Commit Graph

8 Commits

Author SHA1 Message Date
cacf7546b9 MDL-61316 core: Removed 5x multiplier from guest session expiration 2024-12-04 02:44:22 +00:00
e52fbd2f84 MDL-66151 Performance: Session Manager modularisation
Storage of session metadata has moved into the session handler class.
This allows for other classes to fully control session handling and
removes the dependancy on the core sessions database table.

Previously, the standard method of interaction with the
session metadata was direct DB calls; this may break other plugins as there
are now proper APIs available through the session manager.

Co-authored-by: Darren Cocco <moodle@darren.cocco.id.au>
Co-authored-by: Trisha Milan <trishamilan@catalyst-au.net>
Co-authored-by: Andrew Nicols <andrew@nicols.co.uk>
2024-09-03 13:04:04 +10:00
29a541724f MDL-65292 style: Fix all the function declaration ordering
This has been generated running the following Sniff,
part of the Moodle's CodeSniffer standard:
- PSR2.Methods.MethodDeclaration

It just ensures all the function declarations have
the correct order for:
- abstract and final.
- visibility (public, protected, private).
- static.

So, all the lines modified by this commit are function declarations
and the only changes are in the positions of those keywords.
2024-02-28 23:47:47 +01:00
4400ed3e1c MDL-58018 core: finish dev to support open sessions without a lock 2020-04-21 19:29:12 +02:00
1c3b89b170 MDL-58018 core: Add support to open sessions without a lock 2020-04-20 14:13:34 +02:00
c6b5f18d06 MDL-46561 session: use full session validation in \core\session\manager::session_exists() 2014-08-07 08:59:24 +12:00
6ec361c6bc MDL-42485 add session lock acquire timeout to memcached session driver
Credit goes to Eric Merrill, thanks!
2013-10-27 16:05:12 +01:00
d79d5ac276 MDL-31501 rework user session architecture
List of changes:
 * New OOP API using PHP namespace \core\session\.
 * All handlers now update the sessions table consistently.
 * Experimental DB session support in Oracle.
 * Full support for session file handler (filesystem locking required).
 * New option for alternative session directory.
 * Official memcached session handler support.
 * Workaround for memcached version with non-functional gc.
 * Improved security - forced session id regeneration.
 * Improved compatibility with recent PHP releases.
 * Fixed borked CSS during install in debug mode.
 * Switched to file based sessions in new installs.
 * DB session setting disappears if DB does not support sessions.
 * DB session setting disappears if session handler specified in config.php.
 * Fast purging of sessions used in request only.
 * No legacy distinction -  file, database and memcached support the same functionality.
 * Session handler name included in performance info.
 * Fixed user_loggedin and user_loggedout event triggering.
 * Other minor bugfixing and improvements.
 * Fixed database session segfault if MUC disposed before $DB.

Limitations:
 * Session access time is now updated right after session start.
 * Support for $CFG->sessionlockloggedinonly was removed.
 * First request does not update userid in sessions table.
 * The timeouts may break badly if server hosting forces PHP.ini session settings.
 * The session GC is a lot slower, we do not rely on external session timeouts.
 * There cannot be any hooks triggered at the session write time.
 * File and memcached handlers do not support session lock acquire timeouts.
 * Some low level PHP session functions can not be used directly in Moodle code.
2013-09-21 13:11:56 +02:00