[FEATURE] Add gracetime for session-timestamp-updates 38/35838/4
authorStefan Neufeind <typo3.neufeind@speedpartner.de>
Tue, 6 Jan 2015 16:33:23 +0000 (17:33 +0100)
committerWouter Wolters <typo3@wouterwolters.nl>
Fri, 30 Jan 2015 18:15:55 +0000 (19:15 +0100)
Don't update the session-timestamp more often than
needed. Skipping updates for some seconds/minutes
makes no difference but may save quite some
updates.

Change-Id: Ic812993f3c7556fc90a1a5dee7b5462e822d9f45
Resolves: #64148
Releases: master
Reviewed-on: http://review.typo3.org/35838
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Stefan Neufeind <typo3.neufeind@speedpartner.de>
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php

index f4593fe..16a1d9e 100644 (file)
@@ -923,9 +923,10 @@ abstract class AbstractUserAuthentication {
                                $timeout = (int)$user[$this->auth_timeout_field];
                        }
                        // If timeout > 0 (TRUE) and current time has not exceeded the latest sessions-time plus the timeout in seconds then accept user
-                       // Option later on: We could check that last update was at least x seconds ago in order not to update twice in a row if one script redirects to another...
+                       // Use a gracetime-value to avoid updating a session-record too often
                        if ($timeout > 0 && $GLOBALS['EXEC_TIME'] < $user['ses_tstamp'] + $timeout) {
-                               if (!$skipSessionUpdate) {
+                               $sessionUpdateGracePeriod = 61;
+                               if (!$skipSessionUpdate && $GLOBALS['EXEC_TIME'] > ($user['ses_tstamp'] + $sessionUpdateGracePeriod)) {
                                        $this->db->exec_UPDATEquery($this->session_table, 'ses_id=' . $this->db->fullQuoteStr($this->id, $this->session_table)
                                                . ' AND ses_name=' . $this->db->fullQuoteStr($this->name, $this->session_table), array('ses_tstamp' => $GLOBALS['EXEC_TIME']));
                                        // Make sure that the timestamp is also updated in the array