From ecc87a1c586ead2042499eca21e0e14d726b5ce8 Mon Sep 17 00:00:00 2001
From: einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46>
Date: Sun, 2 Dec 2007 23:24:27 +0000
Subject: Correcting behavior of session timeout to release locks and create
 new session.

git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1928 4979c152-3d1c-0410-bac9-87ea11338e46
---
 LedgerSMB/Auth/DB.pm | 25 +++++--------------------
 1 file changed, 5 insertions(+), 20 deletions(-)

(limited to 'LedgerSMB/Auth')

diff --git a/LedgerSMB/Auth/DB.pm b/LedgerSMB/Auth/DB.pm
index 0a474af1..b24fd6d1 100755
--- a/LedgerSMB/Auth/DB.pm
+++ b/LedgerSMB/Auth/DB.pm
@@ -47,19 +47,7 @@ sub session_check {
     my $dbh = $form->{dbh};
 
     my $checkQuery = $dbh->prepare(
-        "SELECT u.username, s.transaction_id 
-           FROM session as s
-	   JOIN users as u ON (s.users_id = u.id)
-          WHERE s.session_id = ?
-            AND token = ?
-            AND s.last_used > now() - ?::interval"
-    );
-
-    my $updateAge = $dbh->prepare(
-        "UPDATE session 
-           SET last_used = now()
-         WHERE session_id = ?;"
-    );
+        "SELECT * FROM session_check(?, ?)");
 
     my ($sessionID, $token, $company) = split(/:/, $cookie);
 
@@ -77,7 +65,7 @@ sub session_check {
         $timeout = "$form->{timeout} seconds";
     }
 
-    $checkQuery->execute( $sessionID, $token, $timeout )
+    $checkQuery->execute( $sessionID, $token)
       || $form->dberror(
         __FILE__ . ':' . __LINE__ . ': Looking for session: ' );
     my $sessionValid = $checkQuery->rows;
@@ -85,22 +73,19 @@ sub session_check {
     if ($sessionValid) {
 
         #user has a valid session cookie, now check the user
-        my ( $sessionLogin, $sessionTransaction ) = $checkQuery->fetchrow_array;
+        my ( $session_ref) =  $checkQuery->fetchrow_hashref('NAME_lc');
 
         my $login = $form->{login};
 
         $login =~ s/[^a-zA-Z0-9._+\@'-]//g;
-        if (( $sessionLogin eq $login ))
+        if (( $session_ref ))
         {
 
 
 
-            $updateAge->execute( $sessionID )
-              || $form->dberror(
-                __FILE__ . ':' . __LINE__ . ': Updating session age: ' );
 
             my $newCookieValue =
-              $sessionID . ':' . $token . ':' . $form->{company};
+              $session_ref->{session_id} . ':' . $session_ref->{token} . ':' . $form->{company};
 
             #now update the cookie in the browser
             print qq|Set-Cookie: LedgerSMB=$newCookieValue; path=$path;\n|;
-- 
cgit v1.2.3