diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2020-10-06 23:19:45 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2020-10-06 23:19:45 +0200 |
| commit | 0319cc9d234e107109d988f36f2361b25f9f0777 (patch) | |
| tree | e373d93694297e36056d9888141d3233d0686260 /app/Models | |
| parent | 3aed0b95534c60b26254292e951c8a9c5badc786 (diff) | |
Minz allow parallel sessions (#3096)
* Minz allow parallel sessions
#fix https://github.com/FreshRSS/FreshRSS/issues/3093
* Array optimisation
* Array optimisation missing
* Reduce direct access to $_SESSION except in install process
* Fix session start headers warning
* Use cookie only the first time the session is started:
`PHP Warning: session_start(): Cannot start session when headers
already sent in /var/www/FreshRSS/lib/Minz/Session.php on line 39`
* New concept of volatile session for API calls
Optimisation: do not use cookies or local storage at all for API calls
without a Web session
Fix warning:
```
PHP Warning: session_destroy(): Trying to destroy uninitialized session
in Unknown on line 0
```
* Only call Minz_Session::init once in our index
It was called twice (once indirectly via FreshRSS->init())
* Whitespace
* Mutex for notifications
Implement mutex for notifications
https://github.com/FreshRSS/FreshRSS/pull/3208#discussion_r499509809
* Typo
* Install script is not ready for using Minz_Session
Diffstat (limited to 'app/Models')
| -rw-r--r-- | app/Models/Auth.php | 34 | ||||
| -rw-r--r-- | app/Models/DatabaseDAO.php | 12 |
2 files changed, 27 insertions, 19 deletions
diff --git a/app/Models/Auth.php b/app/Models/Auth.php index fcbf37fa3..77a244843 100644 --- a/app/Models/Auth.php +++ b/app/Models/Auth.php @@ -23,8 +23,10 @@ class FreshRSS_Auth { if ($current_user === '') { $conf = Minz_Configuration::get('system'); $current_user = $conf->default_user; - Minz_Session::_param('currentUser', $current_user); - Minz_Session::_param('csrf'); + Minz_Session::_params([ + 'currentUser' => $current_user, + 'csrf' => false, + ]); } if (self::$login_ok) { @@ -55,9 +57,11 @@ class FreshRSS_Auth { $current_user = ''; if (isset($credentials[1])) { $current_user = trim($credentials[0]); - Minz_Session::_param('currentUser', $current_user); - Minz_Session::_param('passwordHash', trim($credentials[1])); - Minz_Session::_param('csrf'); + Minz_Session::_params([ + 'currentUser' => $current_user, + 'passwordHash' => trim($credentials[1]), + 'csrf' => false, + ]); } return $current_user != ''; case 'http_auth': @@ -79,8 +83,10 @@ class FreshRSS_Auth { ]); } if ($login_ok) { - Minz_Session::_param('currentUser', $current_user); - Minz_Session::_param('csrf'); + Minz_Session::_params([ + 'currentUser' => $current_user, + 'csrf' => false, + ]); } return $login_ok; case 'none': @@ -118,8 +124,10 @@ class FreshRSS_Auth { self::$login_ok = false; } - Minz_Session::_param('loginOk', self::$login_ok); - Minz_Session::_param('REMOTE_USER', httpAuthUser()); + Minz_Session::_params([ + 'loginOk' => self::$login_ok, + 'REMOTE_USER' => httpAuthUser(), + ]); return self::$login_ok; } @@ -153,9 +161,11 @@ class FreshRSS_Auth { */ public static function removeAccess() { self::$login_ok = false; - Minz_Session::_param('loginOk'); - Minz_Session::_param('csrf'); - Minz_Session::_param('REMOTE_USER'); + Minz_Session::_params([ + 'loginOk' => false, + 'csrf' => false, + 'REMOTE_USER' => false, + ]); $system_conf = Minz_Configuration::get('system'); $username = ''; diff --git a/app/Models/DatabaseDAO.php b/app/Models/DatabaseDAO.php index 2e0ee25a0..9d762a615 100644 --- a/app/Models/DatabaseDAO.php +++ b/app/Models/DatabaseDAO.php @@ -20,11 +20,10 @@ class FreshRSS_DatabaseDAO extends Minz_ModelPdo { try { $sql = sprintf($SQL_CREATE_DB, empty($db['base']) ? '' : $db['base']); - return $this->pdo->exec($sql) !== false; + return $this->pdo->exec($sql) === false ? 'Error during CREATE DATABASE' : ''; } catch (Exception $e) { - $_SESSION['bd_error'] = $e->getMessage(); - syslog(LOG_DEBUG, __method__ . ' warning: ' . $e->getMessage()); - return false; + syslog(LOG_DEBUG, __method__ . ' notice: ' . $e->getMessage()); + return $e->getMessage(); } } @@ -33,11 +32,10 @@ class FreshRSS_DatabaseDAO extends Minz_ModelPdo { $sql = 'SELECT 1'; $stm = $this->pdo->query($sql); $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); - return $res != false; + return $res == false ? 'Error during SQL connection test!' : ''; } catch (Exception $e) { - $_SESSION['bd_error'] = $e->getMessage(); syslog(LOG_DEBUG, __method__ . ' warning: ' . $e->getMessage()); - return false; + return $e->getMessage(); } } |