diff options
| author | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-12-02 23:24:27 +0000 |
|---|---|---|
| committer | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-12-02 23:24:27 +0000 |
| commit | ecc87a1c586ead2042499eca21e0e14d726b5ce8 (patch) | |
| tree | fce3f039df564c0980b4bd327e3bb33048f45522 /LedgerSMB/Auth | |
| parent | a581e9f50c6a4a22c8fbfd24348cd40835784d44 (diff) | |
Correcting behavior of session timeout to release locks and create new session.
git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1928 4979c152-3d1c-0410-bac9-87ea11338e46
Diffstat (limited to 'LedgerSMB/Auth')
| -rwxr-xr-x | LedgerSMB/Auth/DB.pm | 25 |
1 files changed, 5 insertions, 20 deletions
diff --git a/LedgerSMB/Auth/DB.pm b/LedgerSMB/Auth/DB.pm index 0a474af1..b24fd6d1 100755 --- a/LedgerSMB/Auth/DB.pm +++ b/LedgerSMB/Auth/DB.pm @@ -47,19 +47,7 @@ sub session_check { my $dbh = $form->{dbh}; my $checkQuery = $dbh->prepare( - "SELECT u.username, s.transaction_id - FROM session as s - JOIN users as u ON (s.users_id = u.id) - WHERE s.session_id = ? - AND token = ? - AND s.last_used > now() - ?::interval" - ); - - my $updateAge = $dbh->prepare( - "UPDATE session - SET last_used = now() - WHERE session_id = ?;" - ); + "SELECT * FROM session_check(?, ?)"); my ($sessionID, $token, $company) = split(/:/, $cookie); @@ -77,7 +65,7 @@ sub session_check { $timeout = "$form->{timeout} seconds"; } - $checkQuery->execute( $sessionID, $token, $timeout ) + $checkQuery->execute( $sessionID, $token) || $form->dberror( __FILE__ . ':' . __LINE__ . ': Looking for session: ' ); my $sessionValid = $checkQuery->rows; @@ -85,22 +73,19 @@ sub session_check { if ($sessionValid) { #user has a valid session cookie, now check the user - my ( $sessionLogin, $sessionTransaction ) = $checkQuery->fetchrow_array; + my ( $session_ref) = $checkQuery->fetchrow_hashref('NAME_lc'); my $login = $form->{login}; $login =~ s/[^a-zA-Z0-9._+\@'-]//g; - if (( $sessionLogin eq $login )) + if (( $session_ref )) { - $updateAge->execute( $sessionID ) - || $form->dberror( - __FILE__ . ':' . __LINE__ . ': Updating session age: ' ); my $newCookieValue = - $sessionID . ':' . $token . ':' . $form->{company}; + $session_ref->{session_id} . ':' . $session_ref->{token} . ':' . $form->{company}; #now update the cookie in the browser print qq|Set-Cookie: LedgerSMB=$newCookieValue; path=$path;\n|; |