Skip to content
Snippets Groups Projects
Commit 1fc40c3e authored by Jared Hancock's avatar Jared Hancock
Browse files

Don't update the session unless it changes

And deadband session token updates to 1 per 30 seconds
parent ea7b8b5e
No related branches found
No related tags found
No related merge requests found
...@@ -18,6 +18,7 @@ class osTicketSession { ...@@ -18,6 +18,7 @@ class osTicketSession {
var $ttl = SESSION_TTL; var $ttl = SESSION_TTL;
var $data = ''; var $data = '';
var $data_hash = '';
var $id = ''; var $id = '';
function osTicketSession($ttl=0){ function osTicketSession($ttl=0){
...@@ -87,12 +88,16 @@ class osTicketSession { ...@@ -87,12 +88,16 @@ class osTicketSession {
list($this->data)=db_fetch_row($res); list($this->data)=db_fetch_row($res);
$this->id = $id; $this->id = $id;
} }
$this->data_hash = md5($this->data);
return $this->data; return $this->data;
} }
function write($id, $data){ function write($id, $data){
global $thisstaff; global $thisstaff;
if (md5($data) == $this->data_hash)
return;
$ttl = ($this && get_class($this) == 'osTicketSession') $ttl = ($this && get_class($this) == 'osTicketSession')
? $this->getTTL() : SESSION_TTL; ? $this->getTTL() : SESSION_TTL;
......
...@@ -66,6 +66,14 @@ class UserSession { ...@@ -66,6 +66,14 @@ class UserSession {
return($token); return($token);
} }
function getLastUpdate($htoken) {
if (!$htoken)
return 0;
@list($hash,$expire,$ip)=explode(":",$htoken);
return $expire;
}
function isvalidSession($htoken,$maxidletime=0,$checkip=false){ function isvalidSession($htoken,$maxidletime=0,$checkip=false){
global $cfg; global $cfg;
...@@ -122,7 +130,10 @@ class ClientSession extends Client { ...@@ -122,7 +130,10 @@ class ClientSession extends Client {
} }
function refreshSession(){ function refreshSession(){
global $_SESSION; $time = $this->session->getLastUpdate($_SESSION['_client']['token']);
// Deadband session token updates to once / 30-seconds
if (time() - $time < 30)
return;
$_SESSION['_client']['token']=$this->getSessionToken(); $_SESSION['_client']['token']=$this->getSessionToken();
//TODO: separate expire time from hash?? //TODO: separate expire time from hash??
} }
...@@ -160,7 +171,11 @@ class StaffSession extends Staff { ...@@ -160,7 +171,11 @@ class StaffSession extends Staff {
} }
function refreshSession(){ function refreshSession(){
global $_SESSION; $time = $this->session->getLastUpdate($_SESSION['_staff']['token']);
// Deadband session token updates to once / 30-seconds
if (time() - $time < 30)
return;
$_SESSION['_staff']['token']=$this->getSessionToken(); $_SESSION['_staff']['token']=$this->getSessionToken();
} }
......
...@@ -21,6 +21,7 @@ function staffLoginPage($msg='Unauthorized') { ...@@ -21,6 +21,7 @@ function staffLoginPage($msg='Unauthorized') {
exit; exit;
} }
define('AJAX_REQUEST', 1);
require('staff.inc.php'); require('staff.inc.php');
//Clean house...don't let the world see your crap. //Clean house...don't let the world see your crap.
......
...@@ -14,6 +14,7 @@ ...@@ -14,6 +14,7 @@
vim: expandtab sw=4 ts=4 sts=4: vim: expandtab sw=4 ts=4 sts=4:
**********************************************************************/ **********************************************************************/
define('AJAX_REQUEST', 1);
require('staff.inc.php'); require('staff.inc.php');
ignore_user_abort(1);//Leave me a lone bro! ignore_user_abort(1);//Leave me a lone bro!
@set_time_limit(0); //useless when safe_mode is on @set_time_limit(0); //useless when safe_mode is on
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment