Tickets :: [#8482] Session not cleaned up in alarms.php

6.0.0-beta1

7/4/25

Summary	Session not cleaned up in alarms.php
Queue	Horde Base
Queue Version	HEAD
Type	Enhancement
State	Resolved
Priority	1. Low
Owners	mrubinsk (at) horde (dot) org
Requester	js-horde (at) jk1 (dot) net
Created	08/05/2009 (5812 days ago)
Due
Updated	11/13/2009 (5712 days ago)
Assigned	11/13/2009 (5712 days ago)
Resolved	11/13/2009 (5712 days ago)
Milestone
Patch	No

11/13/2009 02:32:12 PM	Michael Rubinsky	State ⇒ Resolved

11/13/2009 02:31:35 PM	CVS Commit	Comment #17	Reply to this comment
Changes have been made in Git for this ticket: Only destroy the session if we are actually running via the cli. Bug: 8482 and also resolves ~~Bug: 8701~~ http://git.horde.org/diff.php/framework/Cli/lib/Horde/Cli.php?rt=horde-git&r1=4c1ef7437017c2c9aee53eecb0dc3dea03ab3b97&r2=778778570869506ccec9470e15ba9f79c06912d0

11/13/2009 02:28:41 PM	CVS Commit	Comment #16	Reply to this comment
Changes have been made in CVS for this ticket: Only destroy the session if we are actually running via the cli. Also fixes ~~Bug: 8701~~ ~~Bug: 8482~~ http://cvs.horde.org/diff.php/framework/CLI/Attic/CLI.php?rt=horde&r1=1.42.6.27&r2=1.42.6.28&ty=u

11/13/2009 08:42:30 AM	Jan Schneider	Comment #15 State ⇒ Assigned Taken from Jan Schneider Taken from Horde Developers Assigned to Michael Rubinsky	Reply to this comment
Good idea.

11/13/2009 05:00:20 AM	Chuck Hagenbuch	Comment #14	Reply to this comment
That looks reasonable to me...

11/13/2009 01:51:01 AM	Michael Rubinsky	Comment #13	Reply to this comment
What about only registering the shutdown function if we are running from the cli? i.e.: - register_shutdown_function(array($this, '_shutdown')); + if ($this->_console) { + register_shutdown_function(array($this, '_shutdown')); + } }

11/12/2009 03:31:25 PM	Jan Schneider	Comment #12	Reply to this comment
What actually requires a functional session when running from the CLI? Doesn't Auth use $_SESSION? So any script that needs an actual user name to be set in auth would require a session, right? Yes, and the superglobal is only created when a session is started.

11/12/2009 03:21:31 PM	Michael Rubinsky	Comment #11	Reply to this comment
What actually requires a functional session when running from the CLI? Doesn't Auth use $_SESSION? So any script that needs an actual user name to be set in auth would require a session, right?

11/12/2009 03:02:21 PM	Chuck Hagenbuch	Comment #10 Assigned to Horde Developers	Reply to this comment
What actually requires a functional session when running from the CLI? I was thinking that we should just not call session_start() if php_sapi_name() == 'cli'.

11/12/2009 02:55:31 PM	Michael Rubinsky	Comment #9	Reply to this comment
The session is not started in CLI, Maybe for the CLI scripts that do require a session, then the script itself should be responsible for destroying it. At a minimum, we should allow passing an option to CLI to indicate we don't want to kill any active sessions.

11/12/2009 07:50:22 AM	Jan Schneider	Comment #8	Reply to this comment
The session is not started in CLI, and there's no guarantee that it will be loaded before base.php. Beside that, it wouldn't help with bug 8482, because backend.php wouldn't even work without a session.

11/12/2009 04:02:47 AM	Chuck Hagenbuch	Comment #7 State ⇒ Feedback	Reply to this comment
Hmm... as pointed out somewhat by ~~#8701~~, maybe a better solution would be to avoid opening a session from the CLI in the first place?

08/17/2009 06:11:31 PM	js-horde (at) jk1 (dot) net	Comment #6	Reply to this comment
Instead I went ahead and added this as a shutdown method in the CLI constructor, so that the session is destroyed at the end of any CLI script. I tested that, and it seems to work for me. I'm glad you came up with a more comprehensive approach. Thanks for fixing it.

08/14/2009 10:02:32 PM	Jan Schneider	Comment #5 Assigned to Jan Schneider State ⇒ Resolved	Reply to this comment
Instead I went ahead and added this as a shutdown method in the CLI constructor, so that the session is destroyed at the end of any CLI script.

08/14/2009 10:00:29 PM	CVS Commit	Comment #4	Reply to this comment
Changes have been made in CVS for this ticket: http://cvs.horde.org/diff.php/framework/CLI/Attic/CLI.php?rt=horde&r1=1.42.6.25&r2=1.42.6.26&ty=u

08/14/2009 10:00:05 PM	Jan Schneider	Type ⇒ Enhancement Priority ⇒ 1. Low State ⇒ Assigned

08/12/2009 02:27:02 PM	js-horde (at) jk1 (dot) net	Comment #3	Reply to this comment
That looks like a nice addition. Why do you call clearAuth(), if the session is destroyed anyway? Only because that's what login.php does for a logout. I just copied what was done there.

08/06/2009 10:18:40 AM	Jan Schneider	Comment #2 State ⇒ Feedback	Reply to this comment
That looks like a nice addition. Why do you call clearAuth(), if the session is destroyed anyway?

08/05/2009 05:12:56 PM	js-horde (at) jk1 (dot) net	Comment #1 Priority ⇒ 1. Low State ⇒ Unconfirmed New Attachment: horde_alarms.php.patch Patch ⇒ Yes Milestone ⇒ Queue ⇒ Horde Base Summary ⇒ Session not cleaned up in alarms.php Type ⇒ Bug	Reply to this comment
Perhaps I have my sessions mis-configured, but with current alarms.php, I get sessions left around every time my alarms.php cron job runs. The attached patch nukes the session when finished.