mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-01-03 16:51:40 +09:00
Remove $relax_key_checks because we are no longer using Flash uploader
This commit is contained in:
Kijin Sung
parent
b7a975a54d
commit
426a971c6c
2 changed files with 7 additions and 18 deletions
|
|
@ -369,11 +369,10 @@ class Context
|
|||
}
|
||||
|
||||
// start session
|
||||
$relax_key_checks = ((self::$_get_vars->act ?? null) === 'procFileUpload' && preg_match('/shockwave\s?flash/i', $_SERVER['HTTP_USER_AGENT'] ?? ''));
|
||||
if (\PHP_SAPI !== 'cli')
|
||||
{
|
||||
Rhymix\Framework\Session::checkSSO($site_module_info);
|
||||
Rhymix\Framework\Session::start(false, $relax_key_checks);
|
||||
Rhymix\Framework\Session::start(false);
|
||||
}
|
||||
|
||||
// start output buffer
|
||||
|
|
|
|||
|
|
@ -61,10 +61,9 @@ class Session
|
|||
* There is usually no need to call it manually.
|
||||
*
|
||||
* @param bool $force (optional)
|
||||
* @param bool $relax_key_checks (optional)
|
||||
* @return bool
|
||||
*/
|
||||
public static function start($force = false, $relax_key_checks = false)
|
||||
public static function start($force = false)
|
||||
{
|
||||
// Do not start the session if it is already started.
|
||||
if (self::$_started)
|
||||
|
|
@ -94,12 +93,6 @@ class Session
|
|||
session_set_cookie_params($lifetime, $path, $domain, $secure, $secure);
|
||||
session_name($session_name = Config::get('session.name') ?: session_name());
|
||||
|
||||
// Get session ID from POST parameter if using relaxed key checks.
|
||||
if ($relax_key_checks && isset($_POST[$session_name]))
|
||||
{
|
||||
session_id($_POST[$session_name]);
|
||||
}
|
||||
|
||||
// Check if the session cookie already exists.
|
||||
$cookie_exists = isset($_COOKIE[$session_name]);
|
||||
|
||||
|
|
@ -125,10 +118,7 @@ class Session
|
|||
// Fetch session keys.
|
||||
list($key1, $key2, self::$_autologin_key) = self::_getKeys();
|
||||
$must_create = $must_refresh = $must_resend_keys = false;
|
||||
if (config('session.use_keys') === false)
|
||||
{
|
||||
$relax_key_checks = true;
|
||||
}
|
||||
$check_keys = config('session.use_keys');
|
||||
|
||||
// Check whether the visitor uses Android webview.
|
||||
if (!isset($_SESSION['is_webview']))
|
||||
|
|
@ -151,7 +141,7 @@ class Session
|
|||
{
|
||||
$must_resend_keys = true;
|
||||
}
|
||||
elseif (!$relax_key_checks && !$_SESSION['is_webview'])
|
||||
elseif ($check_keys && !$_SESSION['is_webview'])
|
||||
{
|
||||
// Hacked session! Destroy everything.
|
||||
trigger_error('Session is invalid (missing key 1)', \E_USER_WARNING);
|
||||
|
|
@ -180,7 +170,7 @@ class Session
|
|||
{
|
||||
$must_resend_keys = true;
|
||||
}
|
||||
elseif (!$relax_key_checks && !$_SESSION['is_webview'])
|
||||
elseif ($check_keys && !$_SESSION['is_webview'])
|
||||
{
|
||||
// Hacked session! Destroy everything.
|
||||
trigger_error('Session is invalid (missing key 2)', \E_USER_WARNING);
|
||||
|
|
@ -191,11 +181,11 @@ class Session
|
|||
}
|
||||
|
||||
// Check the refresh interval.
|
||||
if (!$must_create && $_SESSION['RHYMIX']['keys'][$alt_domain]['key1_time'] < time() - $refresh_interval && !$relax_key_checks)
|
||||
if (!$must_create && $_SESSION['RHYMIX']['keys'][$alt_domain]['key1_time'] < time() - $refresh_interval && $check_keys)
|
||||
{
|
||||
$must_refresh = true;
|
||||
}
|
||||
elseif (!$must_create && \RX_SSL && $_SESSION['RHYMIX']['keys'][$alt_domain]['key2_time'] < time() - $refresh_interval && !$relax_key_checks)
|
||||
elseif (!$must_create && \RX_SSL && $_SESSION['RHYMIX']['keys'][$alt_domain]['key2_time'] < time() - $refresh_interval && $check_keys)
|
||||
{
|
||||
$must_refresh = true;
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue