diff --git a/include/class.config.php b/include/class.config.php index 8b85eaeea4b45797c8f064e21dd9911a54515e80..7123205dd2c24e04bd5dda97ef096f6b5c01cd9e 100644 --- a/include/class.config.php +++ b/include/class.config.php @@ -23,17 +23,19 @@ class Config { var $table = 'config'; # Table name (with prefix) var $section_column = 'namespace'; # namespace column name - function Config($section=null) { - $this->load($section ? $section : $this->section); - } + var $session = null; # Session-backed configuration - function load($section=null) { + function Config($section=null) { if ($section) $this->section = $section; if ($this->section === null) return false; + if (!isset($_SESSION['cfg:'.$this->section])) + $_SESSION['cfg:'.$this->section] = array(); + $this->session = &$_SESSION['cfg:'.$this->section]; + $sql='SELECT id, `key`, value FROM '.$this->table .' WHERE `'.$this->section_column.'` = '.db_input($this->section); @@ -46,10 +48,6 @@ class Config { return true; } - function reload() { - return $this->load($this->section); - } - function getNamespace() { return $this->section; } @@ -57,14 +55,25 @@ class Config { function get($key, $default=null) { if (isset($this->config[$key])) return $this->config[$key]['value']; - else + elseif (isset($this->session[$key])) + return $this->session[$key]; + elseif ($default !== null) return $this->set($key, $default); } + function exists($key) { + return $this->get($key, null) ? true : false; + } + function set($key, $value) { return ($this->update($key, $value)) ? $value : null; } + function persist($key, $value) { + $this->session[$key] = $value; + return true; + } + function create($key, $value) { $res = db_query('INSERT INTO '.$this->table .' SET `'.$this->section_column.'`='.db_input($this->section) @@ -111,22 +120,23 @@ class OsticketConfig extends Config { var $alertEmail; //Alert Email var $defaultSMTPEmail; //Default SMTP Email - function load($section) { - parent::load($section); + function OsticketConfig($section=null) { + parent::Config($section); //Get the default time zone // We can't JOIN timezone table above due to upgrade support. - if($this->get('default_timezone_id')) - $this->config['tz_offset'] = - Timezone::getOffsetById($this->get('default_timezone_id')); - else - $this->config['tz_offset'] = 0; - + if ($this->get('default_timezone_id')) { + if (!$this->exists('tz_offset')) + $this->persist('tz_offset', + Timezone::getOffsetById($this->get('default_timezone_id'))); + } else + // Previous osTicket versions saved the offset value instead of + // a timezone instance. This is compatibility for the upgrader + $this->persist('tz_offset', 0); return true; } - function isHelpDeskOffline() { return !$this->isOnline(); } @@ -148,42 +158,36 @@ class OsticketConfig extends Config { return THIS_VERSION; } - //Used to detect version prior to 1.7 (useful during upgrade) - function getDBVersion() { - $sql='SELECT `ostversion` FROM '.TABLE_PREFIX.'config ' - .'WHERE id=1'; - if (($res=db_query($sql)) && ($row=db_fetch_row($res))) - return $row[0]; - } - function getSchemaSignature($section=null) { if (!$section && ($v=$this->get('schema_signature'))) return $v; // 1.7 after namespaced configuration, other namespace - $sql='SELECT value FROM '.$this->table - .'WHERE `key` = "schema_signature" and namespace='.db_input($section); - if (($res=db_query($sql, false)) && ($row=db_fetch_row($res))) - return $row[0]; + if ($section) { + $sql='SELECT value FROM '.$this->table + .'WHERE `key` = "schema_signature" and namespace='.db_input($section); + if (($res=db_query($sql, false)) && db_num_rows($res)) + return db_result($res); + } // 1.7 before namespaced configuration $sql='SELECT `schema_signature` FROM '.$this->table .'WHERE id=1'; - if (($res=db_query($sql, false)) && ($row=db_fetch_row($res))) - return $row[0]; + if (($res=db_query($sql, false)) && db_num_rows($res)) + return db_result($res); // old version 1.6 - return $this->getDBVersion(); + return self::getDBVersion(); } function getDBTZoffset() { - if (!isset($this->_db_tz_offset)) { + if (!