more work on sessions and cookies, as some anomalies appeared in caldav and firefox which suggested deeper issues

4 files changed, 12 insertions, 11 deletions

diff --git a/include/Contact.php b/include/Contact.php
index e011c60c8..8ad67c28e 100644
--- a/include/Contact.php
+++ b/include/Contact.php
@@ -389,7 +389,7 @@ function channel_remove($channel_id, $local = true, $unset_session=false) {
 	proc_run('php','include/directory.php',$channel_id);
 
 	if($channel_id == local_channel() && $unset_session) {
-		\Zotlabs\Web\Session::nuke();
+		App::$session->nuke();
 		goaway(z_root());
 	}
 
diff --git a/include/api.php b/include/api.php
index 3b2c71923..5f4d4bedb 100644
--- a/include/api.php
+++ b/include/api.php
@@ -486,7 +486,7 @@ require_once('include/api_auth.php');
 
 	function api_account_logout(&$a, $type){
 		require_once('include/auth.php');
-		\Zotlabs\Web\Session::nuke();
+		App::$session->nuke();
 		return api_apply_template("user", $type, array('$user' => null));
 
 	}
diff --git a/include/auth.php b/include/auth.php
index 9643da8eb..01fcf0094 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -101,7 +101,7 @@ if((isset($_SESSION)) && (x($_SESSION, 'authenticated')) &&
 		// process logout request
 		$args = array('channel_id' => local_channel());
 		call_hooks('logging_out', $args);
-		\Zotlabs\Web\Session::nuke();
+		App::$session->nuke();
 		info( t('Logged out.') . EOL);
 		goaway(z_root());
 	}
@@ -117,7 +117,7 @@ if((isset($_SESSION)) && (x($_SESSION, 'authenticated')) &&
 				intval(ACCOUNT_ROLE_ADMIN)
 			);
 			if($x) {
-				\Zotlabs\Web\Session::new_cookie(60 * 60 * 24); // one day
+				App::$session->new_cookie(60 * 60 * 24); // one day
 				$_SESSION['last_login_date'] = datetime_convert();
 				unset($_SESSION['visitor_id']); // no longer a visitor
 				authenticate_success($x[0], true, true);
@@ -141,7 +141,7 @@ if((isset($_SESSION)) && (x($_SESSION, 'authenticated')) &&
 
 	if(x($_SESSION, 'uid') || x($_SESSION, 'account_id')) {
 
-		Zotlabs\Web\Session::return_check();
+		App::$session->return_check();
 
 		$r = q("select * from account where account_id = %d limit 1",
 			intval($_SESSION['account_id'])
@@ -155,14 +155,14 @@ if((isset($_SESSION)) && (x($_SESSION, 'authenticated')) &&
 			}
 			if(strcmp(datetime_convert('UTC','UTC','now - 12 hours'), $_SESSION['last_login_date']) > 0 ) {
 				$_SESSION['last_login_date'] = datetime_convert();
-				Zotlabs\Web\Session::extend_cookie();
+				App::$session->extend_cookie();
 				$login_refresh = true;
 			}
 			authenticate_success($r[0], false, false, false, $login_refresh);
 		}
 		else {
 			$_SESSION['account_id'] = 0;
-			\Zotlabs\Web\Session::nuke();
+			App::$session->nuke();
 			goaway(z_root());
 		}
 	} // end logged in user returning
@@ -170,7 +170,7 @@ if((isset($_SESSION)) && (x($_SESSION, 'authenticated')) &&
 else {
 
 	if(isset($_SESSION)) {
-		\Zotlabs\Web\Session::nuke();
+		App::$session->nuke();
 	}
 
 	// handle a fresh login request
@@ -242,11 +242,11 @@ else {
 
 		if($_POST['remember_me']) {
 			$_SESSION['remember_me'] = 1;
-			\Zotlabs\Web\Session::new_cookie(31449600); // one year
+			App::$session->new_cookie(31449600); // one year
 		}
 		else {
 			$_SESSION['remember_me'] = 0;
-			\Zotlabs\Web\Session::new_cookie(0); // 0 means delete on browser exit
+			App::$session->new_cookie(0); // 0 means delete on browser exit
 		}
 
 		// if we haven't failed up this point, log them in.
diff --git a/include/cli_startup.php b/include/cli_startup.php
index a99164d4c..a33f7acb0 100644
--- a/include/cli_startup.php
+++ b/include/cli_startup.php
@@ -30,7 +30,8 @@ function cli_startup() {
     	unset($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type);
   	};
 
-	\Zotlabs\Web\Session::init();
+	App::$session = new Zotlabs\Web\Session();
+	App::$session->init();
 
 	load_config('system');