Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

- Performance improvement: Remove redundant DELETE query (for old ses…

…sion deletion) on login
  • Loading branch information...
commit c294eaa3f27ca5f38101eb4a1692111ac0ee82f8 1 parent fb061aa
@alecpl alecpl authored
Showing with 11 additions and 8 deletions.
  1. +1 −0  CHANGELOG
  2. +4 −2 index.php
  3. +6 −6 program/include/rcube_session.php
View
1  CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG Roundcube Webmail
===========================
+- Remove redundant DELETE query (for old session deletion) on login
- Get around unreliable rand() and mt_rand() in session ID generation (#1486281)
- Fix some emails are not shown using Cyrus IMAP (#1487820)
- Fix handling of mime-encoded words with non-integral number of octets in a word (#1487801)
View
6 index.php
@@ -98,7 +98,9 @@
$RCMAIL->login($auth['user'], $auth['pass'], $auth['host'])) {
// create new session ID
$RCMAIL->session->remove('temp');
- $RCMAIL->session->regenerate_id();
+ // regenerate the session, don't destroy the current session
+ // it was destroyed already by $RCMAIL->kill_session() above
+ $RCMAIL->session->regenerate_id(false);
// send auth cookie if necessary
$RCMAIL->session->set_auth_cookie();
@@ -110,7 +112,7 @@
$query = array();
if ($url = get_input_value('_url', RCUBE_INPUT_POST)) {
parse_str($url, $query);
-
+
// prevent endless looping on login page
if ($query['_task'] == 'login')
unset($query['_task']);
View
12 program/include/rcube_session.php
@@ -205,15 +205,15 @@ public function register_gc_handler($func_name)
/**
* Generate and set new session id
+ *
+ * @param boolean $destroy If enabled the current session will be destroyed
*/
- public function regenerate_id()
+ public function regenerate_id($destroy=true)
{
- // delete old session record
- $this->destroy(session_id());
- $this->vars = false;
+ session_regenerate_id($destroy);
- session_regenerate_id(false);
- $this->key = session_id();
+ $this->vars = false;
+ $this->key = session_id();
return true;
}
Please sign in to comment.
Something went wrong with that request. Please try again.