ZoneMinder
/
zoneminder
mirror of https://github.com/ZoneMinder/zoneminder.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix auth timing out due to cookie timing out and getting deleted.

pull/2698/head
Isaac Connor 2019-09-04 12:14:32 -04:00
parent f568e0da30
commit 2993e52652
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
web/includes/session.php
View File

@ -21,11 +21,18 @@ function zm_session_start() {
session_start();
$_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking
$now = time();
// Do not allow to use expired session ID
if ( !empty($_SESSION['last_time']) && ($_SESSION['last_time'] < (time() - 180)) ) {
if ( !empty($_SESSION['last_time']) && ($_SESSION['last_time'] < ($now - 180)) ) {
ZM\Info('Destroying session due to timeout. ');
session_destroy();
session_start();
} else if ( !empty($_SESSION['generated_at']) ) {
ZM\Logger::Debug("Have generated_at: " . $_SESSION['generated_at']);
if ( $_SESSION['generated_at']<($now-(ZM_COOKIE_LIFETIME/2)) ) {
ZM\Logger::Debug("Regenerating session because generated_at " . $_SESSION['generated_at'] . ' < ' . $now . '-'.ZM_COOKIE_LIFETIME.'/2 = '.($now-ZM_COOKIE_LIFETIME/2));
zm_session_regenerate_id();
}
}
} // function zm_session_start()
@ -44,6 +51,7 @@ function zm_session_regenerate_id() {
session_start();
session_regenerate_id();
unset($_SESSION['last_time']);
$_SESSION['generated_at'] = time();
} // function zm_session_regenerate_id()
function is_session_started() {