| | |
|---|
| | | | Author: Thomas Bruederli <roundcube@gmail.com> | |
|---|
| | | | Author: Aleksander Machniak <alec@alec.pl> | |
|---|
| | | +-----------------------------------------------------------------------+ |
|---|
| | | |
|---|
| | | $Id: session.inc 2932 2009-09-07 12:51:21Z alec $ |
|---|
| | | |
|---|
| | | */ |
|---|
| | | |
|---|
| | | /** |
|---|
| | |
|---|
| | | private $vars = false; |
|---|
| | | private $key; |
|---|
| | | private $now; |
|---|
| | | private $prev; |
|---|
| | | private $secret = ''; |
|---|
| | | private $ip_check = false; |
|---|
| | | private $logging = false; |
|---|
| | |
|---|
| | | |
|---|
| | | // use memcache backend |
|---|
| | | if ($config->get('session_storage', 'db') == 'memcache') { |
|---|
| | | $this->memcache = rcmail::get_instance()->get_memcache(); |
|---|
| | | $this->memcache = rcube::get_instance()->get_memcache(); |
|---|
| | | |
|---|
| | | // set custom functions for PHP session management if memcache is available |
|---|
| | | if ($this->memcache) { |
|---|
| | |
|---|
| | | $this->vars = false; |
|---|
| | | $this->ip = $_SERVER['REMOTE_ADDR']; // update IP (might have changed) |
|---|
| | | $this->destroy(session_id()); |
|---|
| | | rcmail::setcookie($this->cookiename, '-del-', time() - 60); |
|---|
| | | rcube_utils::setcookie($this->cookiename, '-del-', time() - 60); |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | |
|---|
| | | // valid time range is now - 1/2 lifetime to now + 1/2 lifetime |
|---|
| | | $now = time(); |
|---|
| | | $this->now = $now - ($now % ($this->lifetime / 2)); |
|---|
| | | $this->prev = $this->now - ($this->lifetime / 2); |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | |
|---|
| | | $this->log("IP check failed for " . $this->key . "; expected " . $this->ip . "; got " . $_SERVER['REMOTE_ADDR']); |
|---|
| | | |
|---|
| | | if ($result && $this->_mkcookie($this->now) != $this->cookie) { |
|---|
| | | // Check if using id from previous time slot |
|---|
| | | if ($this->_mkcookie($this->prev) == $this->cookie) { |
|---|
| | | $this->set_auth_cookie(); |
|---|
| | | $this->log("Session auth check failed for " . $this->key . "; timeslot = " . date('Y-m-d H:i:s', $this->now)); |
|---|
| | | $result = false; |
|---|
| | | |
|---|
| | | // Check if using id from a previous time slot |
|---|
| | | for ($i = 1; $i <= 2; $i++) { |
|---|
| | | $prev = $this->now - ($this->lifetime / 2) * $i; |
|---|
| | | if ($this->_mkcookie($prev) == $this->cookie) { |
|---|
| | | $this->log("Send new auth cookie for " . $this->key . ": " . $this->cookie); |
|---|
| | | $this->set_auth_cookie(); |
|---|
| | | $result = true; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | else { |
|---|
| | | $result = false; |
|---|
| | | $this->log("Session authentication failed for " . $this->key . "; invalid auth cookie sent"); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | if (!$result) |
|---|
| | | $this->log("Session authentication failed for " . $this->key . "; invalid auth cookie sent; timeslot = " . date('Y-m-d H:i:s', $prev)); |
|---|
| | | |
|---|
| | | return $result; |
|---|
| | | } |
|---|
| | |
|---|
| | | function set_auth_cookie() |
|---|
| | | { |
|---|
| | | $this->cookie = $this->_mkcookie($this->now); |
|---|
| | | rcmail::setcookie($this->cookiename, $this->cookie, 0); |
|---|
| | | rcube_utils::setcookie($this->cookiename, $this->cookie, 0); |
|---|
| | | $_COOKIE[$this->cookiename] = $this->cookie; |
|---|
| | | } |
|---|
| | | |
|---|
| | |
|---|
| | | function log($line) |
|---|
| | | { |
|---|
| | | if ($this->logging) |
|---|
| | | rcmail::write_log('session', $line); |
|---|
| | | rcube::write_log('session', $line); |
|---|
| | | } |
|---|
| | | |
|---|
| | | } |
|---|
