6.0.0-git
2021-01-18

[#8482] Session not cleaned up in alarms.php
Summary Session not cleaned up in alarms.php
Queue Horde Base
Queue Version HEAD
Type Enhancement
State Resolved
Priority 1. Low
Owners mrubinsk (at) horde (dot) org
Requester js-horde (at) jk1 (dot) net
Created 2009-08-05 (4184 days ago)
Due
Updated 2009-11-13 (4084 days ago)
Assigned 2009-11-13 (4084 days ago)
Resolved 2009-11-13 (4084 days ago)
Milestone
Patch No

History
2009-11-13 14:32:12 Michael Rubinsky State ⇒ Resolved
 
2009-11-13 14:31:35 CVS Commit Comment #17 Reply to this comment
Changes have been made in Git for this ticket:

Only destroy the session if we are actually running via the cli. Bug: 
8482 and also resolves Bug: 8701

http://git.horde.org/diff.php/framework/Cli/lib/Horde/Cli.php?rt=horde-git&r1=4c1ef7437017c2c9aee53eecb0dc3dea03ab3b97&r2=778778570869506ccec9470e15ba9f79c06912d0
2009-11-13 14:28:41 CVS Commit Comment #16 Reply to this comment
Changes have been made in CVS for this ticket:

Only destroy the session if we are actually running via the cli.
Also fixes Bug: 8701
Bug: 8482
http://cvs.horde.org/diff.php/framework/CLI/Attic/CLI.php?rt=horde&r1=1.42.6.27&r2=1.42.6.28&ty=u
2009-11-13 08:42:30 Jan Schneider Comment #15
Assigned to Michael Rubinsky
Taken from Horde DevelopersHorde Developers
Taken from Jan Schneider
State ⇒ Assigned
Reply to this comment
Good idea.
2009-11-13 05:00:20 Chuck Hagenbuch Comment #14 Reply to this comment
That looks reasonable to me...
2009-11-13 01:51:01 Michael Rubinsky Comment #13 Reply to this comment
What about only registering the shutdown function if we are running 
from the cli? i.e.:

-        register_shutdown_function(array($this, '_shutdown'));
+        if ($this->_console) {
+            register_shutdown_function(array($this, '_shutdown'));
+        }
      }

2009-11-12 15:31:25 Jan Schneider Comment #12 Reply to this comment
What actually requires a functional session when running from the
CLI?
Doesn't Auth use $_SESSION? So any script that needs an actual user 
name to be set in auth would require a session, right?
Yes, and the superglobal is only created when a session is started.

2009-11-12 15:21:31 Michael Rubinsky Comment #11 Reply to this comment
What actually requires a functional session when running from the CLI?
Doesn't Auth use $_SESSION? So any script that needs an actual user 
name to be set in auth would require a session, right?

2009-11-12 15:02:21 Chuck Hagenbuch Comment #10
Assigned to Horde DevelopersHorde Developers
Reply to this comment
What actually requires a functional session when running from the CLI? 
I was thinking that we should just not call session_start() if 
php_sapi_name() == 'cli'.
2009-11-12 14:55:31 Michael Rubinsky Comment #9 Reply to this comment
The session is not started in CLI,
Maybe for the CLI scripts that do require a session, then the script 
itself should be responsible for destroying it.  At a minimum, we 
should allow passing an option to CLI to indicate we don't want to 
kill any active sessions.



2009-11-12 07:50:22 Jan Schneider Comment #8 Reply to this comment
The session is not started in CLI, and there's no guarantee that it 
will be loaded before base.php. Beside that, it wouldn't help with bug 
8482, because backend.php wouldn't even work without a session.
2009-11-12 04:02:47 Chuck Hagenbuch Comment #7
State ⇒ Feedback
Reply to this comment
Hmm... as pointed out somewhat by #8701, maybe a better solution would 
be to avoid opening a session from the CLI in the first place?
2009-08-17 18:11:31 js-horde (at) jk1 (dot) net Comment #6 Reply to this comment
Instead I went ahead and added this as a shutdown method in the CLI
constructor, so that the session is destroyed at the end of *any* CLI
script.
I tested that, and it seems to work for me.  I'm glad you came up with 
a more comprehensive approach.

Thanks for fixing it.
2009-08-14 22:02:32 Jan Schneider Comment #5
Assigned to Jan Schneider
State ⇒ Resolved
Reply to this comment
Instead I went ahead and added this as a shutdown method in the CLI 
constructor, so that the session is destroyed at the end of *any* CLI 
script.
2009-08-14 22:00:05 Jan Schneider Type ⇒ Enhancement
State ⇒ Assigned
Priority ⇒ 1. Low
 
2009-08-12 14:27:02 js-horde (at) jk1 (dot) net Comment #3 Reply to this comment
That looks like a nice addition. Why do you call clearAuth(), if the
session is destroyed anyway?
Only because that's what login.php does for a logout.  I just copied 
what was done there.
2009-08-06 10:18:40 Jan Schneider Comment #2
State ⇒ Feedback
Reply to this comment
That looks like a nice addition. Why do you call clearAuth(), if the 
session is destroyed anyway?
2009-08-05 17:12:56 js-horde (at) jk1 (dot) net Comment #1
Type ⇒ Bug
State ⇒ Unconfirmed
Priority ⇒ 1. Low
Summary ⇒ Session not cleaned up in alarms.php
Queue ⇒ Horde Base
Milestone ⇒
Patch ⇒ Yes
New Attachment: horde_alarms.php.patch Download
Reply to this comment
Perhaps I have my sessions mis-configured, but with current 
alarms.php, I get sessions left around every time my alarms.php cron 
job runs.  The attached patch nukes the session when finished.

Saved Queries