From 88fdd846f640221e39c65c50f66bb706b7492c25 Mon Sep 17 00:00:00 2001
From: skodak <skodak>
Date: Sun, 18 Jan 2009 12:20:55 +0000
Subject: [PATCH] MDL-17942 fixed gc regressions, added gc after deleting users
 and similar cases

---
 admin/auth.php                  |  2 ++
 admin/user.php                  |  1 +
 admin/user/user_bulk_delete.php |  1 +
 lib/authlib.php                 |  4 ++++
 lib/sessionlib.php              | 28 ++++++++++++++++++----------
 user/editadvanced.php           |  1 +
 6 files changed, 27 insertions(+), 10 deletions(-)

diff --git a/admin/auth.php b/admin/auth.php
index 41faab54dd..caed90baeb 100644
--- a/admin/auth.php
+++ b/admin/auth.php
@@ -52,6 +52,7 @@ switch ($action) {
         if ($auth == $CFG->registerauth) {
             set_config('registerauth', '');
         }
+        session_get_instance()->gc(); // remove stale sessions
         break;
 
     case 'enable':
@@ -61,6 +62,7 @@ switch ($action) {
             $authsenabled = array_unique($authsenabled);
             set_config('auth', implode(',', $authsenabled));
         }
+        session_get_instance()->gc(); // remove stale sessions
         break;
 
     case 'down':
diff --git a/admin/user.php b/admin/user.php
index 94c2e98b4b..0ef6cf246f 100644
--- a/admin/user.php
+++ b/admin/user.php
@@ -80,6 +80,7 @@
             } else {
                 notify(get_string('deletednot', '', fullname($user, true)));
             }
+            session_get_instance()->gc(); // remove stale sessions
         }
     } else if ($acl and confirm_sesskey()) {
         if (!has_capability('moodle/user:delete', $sitecontext)) {
diff --git a/admin/user/user_bulk_delete.php b/admin/user/user_bulk_delete.php
index 42fd9858ef..5df513572c 100755
--- a/admin/user/user_bulk_delete.php
+++ b/admin/user/user_bulk_delete.php
@@ -35,6 +35,7 @@ if ($confirm and confirm_sesskey()) {
         }
         $rs->close;
     }
+    session_get_instance()->gc(); // remove stale sessions
     redirect($return, get_string('changessaved'));
 
 } else {
diff --git a/lib/authlib.php b/lib/authlib.php
index 5ea18ed383..164dc3b468 100644
--- a/lib/authlib.php
+++ b/lib/authlib.php
@@ -343,6 +343,10 @@ class auth_plugin_base {
         //override if needed
     }
 
+    function ignore_timeout_hook($userid, $userauth, $sid, $timecreated, $timemodified) {
+        return false;
+    }
+
     /**
      * Return the properly translated human-friendly title of this auth plugin
      */
diff --git a/lib/sessionlib.php b/lib/sessionlib.php
index f6d98842ca..71d2dcf33a 100644
--- a/lib/sessionlib.php
+++ b/lib/sessionlib.php
@@ -413,7 +413,7 @@ class database_session extends session_stub {
             $this->database->delete_records_select('sessions', "userid IN (SELECT id FROM {user} WHERE auth $notplugins)", $params);
 
             /// now get a list of time-out candidates
-            $sql = "SELECT s.*, u.auth
+            $sql = "SELECT s.*, u.auth, u.username
                       FROM {sessions} s
                       JOIN {user} u ON u.id = s.userid
                      WHERE s.timemodified + ? < ?";
@@ -425,9 +425,11 @@ class database_session extends session_stub {
             }
             $records = $this->database->get_records_sql($sql, $params);
             foreach ($records as $record) {
-                foreach ($authplugins as $authplugin) {
-                    if ($authplugin->ignore_timeout($record->userid, $records->auth, $record->timecreated, $record->timemodified)) {
-                        continue;
+                if (!empty($record->userid) and $record->username !== 'guest') { // skips not logged in and guests
+                    foreach ($authplugins as $authplugin) {
+                        if ($authplugin->ignore_timeout_hook($record->userid, $records->auth, $record->sid, $record->timecreated, $record->timemodified)) {
+                            continue;
+                        }
                     }
                 }
                 $this->database->delete_records('sessions', array('id'=>$record->id));
@@ -481,12 +483,18 @@ class database_session extends session_stub {
         // verify timeout
         if ($record->timemodified + $CFG->sessiontimeout < time()) {
             $ignoretimeout = false;
-            $authsequence = get_enabled_auth_plugins(); // auths, in sequence
-            foreach($authsequence as $authname) {
-                $authplugin = get_auth_plugin($authname);
-                if ($authplugin->ignore_timeout($record->userid, $records->auth, $record->timecreated, $record->timemodified)) {
-                    $ignoretimeout = true;
-                    break;
+            if (!empty($record->userid)) { // skips not logged in
+                if ($user = $this->database->get_record('user', array('id'=>$record->userid))) {
+                    if ($user->username !== 'guest') {
+                        $authsequence = get_enabled_auth_plugins(); // auths, in sequence
+                        foreach($authsequence as $authname) {
+                            $authplugin = get_auth_plugin($authname);
+                            if ($authplugin->ignore_timeout_hook($user->id, $user->auth, $record->sid, $record->timecreated, $record->timemodified)) {
+                                $ignoretimeout = true;
+                                break;
+                            }
+                        }
+                    }
                 }
             }
             if ($ignoretimeout) {
diff --git a/user/editadvanced.php b/user/editadvanced.php
index 6236facd73..81c45ffce2 100644
--- a/user/editadvanced.php
+++ b/user/editadvanced.php
@@ -177,6 +177,7 @@
                 redirect("$CFG->wwwroot/user/view.php?id=$USER->id&course=$course->id");
             }            
         } else {
+            session_get_instance()->gc(); // remove stale sessions
             redirect("$CFG->wwwroot/$CFG->admin/user.php");
         }
         //never reached
-- 
2.39.5