fixes #383, purge sessions on invalid user ids
This commit is contained in:
plegall
parent
bfb8b0b0fd
commit
a6fbaf69c7
1 changed files with 40 additions and 0 deletions
|
|
@ -109,6 +109,46 @@ DELETE
|
||||||
case 'sessions' :
|
case 'sessions' :
|
||||||
{
|
{
|
||||||
pwg_session_gc();
|
pwg_session_gc();
|
||||||
|
|
||||||
|
// delete all sessions associated to invalid user ids (it should never happen)
|
||||||
|
$query = '
|
||||||
|
SELECT
|
||||||
|
id,
|
||||||
|
data
|
||||||
|
FROM '.SESSIONS_TABLE.'
|
||||||
|
;';
|
||||||
|
$sessions = query2array($query);
|
||||||
|
|
||||||
|
$query = '
|
||||||
|
SELECT
|
||||||
|
'.$conf['user_fields']['id'].' AS id
|
||||||
|
FROM '.USERS_TABLE.'
|
||||||
|
;';
|
||||||
|
$all_user_ids = query2array($query, 'id', null);
|
||||||
|
|
||||||
|
$sessions_to_delete = array();
|
||||||
|
|
||||||
|
foreach ($sessions as $session)
|
||||||
|
{
|
||||||
|
if (preg_match('/pwg_uid\|i:(\d+);/', $session['data'], $matches))
|
||||||
|
{
|
||||||
|
if (!isset($all_user_ids[ $matches[1] ]))
|
||||||
|
{
|
||||||
|
$sessions_to_delete[] = $session['id'];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (count($sessions_to_delete) > 0)
|
||||||
|
{
|
||||||
|
$query = '
|
||||||
|
DELETE
|
||||||
|
FROM '.SESSIONS_TABLE.'
|
||||||
|
WHERE id IN (\''.implode("','", $sessions_to_delete).'\')
|
||||||
|
;';
|
||||||
|
pwg_query($query);
|
||||||
|
}
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case 'feeds' :
|
case 'feeds' :
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue