Commit 60bcec16 authored by Carsten  Rose's avatar Carsten Rose
Browse files

Refs #7634. Session Timeout zu kurz. Add logout of FE user. Logout happens not...

Refs #7634. Session Timeout zu kurz. Add logout of FE user. Logout happens not directly on the first call, but on the second or third page access.
parent 1f5d27c2
Pipeline #1514 passed with stage
in 2 minutes and 24 seconds
...@@ -1541,7 +1541,7 @@ const HTML2PDF_PAGEID = 'id'; ...@@ -1541,7 +1541,7 @@ const HTML2PDF_PAGEID = 'id';
const HTML2PDF_PARAM_GET = 'paramGet'; const HTML2PDF_PARAM_GET = 'paramGet';
const HTML2PDF_URL_PRINT = 'urlPrint'; const HTML2PDF_URL_PRINT = 'urlPrint';
const SESSION_COOKIE_PREFEIX = 'qfq.cookie.'; // temporary 'cookie file' to forward `fe_user` and `qfq` session. const SESSION_COOKIE_PREFIX = 'qfq.cookie.'; // temporary 'cookie file' to forward `fe_user` and `qfq` session.
const SESSION_LAST_ACTIVITY = 'lastActivity'; const SESSION_LAST_ACTIVITY = 'lastActivity';
const SESSION_LAST_COOKIE_FE = 'lastCookieFe'; const SESSION_LAST_COOKIE_FE = 'lastCookieFe';
......
...@@ -43,7 +43,7 @@ class SessionCookie { ...@@ -43,7 +43,7 @@ class SessionCookie {
$path = $urlParts['path']; $path = $urlParts['path'];
// $_COOKIES[] // $_COOKIES[]
if (false === ($this->pathFileNameCookie = tempnam(sys_get_temp_dir(), SESSION_COOKIE_PREFEIX))) { if (false === ($this->pathFileNameCookie = tempnam(sys_get_temp_dir(), SESSION_COOKIE_PREFIX))) {
throw new CodeException('Error creating output file.', ERROR_IO_CREATE_FILE); throw new CodeException('Error creating output file.', ERROR_IO_CREATE_FILE);
} }
......
...@@ -8,12 +8,15 @@ ...@@ -8,12 +8,15 @@
namespace qfq; namespace qfq;
require_once(__DIR__ . '/../typo3/Misc.php');
/** /**
* Class Session * Class Session
* @package qfq * @package qfq
*/ */
class Session { class Session
{
private static $instance = null; private static $instance = null;
private static $phpUnit = null; private static $phpUnit = null;
...@@ -115,15 +118,14 @@ class Session { ...@@ -115,15 +118,14 @@ class Session {
*/ */
public static function destroy() { public static function destroy() {
if (isset($_COOKIE[SESSION_NAME])) {
unset($_COOKIE[SESSION_NAME]);
setcookie(SESSION_NAME, '', time() - 86400, '/'); // empty value and old timestamp
}
session_destroy(); session_destroy();
$_SESSION = array(); $_SESSION = array();
//TODO: FE User ausloggen bei Attack - funktioniert so nicht - vermutlich sollte ein T3 Funktion aufgerufen werden!
// session_name('fe_typo_user');
// session_start();
// session_destroy();
// $_SESSION = array();
} }
/** /**
...@@ -315,9 +317,8 @@ class Session { ...@@ -315,9 +317,8 @@ class Session {
if (time() - self::$lastActivity > $timeout) { if (time() - self::$lastActivity > $timeout) {
throw new UserFormException(json_encode( Misc::feLogOff();
[ERROR_MESSAGE_TO_USER => 'Your session is expired.', self::destroy();
ERROR_MESSAGE_SUPPORT => "lastActivity:" . self::$lastActivity . ' Timeout:' . $timeout]), ERROR_SESSION_EXPIRED);
} }
} }
......
...@@ -260,9 +260,7 @@ class Store { ...@@ -260,9 +260,7 @@ class Store {
if (defined('PHPUNIT_QFQ')) { if (defined('PHPUNIT_QFQ')) {
$cwd = getcwd(); $cwd = getcwd();
$pos = strpos($cwd, '/typo3conf/'); $pos = strpos($cwd, '/typo3conf/');
if ($pos == false) {
throw new CodeException("Directory component '/typo3conf/' not found in '$cwd'", 1);
}
// this means phpUnit. // this means phpUnit.
$config[SYSTEM_SITE_PATH] = substr($cwd, 0, $pos); $config[SYSTEM_SITE_PATH] = substr($cwd, 0, $pos);
$config[SYSTEM_EXT_PATH] = $config[SYSTEM_SITE_PATH] . $relExtDir; $config[SYSTEM_EXT_PATH] = $config[SYSTEM_SITE_PATH] . $relExtDir;
......
<?php
/**
* Created by PhpStorm.
* User: crose
* Date: 16.02.19
* Time: 18:44
*/
namespace qfq;
use qfq;
class Misc
{
public static function feLogOff()
{
$GLOBALS['TSFE']->fe_user->logoff();
}
}
\ No newline at end of file
...@@ -68,14 +68,6 @@ abstract class AbstractDatabaseTest extends TestCase { ...@@ -68,14 +68,6 @@ abstract class AbstractDatabaseTest extends TestCase {
$this->sip = new Sip(true); $this->sip = new Sip(true);
$this->sip->sipUniqId('badcaffee1234'); $this->sip->sipUniqId('badcaffee1234');
// SWITCH to TestDB
// $dbNamePhpUnit = $this->store->getVar('dbNamePhpUnit', STORE_SYSTEM . STORE_EMPTY);
// if ($dbNamePhpUnit == '') {
// $dbNamePhpUnit = $this->store->getVar('DB_1_NAME', STORE_SYSTEM) . '_phpunit';
// $this->store->setVar('dbNamePhpUnit', $dbNamePhpUnit, STORE_SYSTEM);
// }
// $this->store->setVar('DB_1_NAME', $dbNamePhpUnit, STORE_SYSTEM);
// $dbName = $this->store->getVar('DB_NAME_TEST', STORE_SYSTEM);
$dbName = $this->store->getVar('DB_1_NAME', STORE_SYSTEM); $dbName = $this->store->getVar('DB_1_NAME', STORE_SYSTEM);
if ($dbName == '') { if ($dbName == '') {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment