diff options
Diffstat (limited to 'Zotlabs/Web')
-rw-r--r-- | Zotlabs/Web/Session.php | 29 | ||||
-rw-r--r-- | Zotlabs/Web/SessionHandler.php | 7 |
2 files changed, 23 insertions, 13 deletions
diff --git a/Zotlabs/Web/Session.php b/Zotlabs/Web/Session.php index 494c02b1d..d25ce5f6a 100644 --- a/Zotlabs/Web/Session.php +++ b/Zotlabs/Web/Session.php @@ -13,6 +13,8 @@ namespace Zotlabs\Web; class Session { + private static $handler = null; + function init() { $gc_probability = 50; @@ -26,6 +28,7 @@ class Session { */ $handler = new \Zotlabs\Web\SessionHandler(); + self::$handler = $handler; $x = session_set_save_handler($handler,true); if(! $x) @@ -67,26 +70,28 @@ class Session { - function new_cookie($time) { + function new_cookie($xtime) { + + $newxtime = (($xtime> 0) ? (time() + $xtime) : 0); $old_sid = session_id(); session_regenerate_id(false); - q("UPDATE session SET sid = '%s' WHERE sid = '%s'", - dbesc(session_id()), - dbesc($old_sid) - ); + if(self::$handler) { + $v = q("UPDATE session SET sid = '%s' WHERE sid = '%s'", + dbesc(session_id()), + dbesc($old_sid) + ); + } + else + logger('no session handler'); if (x($_COOKIE, 'jsAvailable')) { - if ($time) { - $expires = time() + $time; - } else { - $expires = 0; - } - setcookie('jsAvailable', $_COOKIE['jsAvailable'], $expires); + setcookie('jsAvailable', $_COOKIE['jsAvailable'], $newxtime); } - setcookie(session_name(),session_id(),$expires); + setcookie(session_name(),session_id(),$newxtime); + } diff --git a/Zotlabs/Web/SessionHandler.php b/Zotlabs/Web/SessionHandler.php index ede2bd609..670e8f216 100644 --- a/Zotlabs/Web/SessionHandler.php +++ b/Zotlabs/Web/SessionHandler.php @@ -35,7 +35,12 @@ class SessionHandler implements \SessionHandlerInterface { return false; } - $expire = time() + $this->session_expire; + // Can't just use $data here because we can't be certain of the serialisation algorithm + + if($_SESSION && array_key_exists('remember_me',$_SESSION) && intval($_SESSION['remember_me'])) + $expire = time() + (60 * 60 * 24 * 365); + else + $expire = time() + $this->session_expire; $default_expire = time() + 300; if($this->session_exists) { |