Commit 60bcec16 authored by Carsten  Rose's avatar Carsten Rose
Browse files

Refs #7634. Session Timeout zu kurz. Add logout of FE user. Logout happens not...

Refs #7634. Session Timeout zu kurz. Add logout of FE user. Logout happens not directly on the first call, but on the second or third page access.
parent 1f5d27c2
Pipeline #1514 passed with stage
in 2 minutes and 24 seconds
......@@ -1541,7 +1541,7 @@ const HTML2PDF_PAGEID = 'id';
const HTML2PDF_PARAM_GET = 'paramGet';
const HTML2PDF_URL_PRINT = 'urlPrint';
const SESSION_COOKIE_PREFEIX = 'qfq.cookie.'; // temporary 'cookie file' to forward `fe_user` and `qfq` session.
const SESSION_COOKIE_PREFIX = 'qfq.cookie.'; // temporary 'cookie file' to forward `fe_user` and `qfq` session.
const SESSION_LAST_ACTIVITY = 'lastActivity';
const SESSION_LAST_COOKIE_FE = 'lastCookieFe';
......
......@@ -43,7 +43,7 @@ class SessionCookie {
$path = $urlParts['path'];
// $_COOKIES[]
if (false === ($this->pathFileNameCookie = tempnam(sys_get_temp_dir(), SESSION_COOKIE_PREFEIX))) {
if (false === ($this->pathFileNameCookie = tempnam(sys_get_temp_dir(), SESSION_COOKIE_PREFIX))) {
throw new CodeException('Error creating output file.', ERROR_IO_CREATE_FILE);
}
......
......@@ -8,12 +8,15 @@
namespace qfq;
require_once(__DIR__ . '/../typo3/Misc.php');
/**
* Class Session
* @package qfq
*/
class Session {
class Session
{
private static $instance = null;
private static $phpUnit = null;
......@@ -115,15 +118,14 @@ class Session {
*/
public static function destroy() {
if (isset($_COOKIE[SESSION_NAME])) {
unset($_COOKIE[SESSION_NAME]);
setcookie(SESSION_NAME, '', time() - 86400, '/'); // empty value and old timestamp
}
session_destroy();
$_SESSION = array();
//TODO: FE User ausloggen bei Attack - funktioniert so nicht - vermutlich sollte ein T3 Funktion aufgerufen werden!
// session_name('fe_typo_user');
// session_start();
// session_destroy();
// $_SESSION = array();
}
/**
......@@ -315,9 +317,8 @@ class Session {
if (time() - self::$lastActivity > $timeout) {
throw new UserFormException(json_encode(
[ERROR_MESSAGE_TO_USER => 'Your session is expired.',
ERROR_MESSAGE_SUPPORT => "lastActivity:" . self::$lastActivity . ' Timeout:' . $timeout]), ERROR_SESSION_EXPIRED);
Misc::feLogOff();
self::destroy();
}
}
......
......@@ -260,9 +260,7 @@ class Store {
if (defined('PHPUNIT_QFQ')) {
$cwd = getcwd();
$pos = strpos($cwd, '/typo3conf/');
if ($pos == false) {
throw new CodeException("Directory component '/typo3conf/' not found in '$cwd'", 1);
}
// this means phpUnit.
$config[SYSTEM_SITE_PATH] = substr($cwd, 0, $pos);
$config[SYSTEM_EXT_PATH] = $config[SYSTEM_SITE_PATH] . $relExtDir;
......
<?php
/**
* Created by PhpStorm.
* User: crose
* Date: 16.02.19
* Time: 18:44
*/
namespace qfq;
use qfq;
class Misc
{
public static function feLogOff()
{
$GLOBALS['TSFE']->fe_user->logoff();
}
}
\ No newline at end of file
......@@ -68,14 +68,6 @@ abstract class AbstractDatabaseTest extends TestCase {
$this->sip = new Sip(true);
$this->sip->sipUniqId('badcaffee1234');
// SWITCH to TestDB
// $dbNamePhpUnit = $this->store->getVar('dbNamePhpUnit', STORE_SYSTEM . STORE_EMPTY);
// if ($dbNamePhpUnit == '') {
// $dbNamePhpUnit = $this->store->getVar('DB_1_NAME', STORE_SYSTEM) . '_phpunit';
// $this->store->setVar('dbNamePhpUnit', $dbNamePhpUnit, STORE_SYSTEM);
// }
// $this->store->setVar('DB_1_NAME', $dbNamePhpUnit, STORE_SYSTEM);
// $dbName = $this->store->getVar('DB_NAME_TEST', STORE_SYSTEM);
$dbName = $this->store->getVar('DB_1_NAME', STORE_SYSTEM);
if ($dbName == '') {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment