diff options
author | Simon Rettberg | 2021-06-24 14:45:05 +0200 |
---|---|---|
committer | Simon Rettberg | 2021-06-24 14:45:05 +0200 |
commit | 51de7b7aac7ed626bee3bce1c3068159e54ab95b (patch) | |
tree | a21aae11caceaec3e2c5807ea5073e1cbdd874a4 /inc | |
parent | [dnbd3] Update translations (diff) | |
download | slx-admin-51de7b7aac7ed626bee3bce1c3068159e54ab95b.tar.gz slx-admin-51de7b7aac7ed626bee3bce1c3068159e54ab95b.tar.xz slx-admin-51de7b7aac7ed626bee3bce1c3068159e54ab95b.zip |
[locations/minilinux] Minor cleanups and fixes
Diffstat (limited to 'inc')
-rw-r--r-- | inc/request.inc.php | 10 | ||||
-rw-r--r-- | inc/session.inc.php | 35 | ||||
-rw-r--r-- | inc/user.inc.php | 4 |
3 files changed, 30 insertions, 19 deletions
diff --git a/inc/request.inc.php b/inc/request.inc.php index 7e9ed97e..bdbd32d5 100644 --- a/inc/request.inc.php +++ b/inc/request.inc.php @@ -23,7 +23,7 @@ class Request * @param string $type if the parameter exists, cast it to given type * @return mixed Field from $_GET, or $default if not set */ - public static function get($key, $default = false, $type = false) + public static function get(string $key, $default = false, $type = false) { return self::handle($_GET, $key, $default, $type); } @@ -34,7 +34,7 @@ class Request * @param string $default Value to return if $_POST does not contain $key * @return mixed Field from $_POST, or $default if not set */ - public static function post($key, $default = false, $type = false) + public static function post(string $key, $default = false, $type = false) { return self::handle($_POST, $key, $default, $type); } @@ -45,7 +45,7 @@ class Request * @param string $default Value to return if $_REQUEST does not contain $key * @return mixed Field from $_REQUEST, or $default if not set */ - public static function any($key, $default = false, $type = false) + public static function any(string $key, $default = false, $type = false) { return self::handle($_REQUEST, $key, $default, $type); } @@ -68,14 +68,14 @@ class Request private static function handle(&$array, $key, $default, $type) { - if (!isset($array[$key])) { + if (!array_key_exists($key, $array)) { if ($default === self::REQUIRED || $default === self::REQUIRED_EMPTY) { Message::addError('main.parameter-missing', $key); Util::redirect('?do=' . $_REQUEST['do']); } return $default; } - if ($default === self::REQUIRED && (string)$array[$key] === '') { + if ($default === self::REQUIRED && is_string($array[$key]) && $array[$key] === '') { Message::addError('main.parameter-empty', $key); Util::redirect('?do=' . $_REQUEST['do']); } diff --git a/inc/session.inc.php b/inc/session.inc.php index f06cd580..fc875669 100644 --- a/inc/session.inc.php +++ b/inc/session.inc.php @@ -8,6 +8,7 @@ class Session private static $data = false; private static $dataChanged = false; private static $userId = 0; + private static $updateSessionDateline = false; private static function generateSessionId(string $salt) { @@ -37,6 +38,7 @@ class Session 'userid' => $userId, 'fixedip' => $fixedAddress ? 1 : 0, ]); + self::setupSessionAccounting(true); } public static function load(): bool @@ -48,6 +50,7 @@ class Session if (self::readSessionData()) return true; // Loading session data failed + self::$sid = false; return false; } @@ -123,6 +126,8 @@ class Session if ($row['fixedip'] && $row['lastip'] !== $_SERVER['REMOTE_ADDR']) { return false; // Ignore but don't invalidate } + // Refresh cookie if appropriate + self::setupSessionAccounting(Request::isGet() && $row['dateline'] + 86400 < $now + CONFIG_SESSION_TIMEOUT); self::$userId = $row['userid']; self::$data = @json_decode($row['data'], true); if (!is_array(self::$data)) { @@ -136,14 +141,28 @@ class Session } return true; } + + private static function setupSessionAccounting(bool $cookie) + { + if ($cookie) { + self::$updateSessionDateline = true; + $ret = setcookie('sid', self::$sid, time() + CONFIG_SESSION_TIMEOUT, + null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true); + if (!$ret) + Util::traceError('Error: Could not set Cookie for Client (headers already sent)'); + } + register_shutdown_function(function () { + Session::saveInternal(); + }); + } public static function saveInternal() { $now = time(); - $args = [ - 'dateline' => $now + CONFIG_SESSION_TIMEOUT, - 'lastip' => $_SERVER['REMOTE_ADDR'], - ]; + $args = ['lastip' => $_SERVER['REMOTE_ADDR']]; + if (self::$updateSessionDateline) { + $args['dateline'] = $now + CONFIG_SESSION_TIMEOUT; + } if (self::$dataChanged) { $args['data'] = json_encode(self::$data); } @@ -152,14 +171,6 @@ class Session }, array_keys($args))) . " WHERE sid = :sid"; $args['sid'] = self::$sid; Database::exec($query, $args); - $ret = setcookie('sid', self::$sid, $now + CONFIG_SESSION_TIMEOUT, - null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true); - if (!$ret) - Util::traceError('Error: Could not set Cookie for Client (headers already sent)'); } } - -register_shutdown_function(function () { - Session::saveInternal(); -}); diff --git a/inc/user.inc.php b/inc/user.inc.php index d587c462..e89a4355 100644 --- a/inc/user.inc.php +++ b/inc/user.inc.php @@ -83,7 +83,7 @@ class User } } - public static function getAllowedLocations($permission) + public static function getAllowedLocations(string $permission): array { if (!self::isLoggedIn()) return []; @@ -105,7 +105,7 @@ class User } return $a; } - return array(); + return []; } public static function load() |