Try to improve session handling.
This commit is contained in:
parent
c867de95dc
commit
53d646b519
|
@ -1,9 +1,4 @@
|
||||||
<?php
|
<?php
|
||||||
session_start();
|
|
||||||
if (! isset($_SESSION['last_access']) || (time() - $_SESSION['last_access']) > 60) {
|
|
||||||
$_SESSION['last_access'] = time();
|
|
||||||
}
|
|
||||||
|
|
||||||
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (100)) . " GMT");
|
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (100)) . " GMT");
|
||||||
header("Cache-Control: max-age=100");
|
header("Cache-Control: max-age=100");
|
||||||
header("Pragma: cache");
|
header("Pragma: cache");
|
||||||
|
@ -11,6 +6,10 @@ header("Pragma: cache");
|
||||||
include "config.inc.php";
|
include "config.inc.php";
|
||||||
include "$file_newsportal";
|
include "$file_newsportal";
|
||||||
|
|
||||||
|
if (! isset($_SESSION['last_access']) || (time() - $_SESSION['last_access']) > 60) {
|
||||||
|
$_SESSION['last_access'] = time();
|
||||||
|
}
|
||||||
|
|
||||||
$logfile = $logdir . '/newsportal.log';
|
$logfile = $logdir . '/newsportal.log';
|
||||||
if (isset($_COOKIE['mail_name'])) {
|
if (isset($_COOKIE['mail_name'])) {
|
||||||
if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
|
if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
<?php
|
<?php
|
||||||
session_start();
|
|
||||||
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600 * 24)) . " GMT");
|
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600 * 24)) . " GMT");
|
||||||
|
|
||||||
include "config.inc.php";
|
include "config.inc.php";
|
||||||
|
|
|
@ -1,9 +1,12 @@
|
||||||
<?php
|
<?php
|
||||||
session_start();
|
|
||||||
include "../common/config.inc.php";
|
|
||||||
|
|
||||||
ini_set('memory_limit', '1536M');
|
ini_set('memory_limit', '1536M');
|
||||||
|
if (!isset($_SESSION)) {
|
||||||
ini_set('session.gc_maxlifetime', 14400);
|
ini_set('session.gc_maxlifetime', 14400);
|
||||||
|
session_set_cookie_params(14400);
|
||||||
|
session_start();
|
||||||
|
}
|
||||||
|
|
||||||
|
include "../common/config.inc.php";
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Config file name should be the basename
|
* Config file name should be the basename
|
||||||
|
|
|
@ -1,17 +1,16 @@
|
||||||
<?php
|
<?php
|
||||||
session_start();
|
|
||||||
if (! isset($_SESSION['last_access']) || (time() - $_SESSION['last_access']) > 60) {
|
|
||||||
$_SESSION['last_access'] = time();
|
|
||||||
}
|
|
||||||
|
|
||||||
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (30)) . " GMT");
|
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (30)) . " GMT");
|
||||||
header("Cache-Control: max-age=30");
|
header("Cache-Control: max-age=30");
|
||||||
header("Pragma: cache");
|
header("Pragma: cache");
|
||||||
|
|
||||||
$_SESSION['isframed'] = 1;
|
|
||||||
|
|
||||||
include "config.inc.php";
|
include "config.inc.php";
|
||||||
include ("$file_newsportal");
|
include ("$file_newsportal");
|
||||||
|
|
||||||
|
if (! isset($_SESSION['last_access']) || (time() - $_SESSION['last_access']) > 60) {
|
||||||
|
$_SESSION['last_access'] = time();
|
||||||
|
}
|
||||||
|
$_SESSION['isframed'] = 1;
|
||||||
|
|
||||||
if (isset($frames_on) && $frames_on === true) {
|
if (isset($frames_on) && $frames_on === true) {
|
||||||
?>
|
?>
|
||||||
<script>
|
<script>
|
||||||
|
|
|
@ -1286,7 +1286,6 @@ function set_user_logged_in_cookies($name, $keys) {
|
||||||
$key = openssl_random_pseudo_bytes(44);
|
$key = openssl_random_pseudo_bytes(44);
|
||||||
set_user_config($name, 'encryptionkey', base64_encode($key));
|
set_user_config($name, 'encryptionkey', base64_encode($key));
|
||||||
file_put_contents($debug_log, "\n" . logging_prefix() . " Created encryptionkey for: " . $name, FILE_APPEND);
|
