implement a simple request token session garbage collector
This commit is contained in:
parent
1cb1980d62
commit
cd16c5e479
|
@ -358,12 +358,30 @@ class OC_Util {
|
||||||
* Todo: Write howto
|
* Todo: Write howto
|
||||||
*/
|
*/
|
||||||
public static function callRegister(){
|
public static function callRegister(){
|
||||||
|
//mamimum time before token exires
|
||||||
|
$maxtime=(60*60); // 1 hour
|
||||||
|
|
||||||
// generate a random token.
|
// generate a random token.
|
||||||
$token=mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000);
|
$token=mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000);
|
||||||
|
|
||||||
// store the token together with a timestamp in the session.
|
// store the token together with a timestamp in the session.
|
||||||
$_SESSION['requesttoken-'.$token]=time();
|
$_SESSION['requesttoken-'.$token]=time();
|
||||||
|
|
||||||
|
// cleanup old tokens garbage collector
|
||||||
|
// only run every 20th time so we don´t waste cpu cycles
|
||||||
|
if(rand(0,20)==0) {
|
||||||
|
foreach($_SESSION as $key=>$value) {
|
||||||
|
// search all tokens in the session
|
||||||
|
if(substr($key,0,12)=='requesttoken') {
|
||||||
|
if($value+$maxtime<time()){
|
||||||
|
// remove outdated tokens
|
||||||
|
unset($_SESSION[$key]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
// return the token
|
// return the token
|
||||||
return($token);
|
return($token);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue