/** * Create session object and start the session. */ public function session_init() { // session started (Installer?) if (session_id()) { return; } $sess_name = $this->config->get('session_name'); $sess_domain = $this->config->get('session_domain'); $sess_path = $this->config->get('session_path'); $lifetime = $this->config->get('session_lifetime', 0) * 60; $is_secure = $this->config->get('use_https') || rcube_utils::https_check(); // set session domain if ($sess_domain) { ini_set('session.cookie_domain', $sess_domain); } // set session path if ($sess_path) { ini_set('session.cookie_path', $sess_path); } // set session garbage collecting time according to session_lifetime if ($lifetime) { ini_set('session.gc_maxlifetime', $lifetime * 2); } ini_set('session.cookie_secure', $is_secure); ini_set('session.name', $sess_name ? $sess_name : 'roundcube_sessid'); ini_set('session.use_cookies', 1); ini_set('session.use_only_cookies', 1); ini_set('session.cookie_httponly', 1); // use database for storing session data $this->session = new rcube_session($this->get_dbh(), $this->config); $path = $_SERVER['SCRIPT_NAME']; if (strpos($path, '://')) { $path = parse_url($path, PHP_URL_PATH); // #1490582 } $this->session->register_gc_handler(array($this, 'gc')); $this->session->set_secret($this->config->get('des_key') . dirname($path)); $this->session->set_ip_check($this->config->get('ip_check')); if ($this->config->get('session_auth_name')) { $this->session->set_cookiename($this->config->get('session_auth_name')); } // start PHP session (if not in CLI mode) if ($_SERVER['REMOTE_ADDR']) { $this->session->start(); } }
/** * Configure session object internals */ public function session_configure() { if (!$this->session) { return; } $lifetime = $this->config->get('session_lifetime', 0) * 60; // set keep-alive/check-recent interval if ($keep_alive = $this->config->get('keep_alive')) { // be sure that it's less than session lifetime if ($lifetime) { $keep_alive = min($keep_alive, $lifetime - 30); } $keep_alive = max(60, $keep_alive); $this->session->set_keep_alive($keep_alive); } $this->session->set_secret($this->config->get('des_key') . $_SERVER['HTTP_USER_AGENT']); $this->session->set_ip_check($this->config->get('ip_check')); }
/** * Create session object and start the session. */ public function session_init() { // session started (Installer?) if (session_id()) { return; } $sess_name = $this->config->get('session_name'); $sess_domain = $this->config->get('session_domain'); $sess_path = $this->config->get('session_path'); $lifetime = $this->config->get('session_lifetime', 0) * 60; // set session domain if ($sess_domain) { ini_set('session.cookie_domain', $sess_domain); } // set session path if ($sess_path) { ini_set('session.cookie_path', $sess_path); } // set session garbage collecting time according to session_lifetime if ($lifetime) { ini_set('session.gc_maxlifetime', $lifetime * 2); } ini_set('session.cookie_secure', rcube_utils::https_check()); ini_set('session.name', $sess_name ? $sess_name : 'roundcube_sessid'); ini_set('session.use_cookies', 1); ini_set('session.use_only_cookies', 1); ini_set('session.serialize_handler', 'php'); ini_set('session.cookie_httponly', 1); // use database for storing session data $this->session = new rcube_session($this->get_dbh(), $this->config); $this->session->register_gc_handler(array($this, 'temp_gc')); $this->session->register_gc_handler(array($this, 'cache_gc')); $this->session->set_secret($this->config->get('des_key') . dirname($_SERVER['SCRIPT_NAME'])); $this->session->set_ip_check($this->config->get('ip_check')); // start PHP session (if not in CLI mode) if ($_SERVER['REMOTE_ADDR']) { session_start(); } }