file_put_contents($debug_log, "\n" . logging_prefix() . " Created encryptionkey for: " . $name, FILE_APPEND);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$name = trim($name);
|
$name = trim($name);
|
||||||
|
@ -1362,8 +1361,12 @@ function check_bbs_auth($username, $password)
|
||||||
if (password_verify($password, $userFileInfo)) {
|
if (password_verify($password, $userFileInfo)) {
|
||||||
touch($userFilename);
|
touch($userFilename);
|
||||||
$ok = TRUE;
|
$ok = TRUE;
|
||||||
|
} else {
|
||||||
|
if(trim($password) == '') {
|
||||||
|
file_put_contents($logfile, "\n" . logging_prefix() . " AUTH Failed for: " . $username . ' (no password)', FILE_APPEND);
|
||||||
} else {
|
} else {
|
||||||
file_put_contents($logfile, "\n" . logging_prefix() . " AUTH Failed for: " . $username . ' (password incorrect)', FILE_APPEND);
|
file_put_contents($logfile, "\n" . logging_prefix() . " AUTH Failed for: " . $username . ' (password incorrect)', FILE_APPEND);
|
||||||
|
}
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
<?php
|
<?php
|
||||||
session_start();
|
|
||||||
if (! isset($_SESSION['last_access']) || (time() - $_SESSION['last_access']) > 60) {
|
|
||||||
$_SESSION['last_access'] = time();
|
|
||||||
}
|
|
||||||
|
|
||||||
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (120)) . " GMT");
|
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (120)) . " GMT");
|
||||||
header("Cache-Control: max-age=120");
|
header("Cache-Control: max-age=120");
|
||||||
header("Pragma: cache");
|
header("Pragma: cache");
|
||||||
|
@ -32,6 +27,10 @@ header("Pragma: cache");
|
||||||
include "config.inc.php";
|
include "config.inc.php";
|
||||||
include "$file_newsportal";
|
include "$file_newsportal";
|
||||||
|
|
||||||
|
if (! isset($_SESSION['last_access']) || (time() - $_SESSION['last_access']) > 60) {
|
||||||
|
$_SESSION['last_access'] = time();
|
||||||
|
}
|
||||||
|
|
||||||
if (isset($frames_on) && $frames_on === true) {
|
if (isset($frames_on) && $frames_on === true) {
|
||||||
?>
|
?>
|
||||||
<script>
|
<script>
|
||||||
|
|
|
@ -22,39 +22,23 @@
|
||||||
* along with this program; if not, write to the Free Software
|
* along with this program; if not, write to the Free Software
|
||||||
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||||
*/
|
*/
|
||||||
session_start();
|
include "config.inc.php";
|
||||||
|
$CONFIG = include ($config_file);
|
||||||
|
include $file_newsportal;
|
||||||
|
|
||||||
|
include "head.inc";
|
||||||
|
|
||||||
|
if (disable_page_by_user_agent($client_device, "bot", "Post")) {
|
||||||
|
echo "<center>Page Disabled</center>";
|
||||||
|
include "tail.inc";
|
||||||
|
exit();
|
||||||
|
}
|
||||||
|
|
||||||
if (! isset($_SESSION['last_access']) || (time() - $_SESSION['last_access']) > 60) {
|
if (! isset($_SESSION['last_access']) || (time() - $_SESSION['last_access']) > 60) {
|
||||||
$_SESSION['last_access'] = time();
|
$_SESSION['last_access'] = time();
|
||||||
}
|
}
|
||||||
include "config.inc.php";
|
|
||||||
$CONFIG = include ($config_file);
|
|
||||||
$logfile = $logdir . '/post.log';
|
|
||||||
|
|
||||||
$ip_pass = false;
|
$logfile = $logdir . '/post.log';
|
||||||
if (! isset($_SESSION['remote_address'])) {
|
|
||||||
$_SESSION['remote_address'] = $_SERVER['REMOTE_ADDR'];
|
|
||||||
$_SESSION['start_address'] = $_SESSION['remote_address'];
|
|
||||||
$ip_pass = true;
|
|
||||||
} else {
|
|
||||||
if ($_SERVER['REMOTE_ADDR'] != $_SESSION['start_address']) {
|
|
||||||
$ip_pass = false;
|
|
||||||
} else {
|
|
||||||
$ip_pass = true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if ($ip_pass && (isset($_SESSION['pass']) && $_SESSION['pass'] === true)) {
|
|
||||||
$logged_in = true;
|
|
||||||
} else {
|
|
||||||
$logged_in = false;
|
|
||||||
}
|
|
||||||
if ($CONFIG['anonuser'] == '1') {
|
|
||||||
