tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Only call session_start() when reading from session 

fixes #6383
This commit is contained in:
Johannes Meyer 2014-07-16 09:33:49 +02:00
parent 8086292b1b
commit 19f05256a0
4 changed files with 37 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
library/Icinga/Authentication/Manager.php
View File

@ -27,7 +27,7 @@ class Manager
* Authenticated user
*
* @var User
**/
*/
private $user;
/**
@ -96,25 +96,24 @@ class Manager
);
$this->user = $user;
if ($persist == true) {
$session = Session::getSession();
$session->refreshId();
$this->persistCurrentUser();
}
}
/**
* Writes the current user to the session
**/
*/
public function persistCurrentUser()
{
$session = Session::getSession();
$session->set('user', $this->user);
$session->write();
$session->refreshId();
}
/**
* Tries to authenticate the user with the current session
**/
*/
public function authenticateFromSession()
{
$this->user = Session::getSession()->get('user');
@ -189,7 +188,7 @@ class Manager
* Returns the current user or null if no user is authenticated
*
* @return User
**/
*/
public function getUser()
{
return $this->user;
@ -200,7 +199,7 @@ class Manager
*
* @return array
* @see User::getGroups
**/
*/
public function getGroups()
{
return $this->user->getGroups();

7
library/Icinga/Web/Notification.php
View File

@ -100,8 +100,11 @@ class Notification
{
$session = Session::getSession();
$msgs = $session->messages;
$session->messages = array();
$session->write();
if (false === empty($msgs)) {
$session->messages = array();
$session->write();
}
return $msgs;
}

26
library/Icinga/Web/Session/PhpSession.php
View File

@ -5,7 +5,7 @@
namespace Icinga\Web\Session;
use Icinga\Logger\Logger;
use \Icinga\Exception\ConfigurationError;
use Icinga\Exception\ConfigurationError;
/**
* Session implementation in PHP
@ -24,21 +24,21 @@ class PhpSession extends Session
*
* @var bool
*/
private $hasBeenTouched = false;
protected $hasBeenTouched = false;
/**
* Name of the session
*
* @var string
*/
private $sessionName = 'Icingaweb2';
protected $sessionName = 'Icingaweb2';
/**
* Configuration for cookie options
*
* @var array
*/
private static $defaultCookieOptions = array(
protected static $defaultCookieOptions = array(
'use_trans_sid' => false,
'use_cookies' => true,
'cookie_httponly' => true,
@ -82,13 +82,16 @@ class PhpSession extends Session
throw new ConfigurationError('Can\'t save session');
}
$this->read();
if ($this->exists()) {
// We do not want to start a new session here if there is not any
$this->read();
}
}
/**
* Open a PHP session
*/
private function open()
protected function open()
{
session_name($this->sessionName);
@ -171,7 +174,7 @@ class PhpSession extends Session
/**
* Remove session cookies
*/
private function clearCookies()
protected function clearCookies()
{
if (ini_get('session.use_cookies')) {
Logger::debug('Clear session cookie');
@ -196,5 +199,14 @@ class PhpSession extends Session
$this->open();
session_regenerate_id();
session_write_close();
$this->hasBeenTouched = true;
}
/**
* @see Session::exists()
*/
public function exists()
{
return isset($_COOKIE[$this->sessionName]);
}
}

7
library/Icinga/Web/Session/Session.php
View File

@ -37,6 +37,13 @@ abstract class Session extends SessionNamespace
throw new NotImplementedError('You are required to implement write() in your session implementation');
}
/**
* Return whether a session exists
*
* @return bool
*/
abstract public function exists();
/**
* Purge session
*/