Commit 93cbfb16 authored by Aaron Wells's avatar Aaron Wells

Support for custom session save path

Bug 1250256

Change-Id: Iefd489adb4f7d458d1e8b45727fab5509c61398b
parent 8689321f
......@@ -15,7 +15,8 @@ defined('INTERNAL') || die();
// Set session settings
//
session_name(get_config('cookieprefix') . 'mahara');
ini_set('session.save_path', '3;' . get_config('dataroot') . 'sessions');
$sessionpath = get_config('sessionpath');
ini_set('session.save_path', '3;' . $sessionpath);
ini_set('session.gc_divisor', 1000);
ini_set('session.gc_maxlifetime', get_config('session_timeout'));
ini_set('session.use_only_cookies', true);
......@@ -31,7 +32,6 @@ if (is_https()) {
}
// Attempt to create session directories
$sessionpath = get_config('dataroot') . 'sessions';
if (!is_dir("$sessionpath/0")) {
// Create three levels of directories, named 0-9, a-f
$characters = array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f');
......
......@@ -76,6 +76,11 @@ foreach (array('docroot', 'dataroot') as $path) {
$CFG->{$path} = (substr($CFG->{$path}, -1) != '/') ? $CFG->{$path} . '/' : $CFG->{$path};
}
// Set default configs that are dependent on the docroot and dataroot
if (empty($CFG->sessionpath)) {
$CFG->sessionpath = $CFG->dataroot . 'sessions';
}
// xmldb stuff
$CFG->xmldbdisablenextprevchecking = true;
$CFG->xmldbdisablecommentchecking = true;
......
......@@ -40,6 +40,7 @@ $string['apcstatoff'] = 'Your server appears to be running APC with apc.stat=0.
If you are on shared hosting, it is likely that there is little you can do to get apc.stat turned on other than ask your hosting provider. Perhaps you could consider moving to a different host.';
$string['datarootinsidedocroot'] = 'You have set up your data root to be inside your document root. This is a large security problem as then anyone can directly request session data (in order to hijack other people\'s sessions) or files that they are not allowed to access that other people have uploaded. Please configure the data root to be outside of the document root.';
$string['datarootnotwritable'] = 'Your defined data root directory, %s, is not writable. This means that neither session data, user files nor anything else that needs to be uploaded can be saved on your server. Please make the directory if it does not exist or give ownership of the directory to the web server user if it does.';
$string['sessionpathnotwritable'] = 'Your session data directory, %s, is not writable. Please create the directory if it does not exist or give ownership of the directory to the web server user if it does.';
$string['wwwrootnothttps'] = 'Your defined wwwroot, %s, is not HTTPS. However, other settings (such as sslproxy) for your installation require that your wwwroot is a HTTPS address.
Please update your wwwroot setting to be a HTTPS address or fix the incorrect setting.';
......
......@@ -290,6 +290,15 @@ $cfg->unziplistarg = '-l';
* you must change this to something unique, eg /tmp/mahara1/ and /tmp/mahara2/
*/
// $cfg->unziptempdir = '/tmp/mahara/';
/**
* @global string $cfg->sessionpath The directory to store session files in. Defaults to $cfg->dataroot.'sessions'.
* This path should NOT end with a "/"
*
* If your dataroot is stored on a slow volume (such as NFS) you may want to change this to a local directory.
* Although if you're using a web server cluster, be aware that session files need to be stored in a location shared
* by all servers, or you need to use persistence to send each user to only one server per session.
*/
// $cfg->sessionpath = '/tmp/mahara-sessions';
/**
* @global int $cfg->accesstimeupdatefrequency How often Mahara should update the last
......
......@@ -145,7 +145,6 @@ function ensure_sanity() {
if (
!check_dir_exists(get_config('dataroot') . 'smarty/compile') ||
!check_dir_exists(get_config('dataroot') . 'smarty/cache') ||
!check_dir_exists(get_config('dataroot') . 'sessions') ||
!check_dir_exists(get_config('dataroot') . 'temp') ||
!check_dir_exists(get_config('dataroot') . 'langpacks') ||
!check_dir_exists(get_config('dataroot') . 'htmlpurifier') ||
......@@ -153,6 +152,11 @@ function ensure_sanity() {
!check_dir_exists(get_config('dataroot') . 'images')) {
throw new ConfigSanityException(get_string('couldnotmakedatadirectories', 'error'));
}
// Since sessionpath can now exist outside of the the dataroot, check it separately.
// NOTE: If we implement separate session handlers, we may want to remove or alter this check
if (!check_dir_exists(get_config('sessionpath')) || !is_writable(get_config('sessionpath'))) {
throw new ConfigSanityException(get_string('sessionpathnotwritable', 'error', get_config('sessionpath')));
}
raise_memory_limit('128M');
}
......
......@@ -532,7 +532,7 @@ function core_postinst() {
}
// Attempt to create session directories
$sessionpath = get_config('dataroot') . 'sessions';
$sessionpath = get_config('sessionpath');
if (check_dir_exists($sessionpath)) {
// Create three levels of directories, named 0-9, a-f
$characters = array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f');
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment