Commit e2b5783a authored by Richard Mansfield's avatar Richard Mansfield
Browse files

On site close, delete session files instead of using session_destroy() (bug #745345)



Change-Id: I40c5871ac79d61c16a7caf9e2ac144bfcfc65b2a
Signed-off-by: default avatarRichard Mansfield <richard.mansfield@catalyst.net.nz>
parent aece6859
......@@ -101,7 +101,7 @@ function close_site_submit(Pieform $form, $values) {
if (!$closed && $values['close']) {
set_config('siteclosedbyadmin', 1);
require_once(get_config('docroot') . 'auth/session.php');
remove_user_sessions();
remove_all_sessions();
}
else if ($closed && !$values['close']) {
set_config('siteclosedbyadmin', 0);
......
......@@ -331,4 +331,22 @@ function remove_user_sessions($userid=null) {
delete_records_select('usr_session', 'session IN (' . join(',', array_map('db_quote', $alive)) . ')');
}
/**
* Delete all session files except for the current one
*/
function remove_all_sessions() {
global $sessionpath, $USER;
$sid = $USER->get('sessionid');
$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($sessionpath));
foreach ($iterator as $path) {
if ($path->isFile() && $path->getFilename() !== ('sess_' . $sid)) {
@unlink($path->getPathname());
}
}
clearstatcache();
delete_records_select('usr_session', 'session != ?', array($sid));
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment