diff options
author | plegall <plg@piwigo.org> | 2016-02-13 15:32:06 +0100 |
---|---|---|
committer | plegall <plg@piwigo.org> | 2016-02-13 15:32:06 +0100 |
commit | a6fbaf69c71c3b39666a6323c4c6bbb7cbb98310 (patch) | |
tree | c86890b271301e60da3901ea5a9f56fc975e3aed /admin/maintenance.php | |
parent | bfb8b0b0fd2d85ab801e234ee2f7e5b024761919 (diff) |
fixes #383, purge sessions on invalid user ids
Diffstat (limited to '')
-rw-r--r-- | admin/maintenance.php | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/admin/maintenance.php b/admin/maintenance.php index 9befd5032..3728d6094 100644 --- a/admin/maintenance.php +++ b/admin/maintenance.php @@ -109,6 +109,46 @@ DELETE case 'sessions' : { pwg_session_gc(); + + // delete all sessions associated to invalid user ids (it should never happen) + $query = ' +SELECT + id, + data + FROM '.SESSIONS_TABLE.' +;'; + $sessions = query2array($query); + + $query = ' +SELECT + '.$conf['user_fields']['id'].' AS id + FROM '.USERS_TABLE.' +;'; + $all_user_ids = query2array($query, 'id', null); + + $sessions_to_delete = array(); + + foreach ($sessions as $session) + { + if (preg_match('/pwg_uid\|i:(\d+);/', $session['data'], $matches)) + { + if (!isset($all_user_ids[ $matches[1] ])) + { + $sessions_to_delete[] = $session['id']; + } + } + } + + if (count($sessions_to_delete) > 0) + { + $query = ' +DELETE + FROM '.SESSIONS_TABLE.' + WHERE id IN (\''.implode("','", $sessions_to_delete).'\') +;'; + pwg_query($query); + } + break; } case 'feeds' : |