From a675b3833d014e9ebeb998aa7a8ad6e5d1acca78 Mon Sep 17 00:00:00 2001 From: Michael Rasmussen Date: Thu, 4 Jun 2015 18:08:08 +0200 Subject: [PATCH] Fix bug in session handler --- lib/utils.inc.php | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/lib/utils.inc.php b/lib/utils.inc.php index e59cf8c..8aa38e0 100644 --- a/lib/utils.inc.php +++ b/lib/utils.inc.php @@ -31,12 +31,13 @@ class Utils { global $CFG; $this->server = $_SERVER; - session_start(); $this->user = null; $this->is_admin = false; $this->loginStatus = 'Not logged in'; + $this->startSession(); + if (isset($_SESSION['user'])) { $this->user = $_SESSION['user']; $this->loginStatus = 'OK'; @@ -57,15 +58,9 @@ class Utils { private function __clone() {} - public static function getInstance() { + private function startSession() { global $CFG; - if (!is_object(self::$_instance)) { - self::$_instance = new Utils(); - } - // Session timeout handler - if ('' == session_id()) - session_start(); if (isset($CFG->session_timeout)) { $timeout = $CFG->session_timeout * 60; } else { @@ -76,15 +71,24 @@ class Utils { ini_set('session.gc_maxlifetime', $timeout); if (ini_get('session.cookie_lifetime') != $timeout) ini_set('session.cookie_lifetime', $timeout); + + session_start(); + $time = $_SERVER['REQUEST_TIME']; if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $timeout) { session_unset(); session_destroy(); - session_start(); self::$_instance->user = null; self::$_instance->is_admin = false; + } else { + $_SESSION['LAST_ACTIVITY'] = $time; + } + } + + public static function getInstance() { + if (!is_object(self::$_instance)) { + self::$_instance = new Utils(); } - $_SESSION['LAST_ACTIVITY'] = $time; return self::$_instance; } -- 2.39.2