]> git.wh0rd.org Git - tt-rss.git/commitdiff
projects / tt-rss.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f98252f)
use SSL serial to bind certificate to user; implement autologin using SSL certificate...
authorAndrew Dolgov <fox@madoka.volgo-balt.ru>
Mon, 28 Mar 2011 04:30:00 +0000 (08:30 +0400)
committerAndrew Dolgov <fox@madoka.volgo-balt.ru>
Mon, 28 Mar 2011 04:30:15 +0000 (08:30 +0400)
config.php-dist patch | blob | history
functions.php patch | blob | history
modules/pref-prefs.php patch | blob | history
prefs.js patch | blob | history
sanity_check.php patch | blob | history
schema/ttrss_schema_mysql.sql patch | blob | history
schema/ttrss_schema_pgsql.sql patch | blob | history
schema/versions/mysql/82.sql [new file with mode: 0644] patch | blob
schema/versions/pgsql/82.sql [new file with mode: 0644] patch | blob
sessions.php patch | blob | history

diff --git a/config.php-dist b/config.php-dist
index c12e3ebee7881801da788f670b981977430fe143..26e8a02ffacc1863a065853f1ff702bbc03d7ba0 100644 (file)
--- a/config.php-dist
+++ b/config.php-dist
@@ -128,13 +128,9 @@
        // Limits the amount of feeds daemon (or a cronjob) updates on one run
 
        define('ALLOW_REMOTE_USER_AUTH', false);
-       // Set to 'true' if you trust your web server's REMOTE_USER or 
-       // REDIRECT_SSL_CLIENT_S_DN_CN environment variables to validate 
-       // that the user is logged in. This option can be used to integrate 
-       // tt-rss with Apache's external authentication modules or SSL
-       // client certificate authentication.
-       // Please note that REMOTE_USER takes precedence over SSL certificate
-       // information.
+       // Set to 'true' if you trust your web server's REMOTE_USER 
+       // environment variable that the user is logged in. This option can be 
+       // used to integrate tt-rss with Apache's external authentication modules.
 
        define('AUTO_LOGIN', false);
        // Set this to true if you use ALLOW_REMOTE_USER_AUTH and you want
diff --git a/functions.php b/functions.php
index ed44383674f2267ede88c07fa1300e591a57cf14..51731fa6e7e0a7028b56a915ca404a59d5648e04 100644 (file)
--- a/functions.php
+++ b/functions.php
@@ -1757,11 +1757,29 @@
                return true;
        }
 
+       function get_login_by_ssl_certificate($link) {
+
+               $cert_serial = db_escape_string($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"]);
+
+               if ($cert_serial) {
+                       $result = db_query($link, "SELECT login FROM ttrss_user_prefs, ttrss_users
+                               WHERE pref_name = 'SSL_CERT_SERIAL' AND value = '$cert_serial' AND
+                               owner_uid = ttrss_users.id");
+
+                       if (db_num_rows($result) != 0) {
+                               return db_escape_string(db_fetch_result($result, 0, "login"));
+                       }
+               }
+
+               return "";
+       }
+
        function get_remote_user() {
-               $remote_user = $_SERVER["REMOTE_USER"];
+               $remote_user = "";
 
-               if (!$remote_user)
-                       $remote_user = $_SERVER["REDIRECT_SSL_CLIENT_S_DN_CN"];
+               if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH) {
+                       $remote_user = $_SERVER["REMOTE_USER"];
+               }
 
                return db_escape_string($remote_user);
        }
@@ -1781,10 +1799,14 @@
                        $pwd_hash2 = encrypt_password($password, $login);
                        $login = db_escape_string($login);
 
-                       if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH
-                                       && get_remote_user() && $login != "admin") {
+                       $remote_user = get_remote_user();
+
+                       if (!$remote_user)
+                               $remote_user = get_login_by_ssl_certificate($link);
 
-                               $login = db_escape_string(get_remote_user());
+                       if ($remote_user && $login != "admin") {
+
+                               $login = $remote_user;
 
                                $query = "SELECT id,login,access_level,pwd_hash
                    FROM ttrss_users WHERE
@@ -1974,8 +1996,12 @@
                        }
 
                        if (!$_SESSION["uid"] || !validate_session($link)) {
-                               if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH
-                                       && get_remote_user() && defined('AUTO_LOGIN') && AUTO_LOGIN) {
+                               $cert_login = get_login_by_ssl_certificate($link);
+
+                               if ($cert_login) {
+                                   authenticate_user($link, $cert_login, null);
+                                   $_SESSION["ref_schema_version"] = get_schema_version($link, true);
+                               } else if (get_remote_user() && AUTO_LOGIN) {
                                    authenticate_user($link, get_remote_user(), null);
                                    $_SESSION["ref_schema_version"] = get_schema_version($link, true);
                                } else {
diff --git a/modules/pref-prefs.php b/modules/pref-prefs.php
index 806d295d09ea496d11a5dd6899bbd33e5cb11f4f..1a2b2cd77080f9b1b8e6963c727d6f80bee0df49 100644 (file)
--- a/modules/pref-prefs.php
+++ b/modules/pref-prefs.php
@@ -6,12 +6,12 @@
                $subop = $_REQUEST["subop"];
 
                $prefs_blacklist = array("HIDE_FEEDLIST", "SYNC_COUNTERS", "ENABLE_LABELS",
-                       "ENABLE_SEARCH_TOOLBAR", "HIDE_READ_FEEDS", "ENABLE_FEED_ICONS", 
+                       "ENABLE_SEARCH_TOOLBAR", "HIDE_READ_FEEDS", "ENABLE_FEED_ICONS",
                        "ENABLE_OFFLINE_READING", "EXTENDED_FEEDLIST", "FEEDS_SORT_BY_UNREAD",
                        "OPEN_LINKS_IN_NEW_WINDOW", "USER_STYLESHEET_URL", "ENABLE_FLASH_PLAYER");
 
-               $profile_blacklist = array("ALLOW_DUPLICATE_POSTS", "PURGE_OLD_DAYS", 
-                       "PURGE_UNREAD_ARTICLES", "DIGEST_ENABLE", "DIGEST_CATCHUP", 
+               $profile_blacklist = array("ALLOW_DUPLICATE_POSTS", "PURGE_OLD_DAYS",
+                       "PURGE_UNREAD_ARTICLES", "DIGEST_ENABLE", "DIGEST_CATCHUP",
                        "BLACKLISTED_TAGS", "ENABLE_FEED_ICONS", "ENABLE_API_ACCESS",
                        "UPDATE_POST_ON_CHECKSUM_CHANGE", "DEFAULT_UPDATE_INTERVAL",
                        "MARK_UNREAD_ON_UPDATE", "USER_TIMEZONE", "SORT_HEADLINES_BY_FEED_DATE");
@@ -47,18 +47,18 @@
                        $new_pw_hash = encrypt_password($new_pw, $_SESSION["name"]);
 
                        $active_uid = $_SESSION["uid"];
-                       
+
                        if ($old_pw && $new_pw) {
 
                                $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
 
-                               $result = db_query($link, "SELECT id FROM ttrss_users WHERE 
-                                       id = '$active_uid' AND (pwd_hash = '$old_pw_hash1' OR 
+                               $result = db_query($link, "SELECT id FROM ttrss_users WHERE
+                                       id = '$active_uid' AND (pwd_hash = '$old_pw_hash1' OR
                                                pwd_hash = '$old_pw_hash2')");
 
                                if (db_num_rows($result) == 1) {
-                                       db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash' 
-                                               WHERE id = '$active_uid'");                             
+                                       db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
+                                               WHERE id = '$active_uid'");
 
                                        $_SESSION["pwd_hash"] = $new_pw_hash;
 
@@ -81,7 +81,7 @@
                        $orig_theme = get_pref($link, "_THEME_ID");
 
