context caching, OOP refactoring of contexts, fixed context loading, deduplication of role definitions in user sessions, installation improvements, decoupling of enrolment checking from capability loading, added detection of deleted and non-existent users in has_capability(), new function accesslib test, auth and enrol upgrade notes.

More details are available in tracker subtasks.
 2011-10-16 14:05:18 +02:00
Petr Skoda
988fc20eef MDL-28630 prevent session breakage caused by incorrect cookie settings 2011-08-06 22:22:52 +02:00
Eloy Lafuente (stronk7)
21ba26e814 Merge branch 'w27_MDL-28158_m22_cookies' of git://github.com/skodak/moodle 2011-07-11 15:33:03 +02:00
Petr Skoda
98eaf27e3c MDL-28280 remove obsolete unmaintained $CFG->usesid 2011-07-10 13:44:41 +02:00
Petr Skoda
0342fc3609 MDL-28158 add optional "Remember username" checkbox in login forms 2011-07-10 13:22:55 +02:00
Petr Skoda
81b58cc227 MDL-26389 improve profile and search engine privacy 2011-02-14 15:42:26 +01:00
Petr Skoda
673a8f7781 MDL-26031 purge timed-out sessions of guest user 2011-01-17 18:25:00 +01:00
Sam Hemelryk
3b15d04013 sessions MDL-25907 Fixed typo prior to integration 2011-01-17 10:48:00 +08:00
Ashley Holman
d0c3f54770 MDL-25907 purge sessions of not-logged-in users 2011-01-12 20:14:00 +01:00
Petr Skoda
8a8f1c7cd6 MDL-10137 rewritten cookie test on login page, username cookie is not required any more - hopefully this will be more reliable test 2010-10-10 17:30:28 +00:00
Petr Skoda
927b2e7bc7 MDL-24313 standardising general object instantiation to use sdtClass instead our object 2010-09-21 06:59:09 +00:00
Petr Skoda
7c25ee0f73 fixed multiple missing globals causing regressions especially for opentogoogle access 2010-09-17 08:11:47 +00:00
Petr Skoda
f0d531ad4c standardized PHPDocs package info + fixed copyrights to reflect real author of classes (if anybody wants to change anything I would like to be contacted) 2010-09-06 11:49:46 +00:00
Petr Skoda
4031f6a27c MDL-23984 improved check_dir_exists() and make_upload_directory() incorrect permissions throw fatal exceptions by default; it is possible to create dirs outside of dataroot (necessary for custom dir locations); fixed Win32 compatibility in session_exists method 2010-08-29 14:33:39 +00:00
Petr Skoda
492a55e7f2 MDL-23949 fixed use of invalid $USER before linked to session 2010-08-26 17:19:09 +00:00
Petr Skoda
b3df176457 MDL-23927 do not use = 'guest' because we have CFG->siteguest AND it matches any other username with accents and different case in MySQL 2010-08-25 08:56:07 +00:00
Petr Skoda
e884f63a0c MDL-23911 login as session can be only terminated by logout, this should improve security on pages where user may enter JS that only he/she can see - such as the /my/index.php 2010-08-24 08:50:53 +00:00
Petr Skoda
df92ba9a43 MDL-23797 minor session refactoring necessary for setting of default context on pages that do not use cookies 2010-08-16 17:47:36 +00:00
Petr Skoda
428540d174 MDL-19774 fixed incorrect session init in cron - credit goes to Jay Knight 2010-08-09 07:40:26 +00:00
Petr Skoda
78bfb562a0 MDL-21249 improved php docs and adding direct access prevention in core libs 2010-07-25 13:35:05 +00:00
Petr Skoda
df997f841f MDL-21782 reworked enrolment framework, the core infrastructure is in place, the basic plugins are all implemented; see the tracker issue for list of unfinished bits, expect more changes and improvements during the next week 
AMOS START
    MOV [sendcoursewelcomemessage,core_admin],[sendcoursewelcomemessage,enrol_self]
    MOV [configsendcoursewelcomemessage,core_admin],[sendcoursewelcomemessage_desc,enrol_self]
    MOV [enrolstartdate,core],[enrolstartdate,enrol_self]
    MOV [enrolenddate,core],[enrolenddate,enrol_self]
    CPY [welcometocourse,core],[welcometocourse,enrol_self]
    CPY [welcometocoursetext,core],[welcometocoursetext,enrol_self]
    MOV [notenrollable,core],[notenrollable,core_enrol]
    MOV [enrolenddaterror,core],[enrolenddaterror,enrol_self]
    MOV [enrolmentkeyhint,core],[passwordinvalidhint,enrol_self]
    MOV [coursemanager,core_admin],[coursecontact,core_admin]
    MOV [configcoursemanager,core_admin],[coursecontact_desc,core_admin]
    MOV [enrolledincourserole,core],[enrolledincourserole,enrol_manual]
    MOV [enrolme,core],[enrolme,core_enrol]
    MOV [unenrol,core],[unenrol,core_enrol]
    MOV [unenrolme,core],[unenrolme,core_enrol]
    MOV [enrolmentnew,core],[enrolmentnew,core_enrol]
    MOV [enrolmentnewuser,core],[enrolmentnewuser,core_enrol]
    MOV [enrolments,core],[enrolments,core_enrol]
    MOV [enrolperiod,core],[enrolperiod,core_enrol]
    MOV [unenrolroleusers,core],[unenrolroleusers,core_enrol]
AMOS END
 2010-06-21 15:30:49 +00:00
Petr Skoda
ed149942a6 fixed more silly typos in comments 2010-05-21 19:31:17 +00:00
Petr Skoda
38549d6396 MDL-21579 using simple exception handling instead of table_exists - we do this in several other places already 2010-04-30 15:38:58 +00:00
Martin Dougiamas
0bedd3c797 MDL-21579 Improved table checking using the shorthand method 2010-04-29 09:51:35 +00:00
Martin Dougiamas
9c764f9f34 MDL-21579 Adding some table checking to avoid errors on database reinstall 2010-04-29 07:10:00 +00:00
Jamie Pratt
2d0acbd5f9 MDL-21579 "Implement session token for embedded application" implemented a second type of session token linked to a session for use in applications embedded in web pages. 2010-04-28 13:16:58 +00:00
Petr Skoda
59e0ce0ac5 MDL-20625 adding TODO for combination of session and tansactiosn, discussing best solution with Eloy 2009-11-10 14:28:40 +00:00
Tim Hunt
a79ef03fe9 moodlelib: MDL-20702 New require_sesskey function. 
Also improve PHPdoc comments to fix my misconceptions.
 2009-11-02 16:41:00 +00:00
skodak
3a465d1dc9 MDL-20462 reminder to minimise timemodified indexed column changes 2009-10-06 19:34:40 +00:00
stronk7
1c13ff2330 NOBUG: Just adding some "database" words here and there to help a bit when debugging problems. 2009-10-01 15:02:00 +00:00