Permalink
Browse files

- Improve performance by avoiding unnecessary updates to the session …

…table (#1486325)
  • Loading branch information...
1 parent a72ad65 commit 929a508d801d9434c8d98dccd0311e3a707303ba @alecpl alecpl committed Mar 1, 2010
View
@@ -1,6 +1,7 @@
CHANGELOG RoundCube Webmail
===========================
+- Improve performance by avoiding unnecessary updates to the session table (#1486325)
- Fix invalid font tags which cause HTML message rendering problems (#1486521)
- Fix CVE-2010-0464: Disable DNS prefetching (#1486449)
- Fix Received headers to behave better with SpamAssassin (#1486513)
View
@@ -96,8 +96,8 @@
!empty($auth['host']) && !empty($auth['user']) &&
$RCMAIL->login($auth['user'], $auth['pass'], $auth['host'])) {
// create new session ID
- rcube_sess_unset('temp');
- rcube_sess_regenerate_id();
+ $RCMAIL->session->remove('temp');
+ $RCMAIL->session->regenerate_id();
// send auth cookie if necessary
$RCMAIL->authenticate_session();
@@ -221,7 +221,7 @@ function managesieve_actions()
if ($result === true) {
$this->rc->output->show_message('managesieve.setdeleted', 'confirmation');
$this->rc->output->command('managesieve_reload');
- rcube_sess_unset('managesieve_current');
+ $this->rc->session->remove('managesieve_current');
} else {
$this->rc->output->show_message('managesieve.setdeleteerror', 'error');
}
@@ -270,7 +270,7 @@ function managesieve_save()
if (!$error) {
$this->rc->output->show_message('managesieve.setcreated', 'confirmation');
$this->rc->output->command('parent.managesieve_reload', $name);
-// rcube_sess_unset('managesieve_current');
+// $this->rc->session->remove('managesieve_current');
} else {
$this->rc->output->show_message($error, 'error');
}
@@ -98,7 +98,7 @@ function save_data()
// save data if not empty
if (!empty($save_data['name']) && !empty($save_data['email'])) {
$rcmail->user->update_identity($identity['identity_id'], $save_data);
- rcube_sess_unset('plugin.newuserdialog');
+ $rcmail->session->remove('plugin.newuserdialog');
}
$rcmail->output->redirect('');
@@ -52,15 +52,6 @@
}
ini_set('error_reporting', E_ALL&~E_NOTICE);
-if (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) != 'off') {
- ini_set('session.cookie_secure', 1);
-} else {
- ini_set('session.cookie_secure', 0);
-}
-ini_set('session.name', 'roundcube_sessid');
-ini_set('session.use_cookies', 1);
-ini_set('session.use_only_cookies', 1);
-ini_set('session.serialize_handler', 'php');
// increase maximum execution time for php scripts
// (does not work in safe mode)
View
@@ -1487,12 +1487,20 @@ function rcube_https_check($port=null, $use_https=true)
return true;
if ($port && $_SERVER['SERVER_PORT'] == $port)
return true;
- if ($use_https && $RCMAIL->config->get('use_https'))
+ if ($use_https && isset($RCMAIL) && $RCMAIL->config->get('use_https'))
return true;
return false;
}
+// for backward compatibility
+function rcube_sess_unset($var_name=null)
+{
+ global $RCMAIL;
+
+ $RCMAIL->session->remove($var_name);
+}
+
/**
* E-mail address validation
View
@@ -35,6 +35,7 @@ class rcmail
public $config;
public $user;
public $db;
+ public $session;
public $smtp;
public $imap;
public $output;
@@ -82,8 +83,6 @@ private function __construct()
*/
private function startup()
{
- $config_all = $this->config->all();
-
// initialize syslog
if ($this->config->get('log_driver') == 'syslog') {
$syslog_id = $this->config->get('syslog_id', 'roundcube');
@@ -94,45 +93,29 @@ private function startup()
// connect to database
$GLOBALS['DB'] = $this->get_dbh();
- // use database for storing session data
- include_once('include/session.inc');
-
- // set session domain
- if (!empty($config_all['session_domain'])) {
- ini_set('session.cookie_domain', $config_all['session_domain']);
- }
- // set session garbage collecting time according to session_lifetime
- if (!empty($config_all['session_lifetime'])) {
- ini_set('session.gc_maxlifetime', ($config_all['session_lifetime']) * 120);
- }
-
- // start PHP session (if not in CLI mode)
- if ($_SERVER['REMOTE_ADDR'])
- session_start();
-
- // set initial session vars
- if (!isset($_SESSION['auth_time'])) {
- $_SESSION['auth_time'] = time();
- $_SESSION['temp'] = true;
- }
+ // start session
+ $this->session_init();
// create user object
$this->set_user(new rcube_user($_SESSION['user_id']));
+ // configure session (after user config merge!)
+ $this->session_configure();
+
// set task and action properties
$this->set_task(get_input_value('_task', RCUBE_INPUT_GPC));
$this->action = asciiwords(get_input_value('_action', RCUBE_INPUT_GPC));
// reset some session parameters when changing task
