Skip to content

Session Issue #10

New issue
New issue
Open
Open
Session Issue#10
@crepit

Description

@crepit
crepit
opened on Aug 6, 2015

Hi Patrick,

I ran into another issue after our traffic increased. The code in function login($username, $password) piggy backs any additional logins of the same user to the same session. This causes a problem because when I have a long running request and then a short request comes in and logs in and out the long running process no longer has a valid session. I removed the piggy back of the session by removing the if block and leaving the else code in place.

Original block:

        $sql = "userid = {$user->id} AND verified = 1 AND
                                    ip='$userip' AND sessionend = 0 AND
                                    (" . time() . "- sessionbegin) < " . $this->sessiontimeout;

        //$this->debug_output($sql);
        if ($sess = ws_get_record_select('webservices_sessions', $sql)) {
            //return $this->error('A session already exists for this user (' . $user->login . ')');
            /*
            if ($sess->ip != $userip)
                return $this->error(get_string('ws_ipadressmismatch', 'local_wspp',$userip."!=".$sess->ip));
            */
            //give him more time
            ws_set_field('webservices_sessions', 'sessionbegin', time(), 'id', $sess->id);
            // V1.6 reuse current session
        } else {
            $this->debug_output('nouvelle session ');
            /// Login valid, create a new session record for this client.
            $sess = new stdClass;
            $sess->userid = $user->id;
            $sess->verified = true;
            $sess->ip = $userip;
            $sess->sessionbegin = time();
            $sess->sessionend = 0;
            $sess->sessionkey = $this->add_session_key();
            if ($sess->id = ws_insert_record('webservices_sessions', $sess)) {
                if ($CFG->ws_logoperations)
                    add_to_log(SITEID, 'webservice', 'webservice pp', '', __FUNCTION__);
            } else
                return $this->error(get_string('ws_errorregistersession', 'local_wspp'));
            // rev 1.8.2  important when connecting via smartphones ...
            $USER = $user;
            update_user_login_times();

        }

Fixed block:

        $this->debug_output('nouvelle session ');
        /// Login valid, create a new session record for this client.
        $sess = new stdClass;
        $sess->userid = $user->id;
        $sess->verified = true;
        $sess->ip = $userip;
        $sess->sessionbegin = time();
        $sess->sessionend = 0;
        $sess->sessionkey = $this->add_session_key();
        if ($sess->id = ws_insert_record('webservices_sessions', $sess)) {
            if ($CFG->ws_logoperations)
                add_to_log(SITEID, 'webservice', 'webservice pp', '', __FUNCTION__);
        } else
            return $this->error(get_string('ws_errorregistersession', 'local_wspp'));
        // rev 1.8.2  important when connecting via smartphones ...
        $USER = $user;
        update_user_login_times();

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions