Avoid erase ALL sessions from tsessions_php (pandora_db)

2020-11-26 18:27:11 +01:00 · 2020-11-26 18:27:11 +01:00 · 7e61465955
parent d08e60f13a
commit 7e61465955
2 changed files with 25 additions and 12 deletions
--- a/pandora_console/include/functions_config.php
+++ b/pandora_console/include/functions_config.php
@ -723,6 +723,14 @@ function config_update_config()

                    if (!config_update_value('session_timeout', get_parameter('session_timeout'))) {
                        $error_update[] = __('Session timeout');
+                    } else {
+                        if ((int) get_parameter('session_timeout') === 0) {
+                            $error_update[] = __('Session timeout forced to 90 minutes');
+
+                            if (!config_update_value('session_timeout', 90)) {
+                                $error_update[] = __('Session timeout');
+                            }
+                        }
                    }

                    if (isset($config['fallback_local_auth']) && $config['fallback_local_auth'] == 0) {
--- a/pandora_server/util/pandora_db.pl
+++ b/pandora_server/util/pandora_db.pl
@ -967,28 +967,33 @@ sub pandora_delete_old_export_data {
 # Delete old session data.
 ##############################################################################
 sub pandora_delete_old_session_data {
-    my ($conf, $dbh, $ulimit_timestamp) = @_;
+	my ($conf, $dbh, $ulimit_timestamp) = @_;

-    my $session_timeout = $conf->{'_session_timeout'};
+	my $session_timeout = $conf->{'_session_timeout'};

-	if ($session_timeout ne '') {
-		if ($session_timeout == -1) {
-			# The session expires in 10 years
-			$session_timeout = 315576000;
-		} else {
-			$session_timeout *= 60;
-		}
+	# DO not erase anything if session_timeout is not set.
+	return unless (defined($session_timeout) && $session_timeout ne '');

-		$ulimit_timestamp = time() - $session_timeout;
+	if ($session_timeout == 0) {
+		# As defined in console.
+		$session_timeout = 90;
 	}

+	if ($session_timeout == -1) {
+		# The session expires in 10 years
+		$session_timeout = 315576000;
+	} else {
+		$session_timeout *= 60;
+	}
+
+	$ulimit_timestamp = time() - $session_timeout;
+
 	log_message ('PURGE', "Deleting old session data from tsessions_php\n");
 	while(db_delete_limit ($dbh, 'tsessions_php', 'last_active < ?', $SMALL_OPERATION_STEP, $ulimit_timestamp) ne '0E0') {
 		usleep (10000);
 	};

-	db_do ($dbh, "DELETE FROM tsessions_php WHERE
-	data IS NULL OR id_session REGEXP '^cron-'");
+	db_do ($dbh, "DELETE FROM tsessions_php WHERE data IS NULL OR id_session REGEXP '^cron-'");
 }

 ###############################################################################