if ($_SESSION['task'] != $this->task)
- rcube_sess_unset('page');
+ $this->session->remove('page');
// set current task to session
$_SESSION['task'] = $this->task;
// init output class
if (!empty($_REQUEST['_remote']))
- $GLOBALS['OUTPUT'] = $this->init_json();
+ $GLOBALS['OUTPUT'] = $this->json_init();
else
$GLOBALS['OUTPUT'] = $this->load_gui(!empty($_REQUEST['_framed']));
@@ -314,11 +297,8 @@ public function load_gui($framed = false)
$this->output = new rcube_template($this->task, $framed);
// set keep-alive/check-recent interval
- if ($keep_alive = $this->config->get('keep_alive')) {
- // be sure that it's less than session lifetime
- if ($session_lifetime = $this->config->get('session_lifetime'))
- $keep_alive = min($keep_alive, $session_lifetime * 60 - 30);
- $this->output->set_env('keep_alive', max(60, $keep_alive));
+ if ($keep_alive = $this->session->get_keep_alive()) {
+ $this->output->set_env('keep_alive', $keep_alive);
}
if ($framed) {
@@ -343,7 +323,7 @@ public function load_gui($framed = false)
*
* @return object rcube_json_output Reference to JSON output object
*/
- public function init_json()
+ public function json_init()
{
if (!($this->output instanceof rcube_json_output))
$this->output = new rcube_json_output($this->task);
@@ -444,6 +424,65 @@ public function imap_connect()
/**
+ * Create session object and start the session.
+ */
+ public function session_init()
+ {
+ $lifetime = $this->config->get('session_lifetime', 0) * 60;
+
+ // set session domain
+ if ($domain = $this->config->get('session_domain')) {
+ ini_set('session.cookie_domain', $domain);
+ }
+ // set session garbage collecting time according to session_lifetime
+ if ($lifetime) {
+ ini_set('session.gc_maxlifetime', $lifetime * 2);
+ }
+
+ ini_set('session.cookie_secure', rcube_https_check());
+ ini_set('session.name', 'roundcube_sessid');
+ ini_set('session.use_cookies', 1);
+ ini_set('session.use_only_cookies', 1);
+ ini_set('session.serialize_handler', 'php');
+
+ // use database for storing session data
+ $this->session = new rcube_session($this->get_dbh(), $lifetime);
+
+ $this->session->register_gc_handler('rcmail_temp_gc');
+ if ($this->config->get('enable_caching'))
+ $this->session->register_gc_handler('rcmail_cache_gc');
+
+ // start PHP session (if not in CLI mode)
+ if ($_SERVER['REMOTE_ADDR'])
+ session_start();
+
+ // set initial session vars
+ if (!isset($_SESSION['auth_time'])) {
+ $_SESSION['auth_time'] = time();
+ $_SESSION['temp'] = true;
+ }
+ }
+
+
+ /**
+ * Configure session object internals
+ */
+ public function session_configure()
+ {
+ $lifetime = $this->config->get('session_lifetime', 0) * 60;
+
+ // set keep-alive/check-recent interval
+ if ($keep_alive = $this->config->get('keep_alive')) {
+ // be sure that it's less than session lifetime
+ if ($lifetime)
+ $keep_alive = min($keep_alive, $lifetime - 30);
+ $keep_alive = max(60, $keep_alive);
+ $this->session->set_keep_alive($keep_alive);
+ }
+ }
+
+
+ /**
* Perfom login to the IMAP server and to the webmail service.
* This will also create a new user entry if auto_create_user is configured.
*
@@ -794,8 +833,6 @@ public function list_languages()
*/
function authenticate_session()
{
- global $SESS_CLIENT_IP, $SESS_CHANGED;
-
// advanced session authentication
if ($this->config->get('double_auth')) {
$now = time();
@@ -810,12 +847,13 @@ function authenticate_session()
}
}
else {
- $valid = $this->config->get('ip_check') ? $_SERVER['REMOTE_ADDR'] == $SESS_CLIENT_IP : true;
+ $valid = $this->config->get('ip_check') ? $_SERVER['REMOTE_ADDR'] == $this->session->get_ip() : true;
}
// check session filetime
$lifetime = $this->config->get('session_lifetime');
- if (!empty($lifetime) && isset($SESS_CHANGED) && $SESS_CHANGED + $lifetime*60 < time()) {
+ $sess_ts = $this->session->get_ts();
+ if (!empty($lifetime) && !empty($sess_ts) && $sess_ts + $lifetime*60 < time()) {
$valid = false;
}
@@ -830,7 +868,7 @@ public function kill_session()
{
$this->plugins->exec_hook('kill_session');
- rcube_sess_unset();
+ $this->session->remove();
$_SESSION = array('language' => $this->user->language, 'auth_time' => time(), 'temp' => true);
rcmail::setcookie('sessauth', '-del-', time() - 60);
$this->user->reset();
@@ -69,7 +69,7 @@ private function __construct()
/**
* Load and init all enabled plugins
*
- * This has to be done after rcmail::load_gui() or rcmail::init_json()
+ * This has to be done after rcmail::load_gui() or rcmail::json_init()
* was called because plugins need to have access to rcmail->output
*/
public function init()
Oops, something went wrong.

0 comments on commit 929a508

Please sign in to comment.