Commit 0c6b05fc authored by Richard Mansfield's avatar Richard Mansfield
Browse files
parents 39b1bbf3 4c1de9fb
......@@ -532,7 +532,7 @@ function login_submit(Pieform $form, $values) {
try {
if (call_static_method($authclass, 'authenticate_user_account', $username, $password, $institution)) {
// User logged in! Set a cookie to remember their institution
set_cookie('institution', $institution);
set_cookie('institution', $institution, 0, get_mahara_install_subdirectory());
$oldlastlogin = null;
if (!record_exists('usr', 'username', $username)) {
......
......@@ -26,6 +26,38 @@
defined('INTERNAL') || die();
//
// Set session settings
//
session_name('mahara');
ini_set('session.save_path', '3;' . get_config('dataroot') . 'sessions');
ini_set('session.gc_divisor', 1000);
// Session timeout is stored in minutes in the database
ini_set('session.gc_maxlifetime', get_config('session_timeout') * 60);
ini_set('session.use_only_cookies', true);
ini_set('session.cookie_path', get_mahara_install_subdirectory());
ini_set('session.cookie_httponly', 1);
// TEMPORARY: this will be REMOVED after the session path changing
// has been around for a bit.
// Attempt to create session directories
$sessionpath = get_config('dataroot') . 'sessions';
if (!is_dir("$sessionpath/0")) {
// Create three levels of directories, named 0-9, a-f
$characters = array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f');
foreach ($characters as $c1) {
check_dir_exists("$sessionpath/$c1");
foreach ($characters as $c2) {
check_dir_exists("$sessionpath/$c1/$c2");
foreach ($characters as $c3) {
check_dir_exists("$sessionpath/$c1/$c2/$c3");
}
}
}
}
/**
* The session class handles session data and messages.
*
......@@ -48,7 +80,7 @@ class Session {
*/
public function __construct() {
// Resume an existing session if required
if (isset($_COOKIE['PHPSESSID'])) {
if (isset($_COOKIE[session_name()])) {
session_start();
}
}
......@@ -161,7 +193,8 @@ class Session {
private function ensure_session() {
if (empty($_SESSION)) {
if (!session_id()) {
session_start();
//session_start();
@session_start();
}
$_SESSION = array(
'messages' => array()
......
......@@ -123,7 +123,8 @@ function ensure_sanity() {
if (
!check_dir_exists(get_config('dataroot') . 'smarty/compile') ||
!check_dir_exists(get_config('dataroot') . 'smarty/cache') ||
!check_dir_exists(get_config('dataroot') . 'templates')) {
!check_dir_exists(get_config('dataroot') . 'templates') ||
!check_dir_exists(get_config('dataroot') . 'sessions')) {
throw new ConfigSanityException(get_string('couldnotmakedatadirectories', 'error'));
}
}
......@@ -1349,4 +1350,16 @@ function get_dir_contents($directory) {
return $contents;
}
/**
* Returns the subdirectory where mahara is installed, normally / but could
* be something different on a shared host. Useful for setting cookie paths.
*
* @return string
*/
function get_mahara_install_subdirectory() {
$wwwroot = get_config('wwwroot');
$wwwroot = preg_replace('#^https?://#', '', $wwwroot);
return substr($wwwroot, strpos($wwwroot, '/'));
}
?>
......@@ -388,6 +388,38 @@ function core_postinst() {
$status = false;
}
}
// Attempt to create session directories
$sessionpath = get_config('dataroot') . 'sessions';
if (check_dir_exists($sessionpath)) {
// Create three levels of directories, named 0-9, a-f
$characters = array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f');
foreach ($characters as $c1) {
if (check_dir_exists("$sessionpath/$c1")) {
foreach ($characters as $c2) {
if (check_dir_exists("$sessionpath/$c1/$c2")) {
foreach ($characters as $c3) {
if (!check_dir_exists("$sessionpath/$c1/$c2/$c3")) {
$status = false;
break(3);
}
}
}
else {
$status = false;
break(2);
}
}
}
else {
$status = false;
break;
}
}
}
else {
$status = false;
}
return $status;
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment