- Timestamp:
- Apr 14, 2017 5:59:29 AM (7 years ago)
- Location:
- trunk/lib
- Files:
-
- 3 edited
-
Auth_SQL.inc.php (modified) (3 diffs)
-
Upload.inc.php (modified) (1 diff)
-
Validator.inc.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/Auth_SQL.inc.php
r582 r593 667 667 } else if (isset($_SESSION['_auth_sql'][$this->_ns]['authenticated']) && true === $_SESSION['_auth_sql'][$this->_ns]['authenticated']) { 668 668 // User is authenticated, but login has expired. 669 if (strtotime($_SESSION['_auth_sql'][$this->_ns]['last_access_datetime']) > (time() - 43200)) {670 // Only raise message if last session is less than 12 hours old.671 $app->raiseMsg(sprintf(_("For your safety we logged you out after being idle for %s. Please log in again."), humanTime($this->_params['idle_timeout'], 'hour', '%01.0f')), MSG_NOTICE, __FILE__, __LINE__);672 }673 669 674 670 // Log the reason for login expiration. 675 671 $expire_reasons = array(); 672 $user_notified = false; 676 673 if (!isset($_SESSION['_auth_sql'][$this->_ns]['username']) || empty($_SESSION['_auth_sql'][$this->_ns]['username'])) { 677 674 $expire_reasons[] = 'username not found'; … … 682 679 if (!isset($_SESSION['_auth_sql'][$this->_ns]['last_access_datetime']) || strtotime($_SESSION['_auth_sql'][$this->_ns]['last_access_datetime']) <= (time() - $this->_params['idle_timeout'])) { 683 680 $expire_reasons[] = sprintf('idle_timeout expired (%s older than %s seconds ago)', $_SESSION['_auth_sql'][$this->_ns]['last_access_datetime'], $this->_params['idle_timeout']); 681 if (strtotime($_SESSION['_auth_sql'][$this->_ns]['last_access_datetime']) > (time() - 43200)) { 682 // Only raise message if last session is less than 12 hours old. 683 // Notify user why they were logged out if they haven't yet been given a reason. 684 $user_notified || $app->raiseMsg(sprintf(_("For your safety we logged you out after being idle for %s. Please log in again."), humanTime($this->_params['idle_timeout'], 'hour', '%01.0f')), MSG_NOTICE, __FILE__, __LINE__); 685 $user_notified = true; 686 } 684 687 } 685 688 if (!isset($_SESSION['_auth_sql'][$this->_ns]['remote_ip']) || $_SESSION['_auth_sql'][$this->_ns]['remote_ip'] != getRemoteAddr()) { … … 690 693 // 3. the user is connecting from a trusted network (their IP is listed in the trusted_networks) 691 694 $expire_reasons[] = sprintf('remote_ip not matched (%s != %s)', $_SESSION['_auth_sql'][$this->_ns]['remote_ip'], getRemoteAddr()); 695 // Notify user why they were logged out if they haven't yet been given a reason. 696 $user_notified || $app->raiseMsg(sprintf(_("For your safety we logged you out because your IP address has changed. Please log in again."), null), MSG_NOTICE, __FILE__, __LINE__); 697 $user_notified = true; 692 698 } else { 693 699 $expire_reasons[] = sprintf('remote_ip not matched but user was exempt from this check (%s != %s)', $_SESSION['_auth_sql'][$this->_ns]['remote_ip'], getRemoteAddr()); -
trunk/lib/Upload.inc.php
r558 r593 300 300 301 301 // Clean the file name of bad characters. 302 $file_name = cleanFileName($file_name);302 $file_name = self::cleanFileName($file_name); 303 303 304 304 // FINAL path and file name, lowercase extension. -
trunk/lib/Validator.inc.php
r575 r593 573 573 $upload_max_filesize = phpIniGetBytes('upload_max_filesize'); 574 574 if (isset($_SERVER['CONTENT_LENGTH']) && 0 != $upload_max_filesize && $_SERVER['CONTENT_LENGTH'] > $upload_max_filesize) { 575 $app->logMsg(sprintf('%s (line %s) failed: %s', __METHOD__, __LINE__, getDump($val)), $type, $file, $line);575 $app->logMsg(sprintf('%s (line %s) failed: filesize %s exceeds limit of %s', __METHOD__, __LINE__, $_SERVER['CONTENT_LENGTH'], $upload_max_filesize), $type, $file, $line); 576 576 return false; 577 577 }
Note: See TracChangeset
for help on using the changeset viewer.