$this->exists('db_tz_offset')) { $sql='SELECT (TIME_TO_SEC(TIMEDIFF(NOW(), UTC_TIMESTAMP()))/3600) as db_tz_offset'; if(($res=db_query($sql)) && db_num_rows($res)) - $this->_db_tz_offset = db_result($res); + $this->persist('db_tz_offset', db_result($res)); } - return $this->_db_tz_offset; + return $this->get('db_tz_offset'); } /* Date & Time Formats */ @@ -895,5 +899,12 @@ class OsticketConfig extends Config { 'send_login_errors'=>isset($vars['send_login_errors'])?1:0, )); } + + //Used to detect version prior to 1.7 (useful during upgrade) + /* static */ function getDBVersion() { + $sql='SELECT `ostversion` FROM '.TABLE_PREFIX.'config ' + .'WHERE id=1'; + return db_result(db_query($sql)); + } } ?> diff --git a/include/class.osticket.php b/include/class.osticket.php index 10f543906542396c2c0cc50bcba422fe42bd772e..cd130e1fff77cba5b07d1da07ec0c9c0c5e24e3b 100644 --- a/include/class.osticket.php +++ b/include/class.osticket.php @@ -48,13 +48,9 @@ class osTicket { function osTicket() { - $this->config = new OsticketConfig(); + $this->session = osTicketSession::start(SESSION_TTL); // start DB based session - //DB based session storage was added starting with v1.7 - if($this->config && !$this->getConfig()->getDBVersion()) - $this->session = osTicketSession::start(SESSION_TTL); // start DB based session - else - session_start(); + $this->config = new OsticketConfig(); $this->csrf = new CSRF('__CSRFToken__'); } diff --git a/include/class.ostsession.php b/include/class.ostsession.php index bb35fe23043e7106259b50d1186dadeb2674b0ec..bad26c1e71e7a8ea385a578f59ac4d0140d084d3 100644 --- a/include/class.ostsession.php +++ b/include/class.ostsession.php @@ -17,6 +17,8 @@ class osTicketSession { var $ttl = SESSION_TTL; + var $data = ''; + var $id = ''; function osTicketSession($ttl=0){ @@ -24,50 +26,55 @@ class osTicketSession { if(!$this->ttl) $this->ttl=SESSION_TTL; - //Set handlers. - session_set_save_handler( - array(&$this, 'open'), - array(&$this, 'close'), - array(&$this, 'read'), - array(&$this, 'write'), - array(&$this, 'destroy'), - array(&$this, 'gc') - ); - //Forced cleanup. - register_shutdown_function('session_write_close'); + if ($this->read(session_id()) !== false) { + //Set handlers. + session_set_save_handler( + array(&$this, 'open'), + array(&$this, 'close'), + array(&$this, 'read'), + array(&$this, 'write'), + array(&$this, 'destroy'), + array(&$this, 'gc') + ); + //Forced cleanup. + register_shutdown_function('session_write_close'); + } //Start the session. session_start(); } - + function regenerate_id(){ $oldId = session_id(); session_regenerate_id(); $this->destroy($oldId); } - + function open($save_path, $session_name){ return (true); } - + function close(){ return (true); } - + function read($id){ - $data=""; - $sql='SELECT session_data FROM '.SESSION_TABLE - .' WHERE session_id='.db_input($id) - .' AND session_expire>NOW()'; - if(($res=db_query($sql)) && db_num_rows($res)) - list($data)=db_fetch_row($res); - - return $data; + if (!$this->data || $this->id != $id) { + $sql='SELECT session_data FROM '.SESSION_TABLE + .' WHERE session_id='.db_input($id) + .' AND session_expire>NOW()'; + if(!($res=db_query($sql))) + return false; + elseif (db_num_rows($res)) + list($this->data)=db_fetch_row($res); + $this->id = $id; + } + return $this->data; } function write($id, $data){ global $thisstaff; - $ttl = ($this && get_class($this) == 'osTicketSession') + $ttl = ($this && get_class($this) == 'osTicketSession') ? $this->getTTL() : SESSION_TTL; $sql='REPLACE INTO '.SESSION_TABLE.' SET session_updated=NOW() '. @@ -78,6 +85,7 @@ class osTicketSession { ',user_ip='.db_input($_SERVER['REMOTE_ADDR']). ',user_agent='.db_input($_SERVER['HTTP_USER_AGENT']); + $this->data = ''; return (db_query($sql) && db_affected_rows()); } @@ -85,7 +93,7 @@ class osTicketSession { $sql='DELETE FROM '.SESSION_TABLE.' WHERE session_id='.db_input($id); return (db_query($sql) && db_affected_rows()); } - + function gc($maxlife){ $sql='DELETE FROM '.SESSION_TABLE.' WHERE session_expire<NOW()'; db_query($sql); diff --git a/scp/settings.php b/scp/settings.php index 845659408fba46dbc6c4319da7fe6098d8940311..2b30ced16a154a9a6976206045a801f2ae5efe68 100644 --- a/scp/settings.php +++ b/scp/settings.php @@ -3,7 +3,7 @@ settings.php Handles all admin settings. - + Peter Rotich <peter@osticket.com> Copyright (c) 2006-2013 osTicket http://www.osticket.com @@ -26,7 +26,6 @@ $settingOptions=array( if($_POST && !$errors) { if($cfg && $cfg->updateSettings($_POST,$errors)) { $msg=Format::htmlchars($settingOptions[$_POST['t']]).' Updated Successfully'; - $cfg->reload(); } elseif(!$errors['err']) { $errors['err']='Unable to update settings - correct errors below and try again'; }