From 00c4056a9a7cb2239d2db7cd6a322a164f86ad6a Mon Sep 17 00:00:00 2001
From: Fraenkiman <frank.pcn@gmail.com>
Date: Sat, 1 Feb 2025 00:50:11 +0100
Subject: [PATCH] Timeout for shell_exec call | More stability in session
 handling

See forum post by Laborix
https://forum.flatpress.org/viewtopic.php?t=828&sid=1b47a2f44a4d87f68cab19d537a1d714&start=20#p2957
---
 fp-includes/core/core.cookie.php   | 11 ++++++++---
 fp-includes/core/core.language.php |  2 +-
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/fp-includes/core/core.cookie.php b/fp-includes/core/core.cookie.php
index 552b92a74..c2a9d354c 100644
--- a/fp-includes/core/core.cookie.php
+++ b/fp-includes/core/core.cookie.php
@@ -87,6 +87,14 @@ function sess_setup() {
 		// Activate strict mode to prevent session fixation attacks
 		ini_set('session.use_strict_mode', 1);
 
+		// Set session timeout duration (e.g., 3600 seconds = 60 minutes)
+		$timeout_duration = 3600;
+		ini_set('session.gc_maxlifetime', $timeout_duration);
+
+		// Optimize Garbage Collection (adjust to session load)
+		ini_set('session.gc_probability', 1);
+		ini_set('session.gc_divisor', 50);
+
 		$session_cookie_options = get_cookie_options(0, true);
 
 		// Set session cookie parameters based on PHP version
@@ -110,9 +118,6 @@ function sess_setup() {
 				'; HttpOnly; SameSite=' . SAMESITE_VALUE);
 		}
 
-		// Set timeout duration in seconds (e.g., 3600 seconds = 60 minutes)
-		$timeout_duration = 3600;
-
 		if (isset($_SESSION ['last_activity'])) {
 			// Check if the session has expired
 			if (time() - $_SESSION ['last_activity'] > $timeout_duration) {
diff --git a/fp-includes/core/core.language.php b/fp-includes/core/core.language.php
index 01de322b3..2be068758 100644
--- a/fp-includes/core/core.language.php
+++ b/fp-includes/core/core.language.php
@@ -257,7 +257,7 @@ function set_locale() {
 	$supportedLocales = [];
 	if (function_exists('shell_exec') && is_callable('shell_exec')) {
 		// Checks the supported locales with locale -a and only uses valid combinations
-		$output = shell_exec('locale -a');
+		$output = shell_exec('timeout 5s locale -a');
 		if ($output !== null) {
 			$supportedLocales = explode("\n", trim($output));
 		}