mirror of
https://code.mensbeam.com/MensBeam/Arsse.git
synced 2024-12-23 06:55:03 +00:00
Resuming a session from the database should have no side effects
This commit is contained in:
parent
1069447925
commit
b7ac63b9de
1 changed files with 1 additions and 5 deletions
|
@ -249,15 +249,11 @@ class Database {
|
||||||
|
|
||||||
public function sessionResume(string $id): array {
|
public function sessionResume(string $id): array {
|
||||||
$maxAge = Date::sub(Arsse::$conf->userSessionLifetime);
|
$maxAge = Date::sub(Arsse::$conf->userSessionLifetime);
|
||||||
$out = $this->db->prepare("SELECT * from arsse_sessions where id is ? and expires > CURRENT_TIMESTAMP and created > ?", "str", "datetime")->run($id, $maxAge)->getRow();
|
$out = $this->db->prepare("SELECT id,created,expires,user from arsse_sessions where id is ? and expires > CURRENT_TIMESTAMP and created > ?", "str", "datetime")->run($id, $maxAge)->getRow();
|
||||||
// if the session does not exist or is expired, throw an exception
|
// if the session does not exist or is expired, throw an exception
|
||||||
if (!$out) {
|
if (!$out) {
|
||||||
throw new User\ExceptionSession("invalid", $id);
|
throw new User\ExceptionSession("invalid", $id);
|
||||||
}
|
}
|
||||||
// otherwise populate the session user when appropriate
|
|
||||||
if (Arsse::$user) {
|
|
||||||
Arsse::$user->id = $out['user'];
|
|
||||||
}
|
|
||||||
// if we're more than half-way from the session expiring, renew it
|
// if we're more than half-way from the session expiring, renew it
|
||||||
if ($this->sessionExpiringSoon(Date::normalize($out['expires'], "sql"))) {
|
if ($this->sessionExpiringSoon(Date::normalize($out['expires'], "sql"))) {
|
||||||
$expires = Date::add(Arsse::$conf->userSessionTimeout);
|
$expires = Date::add(Arsse::$conf->userSessionTimeout);
|
||||||
|
|
Loading…
Reference in a new issue