From: skodak Date: Sat, 17 Jan 2009 15:25:08 +0000 (+0000) Subject: MDL-14992 refactored use of session_write_close() X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=56949c17dea75acea1d8609e5deaf98a2cc554f7;p=moodle.git MDL-14992 refactored use of session_write_close() --- diff --git a/admin/cron.php b/admin/cron.php index f3e98bfd3d..49d92a6e1e 100644 --- a/admin/cron.php +++ b/admin/cron.php @@ -37,7 +37,7 @@ } /// extra safety - @session_write_close(); + @session_get_instance()->write_close(); /// check if execution allowed if (isset($_SERVER['REMOTE_ADDR'])) { // if the script is accessed via the web. diff --git a/admin/dbtransfer/lib.php b/admin/dbtransfer/lib.php index 4241c30395..c1d7858a86 100644 --- a/admin/dbtransfer/lib.php +++ b/admin/dbtransfer/lib.php @@ -24,7 +24,7 @@ require_once($CFG->libdir.'/dtllib.php'); function dbtransfer_export_xml_database($description, $mdb) { @set_time_limit(0); - session_write_close(); // release session + session_get_instance()->write_close(); // release session header('Content-Type: application/xhtml+xml'); header('Content-Disposition: attachment; filename=database.xml'); @@ -45,7 +45,7 @@ function dbtransfer_export_xml_database($description, $mdb) { function dbtransfer_transfer_database($sourcedb, $targetdb) { @set_time_limit(0); - session_write_close(); // release session + session_get_instance()->write_close(); // release session $var = new database_mover($sourcedb, $targetdb); $var->export_database(null); diff --git a/course/report/log/index.php b/course/report/log/index.php index 76186f1d8f..052a5716af 100644 --- a/course/report/log/index.php +++ b/course/report/log/index.php @@ -56,7 +56,7 @@ $stradministration = get_string('administration'); $strreports = get_string('reports'); - session_write_close(); + session_get_instance()->write_close(); $navlinks = array(); diff --git a/course/report/log/live.php b/course/report/log/live.php index 8dce7e5219..ebf4ad189b 100644 --- a/course/report/log/live.php +++ b/course/report/log/live.php @@ -18,7 +18,7 @@ add_to_log($course->id, "course", "report live", "report/log/live.php?id=$course->id", $course->id); - session_write_close(); + session_get_instance()->write_close(); // we override the default framename so header/footer // links open in a new window diff --git a/draftfile.php b/draftfile.php index 3908a7d037..91b5f5ec60 100644 --- a/draftfile.php +++ b/draftfile.php @@ -62,5 +62,5 @@ // ======================================== // finally send the file // ======================================== - session_write_close(); // unlock session during fileserving + session_get_instance()->write_close(); // unlock session during fileserving send_stored_file($file, 0, false, true); // force download - security first! diff --git a/file.php b/file.php index 00227f781e..de2968c1c3 100644 --- a/file.php +++ b/file.php @@ -93,7 +93,7 @@ // ======================================== // finally send the file // ======================================== - session_write_close(); // unlock session during fileserving + session_get_instance()->write_close(); // unlock session during fileserving send_stored_file($file, $lifetime, $CFG->filteruploadedfiles, $forcedownload); diff --git a/lib/dml/moodle_database.php b/lib/dml/moodle_database.php index 31c1fc0f2a..08baff21c0 100644 --- a/lib/dml/moodle_database.php +++ b/lib/dml/moodle_database.php @@ -246,7 +246,7 @@ abstract class moodle_database { public function dispose() { if ($this->used_for_db_sessions) { // this is needed because we need to save session to db before closing it - session_write_close(); + session_get_instance()->write_close(); $this->used_for_db_sessions = false; } if ($this->database_manager) { diff --git a/lib/filelib.php b/lib/filelib.php index 6b2d2210ec..14072b5d3e 100644 --- a/lib/filelib.php +++ b/lib/filelib.php @@ -787,7 +787,7 @@ function send_temp_file($path, $filename, $pathisstring=false) { global $CFG; // close session - not needed anymore - @session_write_close(); + @session_get_instance()->write_close(); if (!$pathisstring) { if (!file_exists($path)) { @@ -874,7 +874,7 @@ function send_file($path, $filename, $lifetime = 'default' , $filter=0, $pathiss } } - session_write_close(); // unlock session during fileserving + session_get_instance()->write_close(); // unlock session during fileserving // Use given MIME type if specified, otherwise guess it using mimeinfo. // IE, Konqueror and Opera open html file directly in browser from web even when directed to save it to disk :-O @@ -1078,7 +1078,7 @@ function send_stored_file($stored_file, $lifetime=86400 , $filter=0, $forcedownl ignore_user_abort(true); } - session_write_close(); // unlock session during fileserving + session_get_instance()->write_close(); // unlock session during fileserving // Use given MIME type if specified, otherwise guess it using mimeinfo. // IE, Konqueror and Opera open html file directly in browser from web even when directed to save it to disk :-O diff --git a/lib/moodlelib.php b/lib/moodlelib.php index 35b071e06c..50c7ee71ee 100644 --- a/lib/moodlelib.php +++ b/lib/moodlelib.php @@ -2182,7 +2182,7 @@ function require_logout() { } } - session_get_instance()->terminate(); + session_get_instance()->terminate_current(); } /** diff --git a/lib/sessionlib.php b/lib/sessionlib.php index 8c3db52fe3..e5603de649 100644 --- a/lib/sessionlib.php +++ b/lib/sessionlib.php @@ -33,7 +33,19 @@ function session_get_instance() { } interface moodle_session { - public function terminate(); + /** + * Terminate current session + * @return void + */ + public function terminate_current(); + + /** + * No more changes in session expected. + * Unblocks the sesions, other scripts may start executing in parallel. + * @return void + */ + public function write_close(); + } /** @@ -87,6 +99,52 @@ abstract class session_stub implements moodle_session { $this->check_security(); } + /** + * Terminates active moodle session + */ + public function terminate_current() { + global $CFG, $SESSION, $USER; + + if (NO_MOODLE_COOKIES) { + return; + } + + $_SESSION = array(); + + $SESSION = new object(); + $USER = new object(); + $USER->id = 0; + if (isset($CFG->mnet_localhost_id)) { + $USER->mnethostid = $CFG->mnet_localhost_id; + } + + // Initialize variable to pass-by-reference to headers_sent(&$file, &$line) + $file = null; + $line = null; + if (headers_sent($file, $line)) { + error_log('Can not terminate session properly - headers were already sent in file: '.$file.' on line '.$line); + } + + // now let's try to get a new session id and destroy the old one + @session_regenerate_id(true); + + // close the session + @session_write_close(); + } + + /** + * No more changes in session expected. + * Unblocks the sesions, other scripts may start executing in parallel. + * @return void + */ + public function write_close() { + if (NO_MOODLE_COOKIES) { + return; + } + + session_write_close(); + } + /** * Initialise $USER object, handles google access. * @@ -158,41 +216,12 @@ abstract class session_stub implements moodle_session { if ($_SESSION['USER']->sessionip != $remoteaddr) { // this is a security feature - terminate the session in case of any doubt - $this->terminate(); + $this->terminate_current(); print_error('sessionipnomatch2', 'error'); } } } - /** - * Terminates active moodle session - */ - public function terminate() { - global $CFG, $SESSION, $USER; - - $_SESSION = array(); - - $SESSION = new object(); - $USER = new object(); - $USER->id = 0; - if (isset($CFG->mnet_localhost_id)) { - $USER->mnethostid = $CFG->mnet_localhost_id; - } - - // Initialize variable to pass-by-reference to headers_sent(&$file, &$line) - $file = null; - $line = null; - if (headers_sent($file, $line)) { - error_log('Can not terminate session properly - headers were already sent in file: '.$file.' on line '.$line); - } - - // now let's try to get a new session id and destroy the old one - @session_regenerate_id(true); - - // close the session - @session_write_close(); - } - /** * Prepare cookies and varions system settings */ @@ -268,6 +297,7 @@ class legacy_file_session extends session_stub { } ini_set('session.save_path', $CFG->dataroot .'/sessions'); } + } /** diff --git a/mod/chat/gui_ajax/post.php b/mod/chat/gui_ajax/post.php index 7c3302b434..1989783179 100755 --- a/mod/chat/gui_ajax/post.php +++ b/mod/chat/gui_ajax/post.php @@ -29,7 +29,7 @@ if (!$cm = get_coursemodule_from_instance('chat', $chat->id, $course->id)) { if (isguest()) { chat_print_error('ERROR', get_string('notlogged','chat')); } -session_write_close(); +session_get_instance()->write_close(); chat_delete_old_users(); $chat_message = clean_text($chat_message, FORMAT_MOODLE); diff --git a/mod/chat/gui_header_js/insert.php b/mod/chat/gui_header_js/insert.php index 797feb1019..269ad81cd6 100644 --- a/mod/chat/gui_header_js/insert.php +++ b/mod/chat/gui_header_js/insert.php @@ -28,7 +28,7 @@ print_error('noguests'); } - session_write_close(); + session_get_instance()->write_close(); /// Delete old users now diff --git a/pluginfile.php b/pluginfile.php index c47c863f10..7e95039629 100644 --- a/pluginfile.php +++ b/pluginfile.php @@ -103,7 +103,7 @@ send_file_not_found(); } - session_write_close(); // unlock session during fileserving + session_get_instance()->write_close(); // unlock session during fileserving send_stored_file($file, 60*60, 0, $forcedownload); @@ -123,7 +123,7 @@ send_file_not_found(); } - session_write_close(); // unlock session during fileserving + session_get_instance()->write_close(); // unlock session during fileserving send_stored_file($file, 0, 0, true); } else if ($filearea === 'course_intro') { @@ -138,7 +138,7 @@ send_file_not_found(); } - session_write_close(); // unlock session during fileserving + session_get_instance()->write_close(); // unlock session during fileserving send_stored_file($file, 60*60, 0, false); // TODO: change timeout? } else if ($filearea === 'user_profile') { @@ -175,7 +175,7 @@ send_file_not_found(); } - session_write_close(); // unlock session during fileserving + session_get_instance()->write_close(); // unlock session during fileserving send_stored_file($file, 0, 0, true); // must force download - security! } else { diff --git a/question/file.php b/question/file.php index e0ab078f14..80e9615551 100644 --- a/question/file.php +++ b/question/file.php @@ -71,7 +71,7 @@ } // send the file - session_write_close(); // unlock session during fileserving + session_get_instance()->write_close(); // unlock session during fileserving $filename = $args[count($args)-1]; send_file($pathname, $filename, $lifetime, $CFG->filteruploadedfiles, false, $forcedownload); } else { diff --git a/userfile.php b/userfile.php index ae5a49dec8..c7096cf1a8 100644 --- a/userfile.php +++ b/userfile.php @@ -83,5 +83,5 @@ // ======================================== // finally send the file // ======================================== - session_write_close(); // unlock session during fileserving + session_get_instance()->write_close(); // unlock session during fileserving send_stored_file($file, 0, false, $forcedownload);