Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

MDL-35029 core_session Refresh guest session if autologin as guest is…

… enabled
  • Loading branch information...
commit 65cd3f9c1698f649e134032a51b6a1689eb2a2d7 1 parent d71c486
@dmonllao dmonllao authored
Showing with 9 additions and 2 deletions.
  1. +9 −2 lib/sessionlib.php
View
11 lib/sessionlib.php
@@ -605,7 +605,11 @@ public function handler_read($sid) {
$ignoretimeout = false;
if (!empty($record->userid)) { // skips not logged in
if ($user = $this->database->get_record('user', array('id'=>$record->userid))) {
- if (!isguestuser($user)) {
+
+ // Refresh session if logged as a guest
+ if (isguestuser($user)) {
+ $ignoretimeout = true;
+ } else {
$authsequence = get_enabled_auth_plugins(); // auths, in sequence
foreach($authsequence as $authname) {
$authplugin = get_auth_plugin($authname);
@@ -925,9 +929,12 @@ function session_gc() {
}
$rs->close();
+ // Extending the timeout period for guest sessions as they are renewed.
$purgebefore = time() - $maxlifetime;
+ $purgebeforeguests = time() - ($maxlifetime * 5);
+
// delete expired sessions for guest user account
- $DB->delete_records_select('sessions', 'userid = ? AND timemodified < ?', array($CFG->siteguest, $purgebefore));
+ $DB->delete_records_select('sessions', 'userid = ? AND timemodified < ?', array($CFG->siteguest, $purgebeforeguests));
// delete expired sessions for userid = 0 (not logged in)
$DB->delete_records_select('sessions', 'userid = 0 AND timemodified < ?', array($purgebefore));
} catch (dml_exception $ex) {
Please sign in to comment.
Something went wrong with that request. Please try again.