]> git.datanom.net - qtadmin.git/blobdiff - lib/utils.inc.php
Fix bug in session handler
[qtadmin.git] / lib / utils.inc.php
index e59cf8c1379132517b37d1d7930fb13d457f33cc..27cb00bd86bfe9057d3fd97eb33d97e5b72fae88 100644 (file)
@@ -9,6 +9,7 @@ class Utils {
     private $user;
     private $is_admin;
     private $loginStatus;
+    private $timeout;
     private $header = '<!DOCTYPE html>
 <html>
 <head>
@@ -31,12 +32,13 @@ class Utils {
         global $CFG;
 
         $this->server = $_SERVER;
-        session_start();
 
         $this->user = null;
         $this->is_admin = false;
         $this->loginStatus = 'Not logged in';
 
+        $this->startSession();
+
         if (isset($_SESSION['user'])) {
             $this->user = $_SESSION['user'];
             $this->loginStatus = 'OK';
@@ -57,34 +59,43 @@ class Utils {
 
     private function __clone() {}
 
+    private function startSession() {
+        global $CFG;
+
+        if (isset($CFG->session_timeout)) {
+            $this->timeout = $CFG->session_timeout * 60;
+        } else {
+            $this->timeout = 20 * 60;
+        }
+
+        if (ini_get('session.gc_maxlifetime') != $this->timeout)
+            ini_set('session.gc_maxlifetime', $this->timeout);
+        if (ini_get('session.cookie_lifetime') != $this->timeout)
+            ini_set('session.cookie_lifetime', $this->timeout);
+
+        session_start();
+
+        //echo ini_get('session.gc_maxlifetime').':'.ini_get('session.cookie_lifetime');
+    }
+
     public static function getInstance() {
         global $CFG;
 
         if (!is_object(self::$_instance)) {
             self::$_instance = new Utils();
         }
-        // Session timeout handler
-        if ('' == session_id())
-            session_start();
-        if (isset($CFG->session_timeout)) {
-            $timeout = $CFG->session_timeout * 60;
-        } else {
-            $timeout = 20 * 60;
-        }
 
-        if (ini_get('session.gc_maxlifetime') != $timeout)
-            ini_set('session.gc_maxlifetime', $timeout);
-        if (ini_get('session.cookie_lifetime') != $timeout)
-            ini_set('session.cookie_lifetime', $timeout);
         $time = $_SERVER['REQUEST_TIME'];
-        if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $timeout) {
+        if (isset($_SESSION['LAST_ACTIVITY']) &&
+                ($time - $_SESSION['LAST_ACTIVITY']) >= self::$_instance->timeout) {
+            echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
             session_unset();
             session_destroy();
-            session_start();
             self::$_instance->user = null;
             self::$_instance->is_admin = false;
+        } else {
+            $_SESSION['LAST_ACTIVITY'] = $time;
         }
-        $_SESSION['LAST_ACTIVITY'] = $time;
 
         return self::$_instance;
     }
This page took 0.043445 seconds and 5 git commands to generate.