MDL-17942 fixed gc regressions, added gc after deleting users and similar cases

diff --git a/admin/auth.php b/admin/auth.php
index 41faab54ddc4362c59587fa40583389327e18ab3..caed90baebd608369289bd7a836d8cd500841972 100644 (file)
--- a/admin/auth.php
+++ b/admin/auth.php
@@ -52,6 +52,7 @@ switch ($action) {
         if ($auth == $CFG->registerauth) {
             set_config('registerauth', '');
         }
+        session_get_instance()->gc(); // remove stale sessions
         break;
 
     case 'enable':
@@ -61,6 +62,7 @@ switch ($action) {
             $authsenabled = array_unique($authsenabled);
             set_config('auth', implode(',', $authsenabled));
         }
+        session_get_instance()->gc(); // remove stale sessions
         break;
 
     case 'down':

diff --git a/admin/user.php b/admin/user.php
index 94c2e98b4b4752c35d149ac1501dbba79c1eb2ee..0ef6cf246f99436b3a4ad040e9885bc214c61524 100644 (file)
--- a/admin/user.php
+++ b/admin/user.php
@@ -80,6 +80,7 @@
             } else {
                 notify(get_string('deletednot', '', fullname($user, true)));
             }
+            session_get_instance()->gc(); // remove stale sessions
         }
     } else if ($acl and confirm_sesskey()) {
         if (!has_capability('moodle/user:delete', $sitecontext)) {

diff --git a/admin/user/user_bulk_delete.php b/admin/user/user_bulk_delete.php
index 42fd9858ef6273a42ec695d7624fb695e4fa5a07..5df513572cf6f2d7df03a53256e725347c0a2075 100755 (executable)
--- a/admin/user/user_bulk_delete.php
+++ b/admin/user/user_bulk_delete.php
@@ -35,6 +35,7 @@ if ($confirm and confirm_sesskey()) {
         }
         $rs->close;
     }
+    session_get_instance()->gc(); // remove stale sessions
     redirect($return, get_string('changessaved'));
 
 } else {

diff --git a/lib/authlib.php b/lib/authlib.php
index 5ea18ed3836876049d6cc763f33e72d5ca488bb8..164dc3b4687fd6969d9515a105a62127f9ab9fd6 100644 (file)
--- a/lib/authlib.php
+++ b/lib/authlib.php
@@ -343,6 +343,10 @@ class auth_plugin_base {
         //override if needed
     }
 
+    function ignore_timeout_hook($userid, $userauth, $sid, $timecreated, $timemodified) {
+        return false;
+    }
+
     /**
      * Return the properly translated human-friendly title of this auth plugin
      */

diff --git a/lib/sessionlib.php b/lib/sessionlib.php
index f6d98842cad64f598092e4e4cbb9d6901b6c73b8..71d2dcf33ad047a629f66405e8795c27975a6822 100644 (file)
--- a/lib/sessionlib.php
+++ b/lib/sessionlib.php
@@ -413,7 +413,7 @@ class database_session extends session_stub {
             $this->database->delete_records_select('sessions', "userid IN (SELECT id FROM {user} WHERE auth $notplugins)", $params);
 
             /// now get a list of time-out candidates
-            $sql = "SELECT s.*, u.auth
+            $sql = "SELECT s.*, u.auth, u.username
                       FROM {sessions} s
                       JOIN {user} u ON u.id = s.userid
                      WHERE s.timemodified + ? < ?";
@@ -425,9 +425,11 @@ class database_session extends session_stub {
             }
             $records = $this->database->get_records_sql($sql, $params);
             foreach ($records as $record) {
-                foreach ($authplugins as $authplugin) {
-                    if ($authplugin->ignore_timeout($record->userid, $records->auth, $record->timecreated, $record->timemodified)) {
-                        continue;
+                if (!empty($record->userid) and $record->username !== 'guest') { // skips not logged in and guests
+                    foreach ($authplugins as $authplugin) {
+                        if ($authplugin->ignore_timeout_hook($record->userid, $records->auth, $record->sid, $record->timecreated, $record->timemodified)) {
+                            continue;
+                        }
                     }
                 }
                 $this->database->delete_records('sessions', array('id'=>$record->id));
@@ -481,12 +483,18 @@ class database_session extends session_stub {
         // verify timeout
         if ($record->timemodified + $CFG->sessiontimeout < time()) {
             $ignoretimeout = false;
-            $authsequence = get_enabled_auth_plugins(); // auths, in sequence
-            foreach($authsequence as $authname) {
-                $authplugin = get_auth_plugin($authname);
-                if ($authplugin->ignore_timeout($record->userid, $records->auth, $record->timecreated, $record->timemodified)) {
-                    $ignoretimeout = true;
-                    break;
+            if (!empty($record->userid)) { // skips not logged in
+                if ($user = $this->database->get_record('user', array('id'=>$record->userid))) {
+                    if ($user->username !== 'guest') {
+                        $authsequence = get_enabled_auth_plugins(); // auths, in sequence
+                        foreach($authsequence as $authname) {
+                            $authplugin = get_auth_plugin($authname);
+                            if ($authplugin->ignore_timeout_hook($user->id, $user->auth, $record->sid, $record->timecreated, $record->timemodified)) {
+                                $ignoretimeout = true;
+                                break;
+                            }
+                        }
+                    }
                 }
             }
             if ($ignoretimeout) {

diff --git a/user/editadvanced.php b/user/editadvanced.php
index 6236facd7320fc48e89ed1f89e76616a17bb072d..81c45ffce28a64f834adfce239d795337d744367 100644 (file)
--- a/user/editadvanced.php
+++ b/user/editadvanced.php
@@ -177,6 +177,7 @@
                 redirect("$CFG->wwwroot/user/view.php?id=$USER->id&course=$course->id");
             }            
         } else {
+            session_get_instance()->gc(); // remove stale sessions
             redirect("$CFG->wwwroot/$CFG->admin/user.php");
         }
         //never reached