X-Git-Url: https://git.wh0rd.org/?a=blobdiff_plain;f=include%2Fsessions.php;h=c27eb98b05ad6806b8723db864232cfc8964cbcb;hb=HEAD;hp=1ed9be5504bd2fb1021c713a4b9c285c8ef0f0a5;hpb=6eed9a7463443d206bb9f9369b77be70ac84d9de;p=tt-rss.git

diff --git a/include/sessions.php b/include/sessions.php
index 1ed9be55..c27eb98b 100644
--- a/include/sessions.php
+++ b/include/sessions.php
@@ -9,11 +9,10 @@
 	require_once "lib/gettext/gettext.inc";
 	require_once "version.php";
 
-	$session_expire = max(SESSION_COOKIE_LIFETIME, 86400);
+	$session_expire = min(2147483647 - time() - 1, max(SESSION_COOKIE_LIFETIME, 86400));
 	$session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME;
 
-	if (@$_SERVER['HTTPS'] == "on") {
-		$session_name .= "_ssl";
+	if (is_server_https()) {
 		ini_set("session.cookie_secure", true);
 	}
 
@@ -23,12 +22,14 @@
 	ini_set("session.gc_maxlifetime", $session_expire);
 	ini_set("session.cookie_lifetime", min(0, SESSION_COOKIE_LIFETIME));
 
-	function session_get_schema_version($nocache = false) {
+	function session_get_schema_version() {
 		global $schema_version;
 
 		if (!$schema_version) {
-			$result = Db::get()->query("SELECT schema_version FROM ttrss_version");
-			$version = Db::get()->fetch_result($result, 0, "schema_version");
+			$row = Db::pdo()->query("SELECT schema_version FROM ttrss_version")->fetch();
+
+			$version = $row["schema_version"];
+
 			$schema_version = $version;
 			return $version;
 		} else {
@@ -39,40 +40,50 @@
 	function validate_session() {
 		if (SINGLE_USER_MODE) return true;
 
-		if (isset($_SESSION["ref_schema_version"]) && $_SESSION["ref_schema_version"] != session_get_schema_version(true)) {
+		if (isset($_SESSION["ref_schema_version"]) && $_SESSION["ref_schema_version"] != session_get_schema_version()) {
 			$_SESSION["login_error_msg"] =
 				__("Session failed to validate (schema version changed)");
 			return false;
 		}
+		  $pdo = Db::pdo();
 
 		if ($_SESSION["uid"]) {
-			$result = Db::get()->query(
-				"SELECT pwd_hash FROM ttrss_users WHERE id = '".$_SESSION["uid"]."'");
+
+			if ($_SESSION["user_agent"] != sha1($_SERVER['HTTP_USER_AGENT'])) {
+				$_SESSION["login_error_msg"] = __("Session failed to validate (UA changed).");
+				return false;
+			}
+
+			$sth = $pdo->prepare("SELECT pwd_hash FROM ttrss_users WHERE id = ?");
+			$sth->execute([$_SESSION['uid']]);
 
 			// user not found
-			if (Db::get()->num_rows($result) == 0) {
+			if ($row = $sth->fetch()) {
+					 $pwd_hash = $row["pwd_hash"];
 
-				$_SESSION["login_error_msg"] =
-					__("Session failed to validate (user not found)");
+					 if ($pwd_hash != $_SESSION["pwd_hash"]) {
 
-				return false;
+						  $_SESSION["login_error_msg"] =
+								__("Session failed to validate (password changed)");
+
+						  return false;
+					 }
 			} else {
-				$pwd_hash = Db::get()->fetch_result($result, 0, "pwd_hash");
 
-				if ($pwd_hash != $_SESSION["pwd_hash"]) {
+					 $_SESSION["login_error_msg"] =
+						  __("Session failed to validate (user not found)");
 
-					$_SESSION["login_error_msg"] =
-						__("Session failed to validate (password changed)");
+					 return false;
 
-					return false;
-				}
 			}
 		}
 
 		return true;
 	}
 
-
+	/**
+	 * @SuppressWarnings(PHPMD.UnusedFormalParameter)
+	 */
 	function ttrss_open ($s, $n) {
 		return true;
 	}
@@ -80,18 +91,21 @@
 	function ttrss_read ($id){
 		global $session_expire;
 
-		$res = Db::get()->query("SELECT data FROM ttrss_sessions WHERE id='$id'");
+		$sth = Db::pdo()->prepare("SELECT data FROM ttrss_sessions WHERE id=?");
+		$sth->execute([$id]);
+
+		if ($row = $sth->fetch()) {
+				return base64_decode($row["data"]);
 
-		if (Db::get()->num_rows($res) != 1) {
+		} else {
+				$expire = time() + $session_expire;
 
-			$expire = time() + $session_expire;
+				$sth = Db::pdo()->prepare("INSERT INTO ttrss_sessions (id, data, expire)
+					VALUES (?, '', ?)");
+				$sth->execute([$id, $expire]);
 
-			Db::get()->query("INSERT INTO ttrss_sessions (id, data, expire)
-					VALUES ('$id', '', '$expire')");
+				return "";
 
-		 	return "";
-		} else {
-			return base64_decode(Db::get()->fetch_result($res, 0, "data"));
 		}
 
 	}
@@ -102,7 +116,17 @@
 		$data = base64_encode($data);
 		$expire = time() + $session_expire;
 
-		Db::get()->query("UPDATE ttrss_sessions SET data='$data', expire='$expire' WHERE id='$id'");
+		$sth = Db::pdo()->prepare("SELECT id FROM ttrss_sessions WHERE id=?");
+		$sth->execute([$id]);
+
+		if ($row = $sth->fetch()) {
+			$sth = Db::pdo()->prepare("UPDATE ttrss_sessions SET data=?, expire=? WHERE id=?");
+			$sth->execute([$data, $expire, $id]);
+		} else {
+			$sth = Db::pdo()->prepare("INSERT INTO ttrss_sessions (id, data, expire)
+				VALUES (?, ?, ?)");
+			$sth->execute([$id, $data, $expire]);
+		}
 
 		return true;
 	}
@@ -112,13 +136,17 @@
 	}
 
 	function ttrss_destroy($id) {
-		Db::get()->query("DELETE FROM ttrss_sessions WHERE id = '$id'");
+		$sth = Db::pdo()->prepare("DELETE FROM ttrss_sessions WHERE id = ?");
+		$sth->execute([$id]);
 
 		return true;
 	}
 
+	/**
+	 * @SuppressWarnings(PHPMD.UnusedFormalParameter)
+	 */
 	function ttrss_gc ($expire) {
-		Db::get()->query("DELETE FROM ttrss_sessions WHERE expire < " . time());
+		Db::pdo()->query("DELETE FROM ttrss_sessions WHERE expire < " . time());
 
 		return true;
 	}
@@ -135,4 +163,3 @@
 			@session_start();
 		}
 	}
-?>