$logged_in = false;
|
|
||||||
}
|
|
||||||
// This will log user post info (group and username)
|
|
||||||
$enable_post_log = false;
|
|
||||||
if ($OVERRIDES['enable_post_log'] > 0) {
|
|
||||||
$enable_post_log = $OVERRIDES['enable_post_log'];
|
|
||||||
}
|
|
||||||
|
|
||||||
@$fieldnamedecrypt = $_REQUEST['fielddecrypt'];
|
@$fieldnamedecrypt = $_REQUEST['fielddecrypt'];
|
||||||
@$newsgroups = $_REQUEST["newsgroups"];
|
@$newsgroups = $_REQUEST["newsgroups"];
|
||||||
|
@ -68,6 +52,40 @@ if ($OVERRIDES['enable_post_log'] > 0) {
|
||||||
@$references = $_REQUEST["references"];
|
@$references = $_REQUEST["references"];
|
||||||
@$id = $_REQUEST["id"];
|
@$id = $_REQUEST["id"];
|
||||||
|
|
||||||
|
// Load name from cookies
|
||||||
|
if ($setcookies) {
|
||||||
|
if ((isset($_COOKIE["mail_name"])) && (! isset($name)))
|
||||||
|
$name = $_COOKIE["mail_name"];
|
||||||
|
}
|
||||||
|
|
||||||
|
$ip_pass = false;
|
||||||
|
if (! isset($_SESSION['remote_address'])) {
|
||||||
|
$_SESSION['remote_address'] = $_SERVER['REMOTE_ADDR'];
|
||||||
|
$_SESSION['start_address'] = $_SESSION['remote_address'];
|
||||||
|
$ip_pass = true;
|
||||||
|
} else {
|
||||||
|
if ($_SERVER['REMOTE_ADDR'] != $_SESSION['start_address']) {
|
||||||
|
$ip_pass = false;
|
||||||
|
file_put_contents($auth_log, "\n" . logging_prefix() . " IP addresses changed for: " . $name, FILE_APPEND);
|
||||||
|
} else {
|
||||||
|
$ip_pass = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if ($ip_pass && (isset($_SESSION['pass']) && $_SESSION['pass'] === true)) {
|
||||||
|
$logged_in = true;
|
||||||
|
} else {
|
||||||
|
$logged_in = false;
|
||||||
|
file_put_contents($auth_log, "\n" . logging_prefix() . " SESSION auth expired or not exist for: " . $name, FILE_APPEND);
|
||||||
|
}
|
||||||
|
if ($CONFIG['anonuser'] == '1') {
|
||||||
|
$logged_in = false;
|
||||||
|
}
|
||||||
|
// This will log user post info (group and username)
|
||||||
|
$enable_post_log = false;
|
||||||
|
if ($OVERRIDES['enable_post_log'] > 0) {
|
||||||
|
$enable_post_log = $OVERRIDES['enable_post_log'];
|
||||||
|
}
|
||||||
|
|
||||||
$allow_ng_header_edit_post = true;
|
$allow_ng_header_edit_post = true;
|
||||||
$allow_ng_header_edit_reply = false;
|
$allow_ng_header_edit_reply = false;
|
||||||
|
|
||||||
|
@ -119,15 +137,6 @@ if ((isset($post_server)) && ($post_server != ""))
|
||||||
if ((isset($post_port)) && ($post_port != ""))
|
if ((isset($post_port)) && ($post_port != ""))
|
||||||
$port = $post_port;
|
$port = $post_port;
|
||||||
|
|
||||||
include $file_newsportal;
|
|
||||||
include "head.inc";
|
|
||||||
|
|
||||||
if (disable_page_by_user_agent($client_device, "bot", "Post")) {
|
|
||||||
echo "<center>Page Disabled</center>";
|
|
||||||
include "tail.inc";
|
|
||||||
exit();
|
|
||||||
}
|
|
||||||
|
|
||||||
global $synchro_user, $synchro_pass;
|
global $synchro_user, $synchro_pass;
|
||||||
// check to which groups the user is allowed to post to
|
// check to which groups the user is allowed to post to
|
||||||
$thisgroup = _rawurldecode($_REQUEST['group']);
|
$thisgroup = _rawurldecode($_REQUEST['group']);
|
||||||
|
@ -167,14 +176,6 @@ if ((function_exists("npreg_group_has_read_access") && ! npreg_group_has_read_ac
|
||||||
die("access denied");
|
die("access denied");
|
||||||
}
|
}
|
||||||
|
|
||||||
// Load name from cookies
|
|
||||||
if ($setcookies) {
|
|
||||||
if ((isset($_COOKIE["mail_name"])) && (! isset($name)))
|
|
||||||
$name = $_COOKIE["mail_name"];
|
|
||||||
// if ((isset($_COOKIE["cookie_email"])) && (!isset($email)))
|
|
||||||
// $email=$_COOKIE["cookie_email"];
|
|
||||||
}
|
|
||||||
|
|
||||||
// Load name and email from the registration system, if available
|
// Load name and email from the registration system, if available
|
||||||
if (function_exists("npreg_get_name")) {
|
if (function_exists("npreg_get_name")) {
|
||||||
$name = npreg_get_name();
|
$name = npreg_get_name();
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
session_cache_limiter('public');
|
session_cache_limiter('public');
|
||||||
session_start();
|
|
||||||
|
|
||||||
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (120)) . " GMT");
|
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (120)) . " GMT");
|
||||||
header("Cache-Control: max-age=120");
|
header("Cache-Control: max-age=120");
|
||||||
|
@ -89,7 +88,6 @@ if ((! isset($_POST['key']) || ! password_verify($CONFIG['thissitekey'], $_POST[
|
||||||
echo '</tr><tr>';
|
echo '</tr><tr>';
|
||||||
echo '<td><input type="submit" name="Submit" value="Search"></td>';
|
echo '<td><input type="submit" name="Submit" value="Search"></td>';
|
||||||
echo '</tr></table></td></form></tr></table>';
|
echo '</tr></table></td></form></tr></table>';
|
||||||
|
|
||||||
// Block poster
|
// Block poster
|
||||||
if (isset($_COOKIE['mail_name'])) {
|
if (isset($_COOKIE['mail_name'])) {
|
||||||
if (isset($_REQUEST['data'])) {
|
if (isset($_REQUEST['data'])) {
|
||||||
|
@ -229,7 +227,7 @@ if (isset($search_group)) {
|
||||||
echo '</tr></table>';
|
echo '</tr></table>';
|
||||||
}
|
}
|
||||||
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
|
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
|
||||||
echo '<td class="np_ob_style_toggle">';
|
echo '<td class="np_search_sort_toggle">';
|
||||||
|
|
||||||
echo '<div style="float:right;">';
|
echo '<div style="float:right;">';
|
||||||
if ($_REQUEST['searchpoint'] == 'body') {
|
if ($_REQUEST['searchpoint'] == 'body') {
|
||||||
|
@ -398,15 +396,12 @@ function get_body_search($group, $terms)
|
||||||
$dbh = null;
|
$dbh = null;
|
||||||
}
|
}
|
||||||
// do not perform a usort of an empty search result
|
// do not perform a usort of an empty search result
|
||||||
|
|
||||||
if ($_SESSION['searchsort'] != 'date') {
|
|
||||||
if ($overview != null) {
|
if ($overview != null) {
|
||||||
|
if ($_SESSION['searchsort'] != 'date') {
|
||||||
usort($overview, function ($a, $b) {
|
usort($overview, function ($a, $b) {
|
||||||
return $a['rank'] <=> $b['rank'];
|
return $a['rank'] <=> $b['rank'];
|
||||||
});
|
});
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
if ($overview != null) {
|
|
||||||
usort($overview, function ($a, $b) {
|
usort($overview, function ($a, $b) {
|
||||||
return $b['date'] <=> $a['date'];
|
return $b['date'] <=> $a['date'];
|
||||||
});
|
});
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
<?php
|
<?php
|
||||||
session_start();
|
|
||||||
if (! isset($_SESSION['last_access']) || (time() - $_SESSION['last_access']) > 60) {
|
|
||||||
$_SESSION['last_access'] = time();
|
|
||||||
}
|
|
||||||
|
|
||||||
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (100)) . " GMT");
|
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (100)) . " GMT");
|
||||||
header("Cache-Control: max-age=100");
|
header("Cache-Control: max-age=100");
|
||||||
header("Pragma: cache");
|
header("Pragma: cache");
|
||||||
|
@ -13,6 +8,10 @@ $_SESSION['group'] = $_SERVER['REQUEST_URI'];
|
||||||
include "config.inc.php";
|
include "config.inc.php";
|
||||||
include ("$file_newsportal");
|
include ("$file_newsportal");
|
||||||
|
|
||||||
|
if (! isset($_SESSION['last_access']) || (time() - $_SESSION['last_access']) > 60) {
|
||||||
|
$_SESSION['last_access'] = time();
|
||||||
|
}
|
||||||
|
|
||||||
// register parameters
|
// register parameters
|
||||||
$group = _rawurldecode($_REQUEST["group"]);
|
$group = _rawurldecode($_REQUEST["group"]);
|
||||||
if (isset($_REQUEST["first"]))
|
if (isset($_REQUEST["first"]))
|
||||||
|
|
Loading…
Reference in New Issue