                        foreach (array_keys($_POST) as $pref_name) {
-                       
+
                                $pref_name = db_escape_string($pref_name);
                                $value = db_escape_string($_POST[$pref_name]);
 
@@ -119,10 +119,10 @@
                        $active_uid = $_SESSION["uid"];
 
                        db_query($link, "UPDATE ttrss_users SET email = '$email',
-                               full_name = '$full_name' WHERE id = '$active_uid'");                            
-               
+                               full_name = '$full_name' WHERE id = '$active_uid'");
+
                        print __("Your personal data has been saved.");
-               
+
                        return;
 
                } else if ($subop == "reset-config") {
@@ -135,7 +135,7 @@
                                $profile_qpart = "profile IS NULL";
                        }
 
-                       db_query($link, "DELETE FROM ttrss_user_prefs 
+                       db_query($link, "DELETE FROM ttrss_user_prefs
                                WHERE $profile_qpart AND owner_uid = ".$_SESSION["uid"]);
 
                        initialize_user_prefs($link, $_SESSION["uid"], $_SESSION["profile"]);
@@ -164,8 +164,8 @@
 
                                        new Ajax.Request('backend.php', {
                                                parameters: dojo.objectToQuery(this.getValues()),
-                                               onComplete: function(transport) { 
-                                                       notify_callback2(transport); 
+                                               onComplete: function(transport) {
+                                                       notify_callback2(transport);
                                        } });
 
                                }
@@ -176,7 +176,7 @@
                                $result = db_query($link, "SELECT email,full_name,
                                        access_level FROM ttrss_users
                                        WHERE id = ".$_SESSION["uid"]);
-                                       
+
                                $email = htmlspecialchars(db_fetch_result($result, 0, "email"));
                                $full_name = htmlspecialchars(db_fetch_result($result, 0, "full_name"));
 
@@ -192,9 +192,9 @@
                                        print "<tr><td width=\"40%\">".__('Access level')."</td>";
                                        print "<td>" . $access_level_names[$access_level] . "</td></tr>";
                                }
-       
+
                                print "</table>";
-       
+
                                print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">";
                                print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"subop\" value=\"change-email\">";
 
@@ -207,7 +207,7 @@
                                print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Authentication')."\">";
 
                                $result = db_query($link, "SELECT id FROM ttrss_users
-                                       WHERE id = ".$_SESSION["uid"]." AND pwd_hash 
+                                       WHERE id = ".$_SESSION["uid"]." AND pwd_hash
                                        = 'SHA1:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8'");
 
                                if (db_num_rows($result) != 0) {
@@ -223,7 +223,7 @@
 
                                        new Ajax.Request('backend.php', {
                                                parameters: dojo.objectToQuery(this.getValues()),
-                                               onComplete: function(transport) { 
+                                               onComplete: function(transport) {
                                                        notify('');
                                                        if (transport.responseText.indexOf('ERROR: ') == 0) {
                                                                notify_error(transport.responseText.replace('ERROR: ', ''));
@@ -238,12 +238,12 @@
                                </script>";
 
                                print "<table width=\"100%\" class=\"prefPrefsList\">";
-       
+
                                print "<tr><td width=\"40%\">".__("Old password")."</td>";
                                print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" type=\"password\" required=\"1\" name=\"old_password\"></td></tr>";
-       
+
                                print "<tr><td width=\"40%\">".__("New password")."</td>";
-                               
+
                                print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" type=\"password\" required=\"1\"
                                        name=\"new_password\"></td></tr>";
 
@@ -252,7 +252,7 @@
                                print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" type=\"password\" required=\"1\" name=\"confirm_password\"></td></tr>";
 
                                print "</table>";
-       
+
                                print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">";
                                print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"subop\" value=\"change-password\">";
 
@@ -278,11 +278,11 @@
                                $profile_qpart = "profile IS NULL";
                        }
 
-                       $result = db_query($link, "SELECT 
+                       $result = db_query($link, "SELECT
                                ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
                                section_name,def_value,section_id
                                FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
-                               WHERE type_id = ttrss_prefs_types.id AND 
+                               WHERE type_id = ttrss_prefs_types.id AND
                                        $profile_qpart AND
                                        section_id = ttrss_prefs_sections.id AND
                                        ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
@@ -299,7 +299,7 @@
 
                                new Ajax.Request('backend.php', {
                                        parameters: dojo.objectToQuery(this.getValues()),
-                                       onComplete: function(transport) { 
+                                       onComplete: function(transport) {
                                                var msg = transport.responseText;
                                                if (msg.match('PREFS_THEME_CHANGED')) {
                                                        window.location.reload();
@@ -313,14 +313,14 @@
                        $lnum = 0;
 
                        $active_section = "";
-       
+
                        while ($line = db_fetch_assoc($result)) {
 
                                if (in_array($line["pref_name"], $prefs_blacklist)) {
                                        continue;
                                }
 
-                               if ($_SESSION["profile"] && in_array($line["pref_name"], 
+                               if ($_SESSION["profile"] && in_array($line["pref_name"],
                                                $profile_blacklist)) {
                                        continue;
                                }
@@ -333,8 +333,8 @@
 
                                        print "<table width=\"100%\" class=\"prefPrefsList\">";
 
-                                       $active_section = $line["section_name"];                                
-                                       
+                                       $active_section = $line["section_name"];
+
                                        print "<tr><td colspan=\"3\"><h3>".__($active_section)."</h3></td></tr>";
 
                                        if ($line["section_id"] == 2) {
@@ -345,7 +345,7 @@
 
                                                print "<td><select name=\"_THEME_ID\" dojoType=\"dijit.form.Select\">";
                                                print "<option value='Default'>".__('Default')."</option>";
-                                               print "<option value='----------------' disabled=\"1\">--------</option>";                              
+                                               print "<option value='----------------' disabled=\"1\">--------</option>";
 
                                                foreach ($themes as $t) {
                                                        $base = $t['base'];
@@ -360,7 +360,7 @@
                                                        print "<option $selected value='$base'>$name</option>";
 
                                                }
-                       
+
                                                print "</select></td></tr>";
                                        }
 
@@ -383,7 +383,7 @@
                                print "<td width=\"40%\" class=\"prefName\" id=\"$pref_name\">" . __($line["short_desc"]);
 
                                if ($help_text) print "<div class=\"prefHelp\">".__($help_text)."</div>";
-                               
+
                                print "</td>";
 
                                print "<td class=\"prefValue\">";
@@ -402,14 +402,14 @@
 
                                        $limits = array(15, 30, 45, 60);
 
-                                       print_select($pref_name, $value, $limits, 
+                                       print_select($pref_name, $value, $limits,
                                                'dojoType="dijit.form.Select"');
 
                                } else if ($pref_name == "DEFAULT_UPDATE_INTERVAL") {
 
                                        global $update_intervals_nodefault;
 
-                                       print_select_hash($pref_name, $value, $update_intervals_nodefault, 
+                                       print_select_hash($pref_name, $value, $update_intervals_nodefault,
                                                'dojoType="dijit.form.Select"');
 
                                } else if ($type_name == "bool") {
@@ -432,6 +432,20 @@
                                                required=\"1\" $regexp
                                                name=\"$pref_name\" value=\"$value\">";
 
+                               } else if ($pref_name == "SSL_CERT_SERIAL") {
+
+                                       print "<input dojoType=\"dijit.form.ValidationTextBox\"
+                                               id=\"SSL_CERT_SERIAL\"
+                                               name=\"$pref_name\" value=\"$value\">";
+
+                                       $cert_serial = htmlspecialchars($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"]);
+
+                                       if ($cert_serial) {
+                                               print " <button dojoType=\"dijit.form.Button\"
+                                                       onclick=\"insertSSLserial('$cert_serial')\">" .
+                                                       __('Fill automatically') . "</button>";
+                                       }
+
                                } else {
                                        $regexp = ($type_name == 'integer') ? 'regexp="^\d*$"' : '';
 
diff --git a/prefs.js b/prefs.js
index 02d65bc412f0c0deeea874fcfefa4409a77f3f4d..ae2c9f7855fd8b3200f97cfe1c170a50370093b6 100644 (file)
--- a/prefs.js
+++ b/prefs.js
@@ -1693,3 +1693,11 @@ function customizeCSS() {
                exception_error("customizeCSS", e);
        }
 }
+
+function insertSSLserial(value) {
+       try {
+               dijit.byId("SSL_CERT_SERIAL").attr('value', value);
+       } catch (e) {
+               exception_error("insertSSLcerial", e);
+       }
+}
diff --git a/sanity_check.php b/sanity_check.php
index c9d0fe9228ff3c853c5752739ca1a6bd9f6a8602..96f4e839c7d524b94833a844c758210cff32b4c1 100644 (file)
--- a/sanity_check.php
+++ b/sanity_check.php
@@ -2,7 +2,7 @@
        require_once "functions.php";
 
        define('EXPECTED_CONFIG_VERSION', 21);
-       define('SCHEMA_VERSION', 81);
+       define('SCHEMA_VERSION', 82);
 
        if (!file_exists("config.php")) {
                print "<b>Fatal Error</b>: You forgot to copy
diff --git a/schema/ttrss_schema_mysql.sql b/schema/ttrss_schema_mysql.sql
index a7c555cbaf7ea0072b7cae2ed32356b3593a30c3..a4acf1e48bacf013ede9d349b75ff2fb80f51008 100644 (file)
--- a/schema/ttrss_schema_mysql.sql
+++ b/schema/ttrss_schema_mysql.sql
@@ -258,7 +258,7 @@ create table ttrss_tags (id integer primary key auto_increment,
 
 create table ttrss_version (schema_version int not null) TYPE=InnoDB DEFAULT CHARSET=UTF8;
 
-insert into ttrss_version values (81);
+insert into ttrss_version values (82);
 
 create table ttrss_enclosures (id integer primary key auto_increment,
        content_url text not null,
@@ -391,6 +391,8 @@ insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id,help_
 
 insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) values('_MOBILE_BROWSE_CATS', 1, 'true', '', 1);
 
+insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id,help_text) values('SSL_CERT_SERIAL', 2, '', 'Login with an SSL certificate',3, 'You can login automatically with an active client SSL certificate if you fill in its serial number here.');
+
 create table ttrss_user_prefs (
    owner_uid integer not null,
    pref_name varchar(250),
diff --git a/schema/ttrss_schema_pgsql.sql b/schema/ttrss_schema_pgsql.sql
index d732064115433eb7f70b9c1ff28a29b628e3d0d1..fbb693cecc0c23382db7f04813384d5cb28e357b 100644 (file)
--- a/schema/ttrss_schema_pgsql.sql
+++ b/schema/ttrss_schema_pgsql.sql
@@ -229,7 +229,7 @@ create index ttrss_tags_post_int_id_idx on ttrss_tags(post_int_id);
 
 create table ttrss_version (schema_version int not null);
 
-insert into ttrss_version values (81);
+insert into ttrss_version values (82);
 
 create table ttrss_enclosures (id serial not null primary key,
        content_url text not null,
@@ -355,6 +355,8 @@ insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id,help_
 
 insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) values('_MOBILE_BROWSE_CATS', 1, 'true', '', 1);
 
+insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id,help_text) values('SSL_CERT_SERIAL', 2, '', 'Login with an SSL certificate',3, 'You can login automatically with an active client SSL certificate if you fill in its serial number here.');
+
 create table ttrss_user_prefs (
        owner_uid integer not null references ttrss_users(id) ON DELETE CASCADE,
        pref_name varchar(250) not null references ttrss_prefs(pref_name) ON DELETE CASCADE,
diff --git a/schema/versions/mysql/82.sql b/schema/versions/mysql/82.sql
new file mode 100644 (file)
index 0000000..79fe5f4
--- /dev/null
+++ b/schema/versions/mysql/82.sql
@@ -0,0 +1,7 @@
+begin;
+
+insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id,help_text) values('SSL_CERT_SERIAL', 2, '', 'Login with an SSL certificate',3, 'You can login automatically with an active client SSL certificate if you fill in its serial number here.');
+
+update ttrss_version set schema_version = 82;
+
+commit;
diff --git a/schema/versions/pgsql/82.sql b/schema/versions/pgsql/82.sql
new file mode 100644 (file)
index 0000000..79fe5f4
--- /dev/null
+++ b/schema/versions/pgsql/82.sql
@@ -0,0 +1,7 @@
+begin;
+
+insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id,help_text) values('SSL_CERT_SERIAL', 2, '', 'Login with an SSL certificate',3, 'You can login automatically with an active client SSL certificate if you fill in its serial number here.');
+
+update ttrss_version set schema_version = 82;
+
+commit;
diff --git a/sessions.php b/sessions.php
index 2ad5a57fca012dcba98d9617f668244c714d3147..8588f58078f2c396a6a87d78d71d6016b46334f7 100644 (file)
--- a/sessions.php
+++ b/sessions.php
@@ -7,28 +7,33 @@
        $session_expire = SESSION_EXPIRE_TIME; //seconds
        $session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME;
 
+       if ($_SERVER['HTTPS'] == "on") {
+               $session_name .= "_ssl";
+               ini_set("session.cookie_secure", true);
+       }
+
        ini_set("session.gc_probability", 50);
        ini_set("session.name", $session_name);
        ini_set("session.use_only_cookies", true);
        ini_set("session.gc_maxlifetime", SESSION_EXPIRE_TIME);
 
        function ttrss_open ($s, $n) {
-       
+
                global $session_connection;
-               
+
                $session_connection = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
-               
+
                return true;
        }
 
        function ttrss_read ($id){
-       
-               global $session_connection,$session_read;                                        
+
+               global $session_connection,$session_read;
 
                $query = "SELECT data FROM ttrss_sessions WHERE id='$id'";
 
                $res = db_query($session_connection, $query);
-               
+
                if (db_num_rows($res) != 1) {
                        return "";
                } else {
@@ -39,61 +44,61 @@
        }
 
        function ttrss_write ($id, $data) {
-               if (! $data) { 
-                       return false; 
+
+               if (! $data) {
+                       return false;
                }
-               
+
                global $session_connection, $session_read, $session_expire;
-               
+
                $expire = time() + $session_expire;
-               
+
                $data = db_escape_string(base64_encode($data), $session_connection);
-               
+
                if ($session_read) {
-                       $query = "UPDATE ttrss_sessions SET data='$data', 
-                                       expire='$expire' WHERE id='$id'"; 
+                       $query = "UPDATE ttrss_sessions SET data='$data',
+                                       expire='$expire' WHERE id='$id'";
                } else {
                        $query = "INSERT INTO ttrss_sessions (id, data, expire)
                                        VALUES ('$id', '$data', '$expire')";
                }
-               
+
                db_query($session_connection, $query);
                return true;
        }
 
        function ttrss_close () {
-       
+
                global $session_connection;
-               
+
                db_close($session_connection);
-               
+
                return true;
        }
 
        function ttrss_destroy ($id) {
-       
+
                global $session_connection;
 
                $query = "DELETE FROM ttrss_sessions WHERE id = '$id'";
-               
+
                db_query($session_connection, $query);
-               
+
                return true;
        }
 
        function ttrss_gc ($expire) {
-       
+
                global $session_connection;
-               
+
                $query = "DELETE FROM ttrss_sessions WHERE expire < " . time();
-               
+
                db_query($session_connection, $query);
        }
 
        if (DATABASE_BACKED_SESSIONS) {
-               session_set_save_handler("ttrss_open", 
-                       "ttrss_close", "ttrss_read", "ttrss_write", 
+               session_set_save_handler("ttrss_open",
+                       "ttrss_close", "ttrss_read", "ttrss_write",
                        "ttrss_destroy", "ttrss_gc");
        }
 
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/