diff options
-rw-r--r-- | include/functions.php | 51 | ||||
-rw-r--r-- | include/sessions.php | 71 | ||||
-rw-r--r-- | plugins/googlereaderimport/init.php | 20 |
3 files changed, 82 insertions, 60 deletions
diff --git a/include/functions.php b/include/functions.php index ea69b5f38..b9c30c6ce 100644 --- a/include/functions.php +++ b/include/functions.php @@ -699,57 +699,6 @@ return $csrf_token == $_SESSION['csrf_token']; } - function validate_session($link) { - if (SINGLE_USER_MODE) return true; - - $check_ip = $_SESSION['ip_address']; - - switch (SESSION_CHECK_ADDRESS) { - case 0: - $check_ip = ''; - break; - case 1: - $check_ip = substr($check_ip, 0, strrpos($check_ip, '.')+1); - break; - case 2: - $check_ip = substr($check_ip, 0, strrpos($check_ip, '.')); - $check_ip = substr($check_ip, 0, strrpos($check_ip, '.')+1); - break; - }; - - if ($check_ip && strpos($_SERVER['REMOTE_ADDR'], $check_ip) !== 0) { - $_SESSION["login_error_msg"] = - __("Session failed to validate (incorrect IP)"); - return false; - } - - if ($_SESSION["ref_schema_version"] != get_schema_version($link, true)) - return false; - - if ($_SESSION["uid"]) { - - $result = db_query($link, - "SELECT pwd_hash FROM ttrss_users WHERE id = '".$_SESSION["uid"]."'"); - - $pwd_hash = db_fetch_result($result, 0, "pwd_hash"); - - if ($pwd_hash != $_SESSION["pwd_hash"]) { - return false; - } - } - -/* if ($_SESSION["cookie_lifetime"] && $_SESSION["uid"]) { - - //print_r($_SESSION); - - if (time() > $_SESSION["cookie_lifetime"]) { - return false; - } - } */ - - return true; - } - function load_user_plugins($link, $owner_uid) { if ($owner_uid) { $plugins = get_pref($link, "_ENABLED_PLUGINS", $owner_uid); diff --git a/include/sessions.php b/include/sessions.php index 727d955d0..81a5a7383 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -17,6 +17,75 @@ ini_set("session.use_only_cookies", true); ini_set("session.gc_maxlifetime", $session_expire); + function session_get_schema_version($link, $nocache = false) { + global $schema_version; + + if (!$schema_version) { + $result = db_query($link, "SELECT schema_version FROM ttrss_version"); + $version = db_fetch_result($result, 0, "schema_version"); + $schema_version = $version; + return $version; + } else { + return $schema_version; + } + } + + function validate_session($link) { + if (SINGLE_USER_MODE) return true; + + $check_ip = $_SESSION['ip_address']; + + switch (SESSION_CHECK_ADDRESS) { + case 0: + $check_ip = ''; + break; + case 1: + $check_ip = substr($check_ip, 0, strrpos($check_ip, '.')+1); + break; + case 2: + $check_ip = substr($check_ip, 0, strrpos($check_ip, '.')); + $check_ip = substr($check_ip, 0, strrpos($check_ip, '.')+1); + break; + }; + + if ($check_ip && strpos($_SERVER['REMOTE_ADDR'], $check_ip) !== 0) { + $_SESSION["login_error_msg"] = + __("Session failed to validate (incorrect IP)"); + return false; + } + + if ($_SESSION["ref_schema_version"] != session_get_schema_version($link, true)) + return false; + + if ($_SESSION["uid"]) { + $result = db_query($link, + "SELECT pwd_hash FROM ttrss_users WHERE id = '".$_SESSION["uid"]."'"); + + // user not found + if (db_num_rows($result) == 0) { + return false; + } else { + $pwd_hash = db_fetch_result($result, 0, "pwd_hash"); + + if ($pwd_hash != $_SESSION["pwd_hash"]) { + return false; + } + } + } + +/* if ($_SESSION["cookie_lifetime"] && $_SESSION["uid"]) { + + //print_r($_SESSION); + + if (time() > $_SESSION["cookie_lifetime"]) { + return false; + } + } */ + + return true; + } + + function ttrss_open ($s, $n) { global $session_connection; @@ -106,7 +175,7 @@ if (isset($_COOKIE[$session_name])) { @session_start(); - if (!isset($_SESSION["uid"]) || !$_SESSION["uid"]) { + if (!isset($_SESSION["uid"]) || !$_SESSION["uid"] || !validate_session($session_connection)) { session_destroy(); setcookie(session_name(), '', time()-42000, '/'); } diff --git a/plugins/googlereaderimport/init.php b/plugins/googlereaderimport/init.php index 1c9f3b8bf..808f241b6 100644 --- a/plugins/googlereaderimport/init.php +++ b/plugins/googlereaderimport/init.php @@ -141,6 +141,10 @@ class GoogleReaderImport extends Plugin { $imported += (int) $this->create_article($owner_uid, $guid, $title, $updated, $link, $content, $author, $sql_set_marked, $tags, $orig_feed_data); + + if ($file && $processed % 25 == 0) { + _debug("processed $processed articles..."); + } } if ($file) { @@ -171,7 +175,7 @@ class GoogleReaderImport extends Plugin { if (!$guid) $guid = sha1($link); - $create_archived_feeds = false; // may cause SQL errors SOMEHOW, thus disabled for the time being + $create_archived_feeds = true; $guid = "$owner_uid,$guid"; @@ -241,15 +245,15 @@ class GoogleReaderImport extends Plugin { if (db_num_rows($result) != 0) { $orig_feed_id = db_fetch_result($result, 0, "id"); - - // delete temporarily inserted feed - if ($feed_inserted) { - db_query($this->link, "DELETE FROM ttrss_feeds WHERE id = $feed_id"); - } } } } + // delete temporarily inserted feed + if ($feed_id && $feed_inserted) { + db_query($this->link, "DELETE FROM ttrss_feeds WHERE id = $feed_id"); + } + $result = db_query($this->link, "SELECT id FROM ttrss_entries, ttrss_user_entries WHERE guid = '$guid' AND ref_id = id AND owner_uid = '$owner_uid' LIMIT 1"); @@ -268,7 +272,7 @@ class GoogleReaderImport extends Plugin { (ref_id, uuid, feed_id, orig_feed_id, owner_uid, marked, tag_cache, label_cache, last_read, note, unread, last_marked) VALUES - ('$ref_id', '', NULL, $feed_id, $owner_uid, $marked, '', '', NOW(), '', false, NOW())"); + ('$ref_id', '', NULL, $orig_feed_id, $owner_uid, $marked, '', '', NOW(), '', false, NOW())"); $result = db_query($this->link, "SELECT int_id FROM ttrss_user_entries, ttrss_entries WHERE owner_uid = $owner_uid AND ref_id = id AND ref_id = $ref_id"); @@ -311,7 +315,7 @@ class GoogleReaderImport extends Plugin { } } - db_query($this->link, "COMMIT"); +// db_query($this->link, "COMMIT"); return $rc; } |