Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Marcus Andersson
aurweb
Commits
f961ffd9
Commit
f961ffd9
authored
Feb 22, 2011
by
Lukas Fleischer
Browse files
Add a per-user session limit (fixes FS#12898).
Signed-off-by:
Lukas Fleischer
<
archlinux@cryptocrack.de
>
parent
c39183c3
Changes
2
Hide whitespace changes
Inline
Side-by-side
web/lib/acctfuncs.inc
View file @
f961ffd9
...
...
@@ -601,7 +601,7 @@ function display_account_info($U="", $T="", $E="", $R="", $I="") {
* SID of 0 means login failed.
*/
function
try_login
()
{
global
$PERSISTENT_COOKIE_TIMEOUT
;
global
$MAX_SESSIONS_PER_USER
,
$PERSISTENT_COOKIE_TIMEOUT
;
$login_error
=
""
;
$new_sid
=
""
;
...
...
@@ -624,6 +624,20 @@ function try_login() {
$dbh
=
db_connect
();
while
(
!
$logged_in
&&
$num_tries
<
5
)
{
if
(
$MAX_SESSIONS_PER_USER
)
{
# Delete all user sessions except the
# last ($MAX_SESSIONS_PER_USER - 1).
$q
=
"DELETE s.* FROM Sessions s "
;
$q
.
=
"LEFT JOIN (SELECT SessionID FROM Sessions "
;
$q
.
=
"WHERE UsersId = '"
.
$userID
.
"' "
;
$q
.
=
"ORDER BY LastUpdateTS DESC "
;
$q
.
=
"LIMIT "
.
(
$MAX_SESSIONS_PER_USER
-
1
)
.
") q "
;
$q
.
=
"ON s.SessionID = q.SessionID "
;
$q
.
=
"WHERE s.UsersId = '"
.
$userID
.
"' "
;
$q
.
=
"AND q.SessionID IS NULL;"
;
db_query
(
$q
,
$dbh
);
}
$new_sid
=
new_sid
();
$q
=
"INSERT INTO Sessions (UsersID, SessionID, LastUpdateTS)"
.
" VALUES (
$userID
, '"
.
$new_sid
.
"', UNIX_TIMESTAMP())"
;
...
...
web/lib/config.inc.proto
View file @
f961ffd9
...
...
@@ -45,6 +45,9 @@ $SUPPORTED_LANGS = array(
"zh_CN"
=
>
"简体中文"
);
#
Session
limit
per
user
$
MAX_SESSIONS_PER_USER
=
8
;
#
Idle
seconds
before
timeout
$
LOGIN_TIMEOUT
=
7200
;
...
...
Frédéric Mangano-Tarumi
@fmang
mentioned in commit
aca57c5d
·
May 11, 2021
mentioned in commit
aca57c5d
mentioned in commit aca57c5de66dc46bef6bbde718069903d4075a10
Toggle commit list
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment