[Web] Change session timeout handling

[Rspamd] Add missing spamassassin.conf
master
andryyy 2019-04-14 13:01:40 +02:00
parent e94c9e1ca6
commit c8047b9555
2 changed files with 9 additions and 3 deletions

View File

@ -0,0 +1 @@
ruleset = "/etc/rspamd/custom/sa-rules-heinlein";

View File

@ -21,7 +21,7 @@ elseif (isset($_SERVER['HTTPS'])) {
else { else {
$IS_HTTPS = false; $IS_HTTPS = false;
} }
// session_set_cookie_params($SESSION_LIFETIME, '/', '', $IS_HTTPS, true);
if (session_status() !== PHP_SESSION_ACTIVE) { if (session_status() !== PHP_SESSION_ACTIVE) {
session_start(); session_start();
} }
@ -35,6 +35,13 @@ if (!isset($_SESSION['SESS_REMOTE_UA'])) {
$_SESSION['SESS_REMOTE_UA'] = $_SERVER['HTTP_USER_AGENT']; $_SESSION['SESS_REMOTE_UA'] = $_SERVER['HTTP_USER_AGENT'];
} }
// Keep session active
if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > $SESSION_LIFETIME)) {
session_unset();
session_destroy();
}
$_SESSION['LAST_ACTIVITY'] = time();
// API // API
if (!empty($_SERVER['HTTP_X_API_KEY'])) { if (!empty($_SERVER['HTTP_X_API_KEY'])) {
$stmt = $pdo->prepare("SELECT `allow_from` FROM `api` WHERE `api_key` = :api_key AND `active` = '1';"); $stmt = $pdo->prepare("SELECT `allow_from` FROM `api` WHERE `api_key` = :api_key AND `active` = '1';");
@ -72,8 +79,6 @@ if (!empty($_SERVER['HTTP_X_API_KEY'])) {
die(); die();
} }
} }
// Update session cookie
// setcookie(session_name() ,session_id(), time() + $SESSION_LIFETIME);
// Handle logouts // Handle logouts
if (isset($_POST["logout"])) { if (isset($_POST["logout"])) {