tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fixed session bugs

This commit is contained in:
daniel 2018-11-20 18:07:43 +01:00
parent 20cbe0d767
commit a089a93477
4 changed files with 18 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
pandora_console/include/config_process.php
View File

@ -171,19 +171,21 @@ require_once ($ownDir. 'functions_config.php');
date_default_timezone_set("Europe/Madrid"); date_default_timezone_set("Europe/Madrid");
//////////////////////////////////////
//// PLEASE DO NOT CHANGE ORDER //////
//////////////////////////////////////
require_once ($config["homedir"].'/include/load_session.php');
if (empty(session_id())) session_start();
config_process_config(); config_process_config();
config_prepare_session(); config_prepare_session();
require_once ($config["homedir"].'/include/load_session.php');
if(session_id() == '') {
$resultado = session_start();
}
// Set a the system timezone default // Set a the system timezone default
if ((!isset($config["timezone"])) OR ($config["timezone"] == "")) { if ((!isset($config["timezone"])) OR ($config["timezone"] == "")) {
$config["timezone"] = "Europe/Berlin"; $config["timezone"] = "Europe/Berlin";
} }
////////////////////////////////////////
date_default_timezone_set($config["timezone"]); date_default_timezone_set($config["timezone"]);

4
pandora_console/include/functions_config.php
View File

@ -2329,11 +2329,7 @@ function config_prepare_session() {
else else
$sessionCookieExpireTime *= 60; $sessionCookieExpireTime *= 60;
@ini_set('session.gc_maxlifetime', $sessionCookieExpireTime);
@session_set_cookie_params ($sessionCookieExpireTime);
// Reset the expiration time upon page load //session_name() is default name of session PHPSESSID // Reset the expiration time upon page load //session_name() is default name of session PHPSESSID
if (isset($_COOKIE[session_name()])) if (isset($_COOKIE[session_name()]))
setcookie(session_name(), $_COOKIE[session_name()], time() + $sessionCookieExpireTime, "/"); setcookie(session_name(), $_COOKIE[session_name()], time() + $sessionCookieExpireTime, "/");

2
pandora_console/include/load_session.php
View File

@ -77,6 +77,6 @@ function pandora_session_gc ($max_lifetime = 300) {
return $retval; return $retval;
} }
$result_handler = @session_set_save_handler ('pandora_session_open', 'pandora_session_close', 'pandora_session_read', 'pandora_session_write', 'pandora_session_destroy', 'pandora_session_gc'); $result_handler = session_set_save_handler ('pandora_session_open', 'pandora_session_close', 'pandora_session_read', 'pandora_session_write', 'pandora_session_destroy', 'pandora_session_gc');
?> ?>

16
pandora_console/index.php
View File

@ -105,10 +105,9 @@ if ((! file_exists ("include/config.php")) || (! is_readable ("include/config.ph
exit; exit;
} }
// Real start //////////////////////////////////////
if(session_id() == '') { //// PLEASE DO NOT CHANGE ORDER //////
session_start (); //////////////////////////////////////
}
require_once ("include/config.php"); require_once ("include/config.php");
require_once ("include/functions_config.php"); require_once ("include/functions_config.php");
@ -126,6 +125,7 @@ if ($config['metaconsole'] == 1 && $config['enterprise_installed'] == 1) {
if (file_exists (ENTERPRISE_DIR . "/include/functions_login.php")) { if (file_exists (ENTERPRISE_DIR . "/include/functions_login.php")) {
include_once (ENTERPRISE_DIR . "/include/functions_login.php"); include_once (ENTERPRISE_DIR . "/include/functions_login.php");
} }
////////////////////////////////////////
if (!empty ($config["https"]) && empty ($_SERVER['HTTPS'])) { if (!empty ($config["https"]) && empty ($_SERVER['HTTPS'])) {
$query = ''; $query = '';
@ -564,6 +564,7 @@ if (! isset ($config['id_user'])) {
if($home_page == 'Visual console') unset($query_params_redirect["sec2"]); if($home_page == 'Visual console') unset($query_params_redirect["sec2"]);
$redirect_url = '?1=1'; $redirect_url = '?1=1';
foreach ($query_params_redirect as $key => $value) { foreach ($query_params_redirect as $key => $value) {
if ($key == "login") continue;
$redirect_url .= '&'.safe_url_extraclean($key).'='.safe_url_extraclean($value); $redirect_url .= '&'.safe_url_extraclean($key).'='.safe_url_extraclean($value);
} }
header("Location: ".$config['homeurl']."index.php".$redirect_url); header("Location: ".$config['homeurl']."index.php".$redirect_url);
@ -810,8 +811,11 @@ if (isset ($_GET["bye"])) {
$iduser = $_SESSION["id_usuario"]; $iduser = $_SESSION["id_usuario"];
db_logoff ($iduser, $_SERVER['REMOTE_ADDR']); db_logoff ($iduser, $_SERVER['REMOTE_ADDR']);
// Unregister Session (compatible with 5.2 and 6.x, old code was deprecated // Unregister Session (compatible with 5.2 and 6.x, old code was deprecated
unset($_SESSION['id_usuario']); $_SESSION = array();
unset($iduser); session_destroy();
header_remove("Set-Cookie");
setcookie(session_name(), $_COOKIE[session_name()], time() - 4800, "/");
if ($config['auth'] == 'saml') { if ($config['auth'] == 'saml') {
require_once($config['saml_path'] . 'simplesamlphp/lib/_autoload.php'); require_once($config['saml_path'] . 'simplesamlphp/lib/_autoload.php');
$as = new SimpleSAML_Auth_Simple('PandoraFMS'); $as = new SimpleSAML_Auth_Simple('PandoraFMS');