aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2016-02-13 15:32:06 +0100
committerplegall <plg@piwigo.org>2016-02-13 15:32:06 +0100
commita6fbaf69c71c3b39666a6323c4c6bbb7cbb98310 (patch)
treec86890b271301e60da3901ea5a9f56fc975e3aed
parentbfb8b0b0fd2d85ab801e234ee2f7e5b024761919 (diff)
fixes #383, purge sessions on invalid user ids
-rw-r--r--admin/maintenance.php40
1 files changed, 40 insertions, 0 deletions
diff --git a/admin/maintenance.php b/admin/maintenance.php
index 9befd5032..3728d6094 100644
--- a/admin/maintenance.php
+++ b/admin/maintenance.php
@@ -109,6 +109,46 @@ DELETE
case 'sessions' :
{
pwg_session_gc();
+
+ // delete all sessions associated to invalid user ids (it should never happen)
+ $query = '
+SELECT
+ id,
+ data
+ FROM '.SESSIONS_TABLE.'
+;';
+ $sessions = query2array($query);
+
+ $query = '
+SELECT
+ '.$conf['user_fields']['id'].' AS id
+ FROM '.USERS_TABLE.'
+;';
+ $all_user_ids = query2array($query, 'id', null);
+
+ $sessions_to_delete = array();
+
+ foreach ($sessions as $session)
+ {
+ if (preg_match('/pwg_uid\|i:(\d+);/', $session['data'], $matches))
+ {
+ if (!isset($all_user_ids[ $matches[1] ]))
+ {
+ $sessions_to_delete[] = $session['id'];
+ }
+ }
+ }
+
+ if (count($sessions_to_delete) > 0)
+ {
+ $query = '
+DELETE
+ FROM '.SESSIONS_TABLE.'
+ WHERE id IN (\''.implode("','", $sessions_to_delete).'\')
+;';
+ pwg_query($query);
+ }
+
break;
}
case 'feeds' :