summaryrefslogtreecommitdiffstats
path: root/inc
diff options
context:
space:
mode:
authorSimon Rettberg2021-06-24 14:45:05 +0200
committerSimon Rettberg2021-06-24 14:45:05 +0200
commit51de7b7aac7ed626bee3bce1c3068159e54ab95b (patch)
treea21aae11caceaec3e2c5807ea5073e1cbdd874a4 /inc
parent[dnbd3] Update translations (diff)
downloadslx-admin-51de7b7aac7ed626bee3bce1c3068159e54ab95b.tar.gz
slx-admin-51de7b7aac7ed626bee3bce1c3068159e54ab95b.tar.xz
slx-admin-51de7b7aac7ed626bee3bce1c3068159e54ab95b.zip
[locations/minilinux] Minor cleanups and fixes
Diffstat (limited to 'inc')
-rw-r--r--inc/request.inc.php10
-rw-r--r--inc/session.inc.php35
-rw-r--r--inc/user.inc.php4
3 files changed, 30 insertions, 19 deletions
diff --git a/inc/request.inc.php b/inc/request.inc.php
index 7e9ed97e..bdbd32d5 100644
--- a/inc/request.inc.php
+++ b/inc/request.inc.php
@@ -23,7 +23,7 @@ class Request
* @param string $type if the parameter exists, cast it to given type
* @return mixed Field from $_GET, or $default if not set
*/
- public static function get($key, $default = false, $type = false)
+ public static function get(string $key, $default = false, $type = false)
{
return self::handle($_GET, $key, $default, $type);
}
@@ -34,7 +34,7 @@ class Request
* @param string $default Value to return if $_POST does not contain $key
* @return mixed Field from $_POST, or $default if not set
*/
- public static function post($key, $default = false, $type = false)
+ public static function post(string $key, $default = false, $type = false)
{
return self::handle($_POST, $key, $default, $type);
}
@@ -45,7 +45,7 @@ class Request
* @param string $default Value to return if $_REQUEST does not contain $key
* @return mixed Field from $_REQUEST, or $default if not set
*/
- public static function any($key, $default = false, $type = false)
+ public static function any(string $key, $default = false, $type = false)
{
return self::handle($_REQUEST, $key, $default, $type);
}
@@ -68,14 +68,14 @@ class Request
private static function handle(&$array, $key, $default, $type)
{
- if (!isset($array[$key])) {
+ if (!array_key_exists($key, $array)) {
if ($default === self::REQUIRED || $default === self::REQUIRED_EMPTY) {
Message::addError('main.parameter-missing', $key);
Util::redirect('?do=' . $_REQUEST['do']);
}
return $default;
}
- if ($default === self::REQUIRED && (string)$array[$key] === '') {
+ if ($default === self::REQUIRED && is_string($array[$key]) && $array[$key] === '') {
Message::addError('main.parameter-empty', $key);
Util::redirect('?do=' . $_REQUEST['do']);
}
diff --git a/inc/session.inc.php b/inc/session.inc.php
index f06cd580..fc875669 100644
--- a/inc/session.inc.php
+++ b/inc/session.inc.php
@@ -8,6 +8,7 @@ class Session
private static $data = false;
private static $dataChanged = false;
private static $userId = 0;
+ private static $updateSessionDateline = false;
private static function generateSessionId(string $salt)
{
@@ -37,6 +38,7 @@ class Session
'userid' => $userId,
'fixedip' => $fixedAddress ? 1 : 0,
]);
+ self::setupSessionAccounting(true);
}
public static function load(): bool
@@ -48,6 +50,7 @@ class Session
if (self::readSessionData())
return true;
// Loading session data failed
+ self::$sid = false;
return false;
}
@@ -123,6 +126,8 @@ class Session
if ($row['fixedip'] && $row['lastip'] !== $_SERVER['REMOTE_ADDR']) {
return false; // Ignore but don't invalidate
}
+ // Refresh cookie if appropriate
+ self::setupSessionAccounting(Request::isGet() && $row['dateline'] + 86400 < $now + CONFIG_SESSION_TIMEOUT);
self::$userId = $row['userid'];
self::$data = @json_decode($row['data'], true);
if (!is_array(self::$data)) {
@@ -136,14 +141,28 @@ class Session
}
return true;
}
+
+ private static function setupSessionAccounting(bool $cookie)
+ {
+ if ($cookie) {
+ self::$updateSessionDateline = true;
+ $ret = setcookie('sid', self::$sid, time() + CONFIG_SESSION_TIMEOUT,
+ null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
+ if (!$ret)
+ Util::traceError('Error: Could not set Cookie for Client (headers already sent)');
+ }
+ register_shutdown_function(function () {
+ Session::saveInternal();
+ });
+ }
public static function saveInternal()
{
$now = time();
- $args = [
- 'dateline' => $now + CONFIG_SESSION_TIMEOUT,
- 'lastip' => $_SERVER['REMOTE_ADDR'],
- ];
+ $args = ['lastip' => $_SERVER['REMOTE_ADDR']];
+ if (self::$updateSessionDateline) {
+ $args['dateline'] = $now + CONFIG_SESSION_TIMEOUT;
+ }
if (self::$dataChanged) {
$args['data'] = json_encode(self::$data);
}
@@ -152,14 +171,6 @@ class Session
}, array_keys($args))) . " WHERE sid = :sid";
$args['sid'] = self::$sid;
Database::exec($query, $args);
- $ret = setcookie('sid', self::$sid, $now + CONFIG_SESSION_TIMEOUT,
- null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
- if (!$ret)
- Util::traceError('Error: Could not set Cookie for Client (headers already sent)');
}
}
-
-register_shutdown_function(function () {
- Session::saveInternal();
-});
diff --git a/inc/user.inc.php b/inc/user.inc.php
index d587c462..e89a4355 100644
--- a/inc/user.inc.php
+++ b/inc/user.inc.php
@@ -83,7 +83,7 @@ class User
}
}
- public static function getAllowedLocations($permission)
+ public static function getAllowedLocations(string $permission): array
{
if (!self::isLoggedIn())
return [];
@@ -105,7 +105,7 @@ class User
}
return $a;
}
- return array();
+ return [];
}
public static function load()