From: skodak Date: Sat, 17 Jan 2009 20:25:58 +0000 (+0000) Subject: MDL-17617 - installation session related improvements; logout fixes + other improvements X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=35d6a2a43d6cc1234b65e395cdc237a69a9a3c62;p=moodle.git MDL-17617 - installation session related improvements; logout fixes + other improvements --- diff --git a/admin/index.php b/admin/index.php index b968ecd6b8..02029d3fa4 100644 --- a/admin/index.php +++ b/admin/index.php @@ -100,6 +100,10 @@ $origdebug = $CFG->debug; $CFG->debug = DEBUG_MINIMAL; error_reporting($CFG->debug); + + /// remove current session content completely + session_get_instance()->terminate_current(); + if (empty($agreelicense)) { $strlicense = get_string('license'); $navigation = build_navigation(array(array('name'=>$strlicense, 'link'=>null, 'type'=>'misc'))); @@ -327,10 +331,15 @@ /// make sure admin user is created - this is the last step because we need /// session to be working properly in order to edit admin account if (empty($CFG->rolesactive)) { + $sessionstarted = optional_param('sessionstarted', 0, PARAM_BOOL); + if (!$sessionstarted) { + // we neeed this redirect to setup proper session + upgrade_log_finish('index.php?sessionstarted=1'); + } $adminuser = create_admin_user(); $adminuser->newadminuser = 1; complete_user_login($adminuser, false); - upgrade_log_finish("$CFG->wwwroot/user/editadvanced.php?id=$adminuser->id"); // Edit thyself + redirect("$CFG->wwwroot/user/editadvanced.php?id=$adminuser->id"); // Edit thyself } else { /// just make sure upgrade logging is properly terminated diff --git a/admin/settings/server.php b/admin/settings/server.php index 3338d768a0..34417daaf8 100644 --- a/admin/settings/server.php +++ b/admin/settings/server.php @@ -75,7 +75,7 @@ $ADMIN->add('server', $temp); // "sessionhandling" settingpage $temp = new admin_settingpage('sessionhandling', get_string('sessionhandling', 'admin')); -$temp->add(new admin_setting_configcheckbox('dbsessions', get_string('dbsessions', 'admin'), get_string('configdbsessions', 'admin'), 0)); +$temp->add(new admin_setting_configcheckbox('dbsessions', get_string('dbsessions', 'admin'), get_string('configdbsessions', 'admin'), 1)); $temp->add(new admin_setting_configselect('sessiontimeout', get_string('sessiontimeout', 'admin'), get_string('configsessiontimeout', 'admin'), 7200, array(14400 => get_string('numhours', '', 4), 10800 => get_string('numhours', '', 3), 7200 => get_string('numhours', '', 2), diff --git a/auth/shibboleth/login.php b/auth/shibboleth/login.php index a974adf5d9..951e6fec0c 100644 --- a/auth/shibboleth/login.php +++ b/auth/shibboleth/login.php @@ -10,7 +10,7 @@ /// Check for timed out sessions if (!empty($SESSION->has_timed_out)) { $session_has_timed_out = true; - $SESSION->has_timed_out = false; + unset($SESSION->has_timed_out); } else { $session_has_timed_out = false; } diff --git a/lib/sessionlib.php b/lib/sessionlib.php index e5603de649..1435d7ef70 100644 --- a/lib/sessionlib.php +++ b/lib/sessionlib.php @@ -18,8 +18,7 @@ function session_get_instance() { $session_class = SESSION_CUSTOM; $session = new $session_class(); - //} else if ((!isset($CFG->dbsessions) or $CFG->dbsessions) and $DB->session_lock_supported()) { - } else if (!empty($CFG->dbsessions) and $DB->session_lock_supported()) { + } else if ((!isset($CFG->dbsessions) or $CFG->dbsessions) and $DB->session_lock_supported()) { // default recommended session type $session = new database_session(); @@ -39,6 +38,11 @@ interface moodle_session { */ public function terminate_current(); + /** + * Terminates all sessions. + */ + public function terminate_all(); + /** * No more changes in session expected. * Unblocks the sesions, other scripts may start executing in parallel. @@ -76,7 +80,9 @@ abstract class session_stub implements moodle_session { $this->prepare_cookies(); $this->init_session_storage(); - if (!empty($CFG->usesid) && empty($_COOKIE['MoodleSession'.$CFG->sessioncookie])) { + $newsession = empty($_COOKIE['MoodleSession'.$CFG->sessioncookie]); + + if (!empty($CFG->usesid) && $newsession) { sid_start_ob(); } else { $CFG->usesid = 0; @@ -88,6 +94,9 @@ abstract class session_stub implements moodle_session { @session_start(); if (!isset($_SESSION['SESSION'])) { $_SESSION['SESSION'] = new object(); + if (!$newsession and !empty($CFG->rolesactive)) { + $_SESSION['SESSION']->has_timed_out = true; + } } if (!isset($_SESSION['USER'])) { $_SESSION['USER'] = new object(); @@ -110,14 +119,16 @@ abstract class session_stub implements moodle_session { } $_SESSION = array(); - - $SESSION = new object(); - $USER = new object(); - $USER->id = 0; + $_SESSION['SESSION'] = new object(); + $_SESSION['USER'] = new object(); + $_SESSION['USER']->id = 0; if (isset($CFG->mnet_localhost_id)) { - $USER->mnethostid = $CFG->mnet_localhost_id; + $_SESSION['USER']->mnethostid = $CFG->mnet_localhost_id; } + $SESSION = $_SESSION['SESSION']; // this may not work properly + $USER = $_SESSION['USER']; // this may not work properly + // Initialize variable to pass-by-reference to headers_sent(&$file, &$line) $file = null; $line = null; @@ -125,11 +136,11 @@ abstract class session_stub implements moodle_session { error_log('Can not terminate session properly - headers were already sent in file: '.$file.' on line '.$line); } - // now let's try to get a new session id and destroy the old one - @session_regenerate_id(true); + // now let's try to get a new session id + session_regenerate_id(); // close the session - @session_write_close(); + session_write_close(); } /** @@ -298,6 +309,9 @@ class legacy_file_session extends session_stub { ini_set('session.save_path', $CFG->dataroot .'/sessions'); } + public function terminate_all() { + // TODO + } } /** @@ -329,6 +343,15 @@ class database_session extends session_stub { } } + public function terminate_all() { + try { + // do not show any warnings - might be during upgrade/installation + $this->database->delete_records('sessions'); + } catch (dml_exception $ignored) { + + } + } + public function handler_open($save_path, $session_name) { global $DB; diff --git a/login/index.php b/login/index.php index bea71e8adc..385dce6156 100644 --- a/login/index.php +++ b/login/index.php @@ -19,7 +19,7 @@ /// Check for timed out sessions if (!empty($SESSION->has_timed_out)) { $session_has_timed_out = true; - $SESSION->has_timed_out = false; + unset($SESSION->has_timed_out); } else { $session_has_timed_out = false; }