From: <pdo...@us...> - 2007-11-02 18:51:18
|
Revision: 12755 http://squirrelmail.svn.sourceforge.net/squirrelmail/?rev=12755&view=rev Author: pdontthink Date: 2007-11-02 11:51:17 -0700 (Fri, 02 Nov 2007) Log Message: ----------- Allow custom session handlers to work correctly (and be defined at the application level with SquirrelMail) -- TODO: Cannot forget to add info about this to the docs! Modified Paths: -------------- branches/SM-1_4-STABLE/squirrelmail/ChangeLog branches/SM-1_4-STABLE/squirrelmail/src/login.php Modified: branches/SM-1_4-STABLE/squirrelmail/ChangeLog =================================================================== --- branches/SM-1_4-STABLE/squirrelmail/ChangeLog 2007-11-01 19:53:00 UTC (rev 12754) +++ branches/SM-1_4-STABLE/squirrelmail/ChangeLog 2007-11-02 18:51:17 UTC (rev 12755) @@ -19,6 +19,8 @@ - Fixed issue with in-reply-to and reference headers not being retained on reply (#1810659). - Revived logout_error hook (#1800015). + - Allow custom session handlers to work correctly (and be defined at the + application level with SquirrelMail). Version 1.4.11 - 29 September 2007 Modified: branches/SM-1_4-STABLE/squirrelmail/src/login.php =================================================================== --- branches/SM-1_4-STABLE/squirrelmail/src/login.php 2007-11-01 19:53:00 UTC (rev 12754) +++ branches/SM-1_4-STABLE/squirrelmail/src/login.php 2007-11-02 18:51:17 UTC (rev 12755) @@ -61,6 +61,51 @@ $_SESSION = array(); } +/** + * Allow administrators to define custom session handlers + * for SquirrelMail without needing to change anything in + * php.ini (application-level). + * + * In config_local.php, admin needs to put: + * + * $custom_session_handlers = array( + * 'my_open_handler', + * 'my_close_handler', + * 'my_read_handler', + * 'my_write_handler', + * 'my_destroy_handler', + * 'my_gc_handler', + * ); + * session_module_name('user'); + * session_set_save_handler( + * $custom_session_handlers[0], + * $custom_session_handlers[1], + * $custom_session_handlers[2], + * $custom_session_handlers[3], + * $custom_session_handlers[4], + * $custom_session_handlers[5] + * ); + * + * We need to replicate that code once here because PHP has + * long had a bug that resets the session handler mechanism + * when the session data is also destroyed. Because of this + * bug, even administrators who define custom session handlers + * via a PHP pre-load defined in php.ini (auto_prepend_file) + * will still need to define the $custom_session_handlers array + * in config_local.php. + */ +global $custom_session_handlers; +if (!empty($custom_session_handlers)) { + $open = $custom_session_handlers[0]; + $close = $custom_session_handlers[1]; + $read = $custom_session_handlers[2]; + $write = $custom_session_handlers[3]; + $destroy = $custom_session_handlers[4]; + $gc = $custom_session_handlers[5]; + session_module_name('user'); + session_set_save_handler($open, $close, $read, $write, $destroy, $gc); +} + /* put session_expired_* variables back in session */ sqsession_is_active(); if (!empty($sel)) { This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |