From 5d11420d77f7baf7471004867eec48d5fe99c51d Mon Sep 17 00:00:00 2001 From: Stefan Neufeind Date: Tue, 6 Jan 2015 17:33:23 +0100 Subject: [PATCH] [FEATURE] Add gracetime for session-timestamp-updates Don't update the session-timestamp more often than needed. Skipping updates for some seconds/minutes makes no difference but may save quite some updates. Change-Id: Ic812993f3c7556fc90a1a5dee7b5462e822d9f45 Resolves: #64148 Releases: master Reviewed-on: http://review.typo3.org/35838 Reviewed-by: Christian Kuhn Tested-by: Christian Kuhn Reviewed-by: Stefan Neufeind Reviewed-by: Wouter Wolters Tested-by: Wouter Wolters --- .../Classes/Authentication/AbstractUserAuthentication.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php b/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php index f4593fe6a4e3..16a1d9e3aa08 100644 --- a/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php +++ b/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php @@ -923,9 +923,10 @@ abstract class AbstractUserAuthentication { $timeout = (int)$user[$this->auth_timeout_field]; } // If timeout > 0 (TRUE) and current time has not exceeded the latest sessions-time plus the timeout in seconds then accept user - // Option later on: We could check that last update was at least x seconds ago in order not to update twice in a row if one script redirects to another... + // Use a gracetime-value to avoid updating a session-record too often if ($timeout > 0 && $GLOBALS['EXEC_TIME'] < $user['ses_tstamp'] + $timeout) { - if (!$skipSessionUpdate) { + $sessionUpdateGracePeriod = 61; + if (!$skipSessionUpdate && $GLOBALS['EXEC_TIME'] > ($user['ses_tstamp'] + $sessionUpdateGracePeriod)) { $this->db->exec_UPDATEquery($this->session_table, 'ses_id=' . $this->db->fullQuoteStr($this->id, $this->session_table) . ' AND ses_name=' . $this->db->fullQuoteStr($this->name, $this->session_table), array('ses_tstamp' => $GLOBALS['EXEC_TIME'])); // Make sure that the timestamp is also updated in the array -- 2.20.1