moodle

mirror_php/moodle

Fork 0

mirror of https://github.com/moodle/moodle.git synced 2025-01-18 22:08:20 +01:00

Commit Graph

Author	SHA1	Message	Date
Petr Skoda	2e00d01db4	MDL-46099 session: fix use of references for session globals This reverses the references used for global $USER and $SESSION, the reason is that PHP does not allow references to references. $USER is a reference to $GLOBALS['USER'] which means we cannot put any references to it. Solution is to store the current user and session objects in $GLOBALS['USER'] and $GLOBALS['SESSIOn'] are reference them in $_SESSION. This patch makes the session code behave the same way in CLI, phpunit and normal web requests - this allows use to finally unit test most aspects of the session code in Moodle.	2014-07-01 08:38:00 +12:00
Petr Škoda	d79d5ac276	MDL-31501 rework user session architecture List of changes: * New OOP API using PHP namespace \core\session\. * All handlers now update the sessions table consistently. * Experimental DB session support in Oracle. * Full support for session file handler (filesystem locking required). * New option for alternative session directory. * Official memcached session handler support. * Workaround for memcached version with non-functional gc. * Improved security - forced session id regeneration. * Improved compatibility with recent PHP releases. * Fixed borked CSS during install in debug mode. * Switched to file based sessions in new installs. * DB session setting disappears if DB does not support sessions. * DB session setting disappears if session handler specified in config.php. * Fast purging of sessions used in request only. * No legacy distinction - file, database and memcached support the same functionality. * Session handler name included in performance info. * Fixed user_loggedin and user_loggedout event triggering. * Other minor bugfixing and improvements. * Fixed database session segfault if MUC disposed before $DB. Limitations: * Session access time is now updated right after session start. * Support for $CFG->sessionlockloggedinonly was removed. * First request does not update userid in sessions table. * The timeouts may break badly if server hosting forces PHP.ini session settings. * The session GC is a lot slower, we do not rely on external session timeouts. * There cannot be any hooks triggered at the session write time. * File and memcached handlers do not support session lock acquire timeouts. * Some low level PHP session functions can not be used directly in Moodle code.	2013-09-21 13:11:56 +02:00
Rajesh Taneja	71298fea03	MDL-40043 Events API: Added user_loggedinas event to replace add_to_log	2013-08-20 14:07:35 +08:00

Author

SHA1

Message

Date

Petr Skoda

2e00d01db4

MDL-46099 session: fix use of references for session globals

This reverses the references used for global $USER and $SESSION,
the reason is that PHP does not allow references to references.
$USER is a reference to $GLOBALS['USER'] which means we cannot
put any references to it. Solution is to store the current user and session
objects in $GLOBALS['USER'] and $GLOBALS['SESSIOn'] are reference
them in $_SESSION.

This patch makes the session code behave the same way in CLI,
phpunit and normal web requests - this allows use to finally
unit test most aspects of the session code in Moodle.

2014-07-01 08:38:00 +12:00

Petr Škoda

d79d5ac276

MDL-31501 rework user session architecture

List of changes:
 * New OOP API using PHP namespace \core\session\.
 * All handlers now update the sessions table consistently.
 * Experimental DB session support in Oracle.
 * Full support for session file handler (filesystem locking required).
 * New option for alternative session directory.
 * Official memcached session handler support.
 * Workaround for memcached version with non-functional gc.
 * Improved security - forced session id regeneration.
 * Improved compatibility with recent PHP releases.
 * Fixed borked CSS during install in debug mode.
 * Switched to file based sessions in new installs.
 * DB session setting disappears if DB does not support sessions.
 * DB session setting disappears if session handler specified in config.php.
 * Fast purging of sessions used in request only.
 * No legacy distinction -  file, database and memcached support the same functionality.
 * Session handler name included in performance info.
 * Fixed user_loggedin and user_loggedout event triggering.
 * Other minor bugfixing and improvements.
 * Fixed database session segfault if MUC disposed before $DB.

Limitations:
 * Session access time is now updated right after session start.
 * Support for $CFG->sessionlockloggedinonly was removed.
 * First request does not update userid in sessions table.
 * The timeouts may break badly if server hosting forces PHP.ini session settings.
 * The session GC is a lot slower, we do not rely on external session timeouts.
 * There cannot be any hooks triggered at the session write time.
 * File and memcached handlers do not support session lock acquire timeouts.
 * Some low level PHP session functions can not be used directly in Moodle code.

2013-09-21 13:11:56 +02:00

Rajesh Taneja

71298fea03

MDL-40043 Events API: Added user_loggedinas event to replace add_to_log

2013-08-20 14:07:35 +08:00

3 Commits