use SL::Auth::DB;
use SL::Auth::LDAP;
+use SL::SessionFile;
use SL::User;
use SL::DBConnect;
use SL::DBUpgrade2;
$dbh->commit();
+ SL::SessionFile->destroy_session($session_id);
+
$session_id = undef;
$self->{SESSION} = { };
}
my $self = shift;
+ $main::lxdebug->leave_sub and return if !$self->session_tables_present;
+
my $dbh = $self->dbconnect();
- $dbh->begin_work;
+ my $query = qq|SELECT id
+ FROM auth.session
+ WHERE (mtime < (now() - '$self->{session_timeout}m'::interval))|;
- my $query =
- qq|DELETE FROM auth.session_content
- WHERE session_id IN
- (SELECT id
- FROM auth.session
- WHERE (mtime < (now() - '$self->{session_timeout}m'::interval)))|;
+ my @ids = selectall_array_query($::form, $dbh, $query);
+
+ if (@ids) {
+ $dbh->begin_work;
- do_query($main::form, $dbh, $query);
+ SL::SessionFile->destroy_session($_) for @ids;
- $query =
- qq|DELETE FROM auth.session
- WHERE (mtime < (now() - '$self->{session_timeout}m'::interval))|;
+ $query = qq|DELETE FROM auth.session_content
+ WHERE session_id IN (| . join(', ', ('?') x scalar(@ids)) . qq|)|;
+ do_query($main::form, $dbh, $query, @ids);
- do_query($main::form, $dbh, $query);
+ $query = qq|DELETE FROM auth.session
+ WHERE id IN (| . join(', ', ('?') x scalar(@ids)) . qq|)|;
+ do_query($main::form, $dbh, $query, @ids);
- $dbh->commit();
+ $dbh->commit();
+ }
$main::lxdebug->leave_sub();
}
my $dbh = $provided_dbh || $self->dbconnect(1);
- $::lxdebug->leave_sub && return unless $dbh;
+ $::lxdebug->leave_sub && return unless $dbh && $session_id;
$dbh->begin_work unless $provided_dbh;
$main::lxdebug->enter_sub();
my $self = shift;
+
+ # Only re-check for the presence of auth tables if either the check
+ # hasn't been done before of if they weren't present.
+ if ($self->{session_tables_present}) {
+ $main::lxdebug->leave_sub();
+ return $self->{session_tables_present};
+ }
+
my $dbh = $self->dbconnect(1);
if (!$dbh) {
my ($count) = selectrow_query($main::form, $dbh, $query);
+ $self->{session_tables_present} = 2 == $count;
+
$main::lxdebug->leave_sub();
- return 2 == $count;
+ return $self->{session_tables_present};
}
# --------------------------------------
}
sub assert {
- $main::lxdebug->enter_sub(2);
-
- my $self = shift;
- my $right = shift;
- my $dont_abort = shift;
-
- my $form = $main::form;
+ $::lxdebug->enter_sub(2);
+ my ($self, $right, $dont_abort) = @_;
- if ($self->check_right($form->{login}, $right)) {
- $main::lxdebug->leave_sub(2);
+ if ($self->check_right($::myconfig{login}, $right)) {
+ $::lxdebug->leave_sub(2);
return 1;
}
if (!$dont_abort) {
- delete $form->{title};
- $form->show_generic_error($main::locale->text("You do not have the permissions to access this function."));
+ delete $::form->{title};
+ $::form->show_generic_error($::locale->text("You do not have the permissions to access this function."));
}
- $main::lxdebug->leave_sub(2);
+ $::lxdebug->leave_sub(2);
return 0;
}
my $dbh = $self->dbconnect;
my ($query, $sth, $row, $rights);
- $rights = { map { $rights->{$_} = 0 } all_rights() };
+ $rights = { map { $_ => 0 } all_rights() };
$query =
qq|SELECT gr."right", gr.granted