diff options
| author | Ermal <eri@pfsense.org> | 2013-01-03 22:50:26 +0000 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2013-01-03 22:50:47 +0000 |
| commit | 4111fcf5307829b19b95fbb499addddff46264af (patch) | |
| tree | 3c9ad48f642698d4ea45b119d8cd66c39ce8a084 | |
| parent | 24b78825916851bd374c11bd5227dbf140e0ab78 (diff) | |
| download | pfsense-4111fcf5307829b19b95fbb499addddff46264af.zip pfsense-4111fcf5307829b19b95fbb499addddff46264af.tar.gz | |
Always commit the session fast to allow other consumers to proceed to their requests. This unbreaks now the lock up the GUI had allowing only one action from same source per time. Now even if you run a command that blocks indefinitely for example the GUI want lock anymore but allow you to proceed to other actions
| -rw-r--r-- | etc/inc/authgui.inc | 6 | ||||
| -rw-r--r-- | etc/inc/config.lib.inc | 9 | ||||
| -rw-r--r-- | etc/inc/pfsense-utils.inc | 7 | ||||
| -rwxr-xr-x | usr/local/www/firewall_virtual_ip.php | 3 | ||||
| -rw-r--r-- | usr/local/www/headjs.php | 3 | ||||
| -rwxr-xr-x | usr/local/www/system_firmware.php | 5 | ||||
| -rw-r--r-- | usr/local/www/system_usermanager_passwordmg.php | 5 | ||||
| -rw-r--r-- | usr/local/www/upload_progress.php | 4 |
8 files changed, 39 insertions, 3 deletions
diff --git a/etc/inc/authgui.inc b/etc/inc/authgui.inc index f87494b..85771a0 100644 --- a/etc/inc/authgui.inc +++ b/etc/inc/authgui.inc @@ -87,6 +87,12 @@ if (!$_SESSION['Post_Login']) { exit; } +/* + * Close session data to allow other scripts from same host to come in. + * A session can be reactivated from calling session_start again + */ +session_commit(); + /* * determine if the user is allowed access to the requested page */ diff --git a/etc/inc/config.lib.inc b/etc/inc/config.lib.inc index dc57b41..1647d7d 100644 --- a/etc/inc/config.lib.inc +++ b/etc/inc/config.lib.inc @@ -497,15 +497,22 @@ function write_config($desc="Unknown", $backup = true) { log_error("WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml"); */ + if (!session_id()) + session_start(); if (!empty($_SESSION['Username']) && ($_SESSION['Username'] != "admin")) { $user = getUserEntry($_SESSION['Username']); - if (is_array($user) && userHasPrivilege($user, "user-config-readonly")) + if (is_array($user) && userHasPrivilege($user, "user-config-readonly")) { + session_commit(); return false; + } } + $username = empty($_SESSION["Username"]) ? "(system)" : $_SESSION['Username']; if (!empty($_SERVER['REMOTE_ADDR'])) $username .= '@' . $_SERVER['REMOTE_ADDR']; + session_commit(); + if($backup) backup_config(); diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index 9ebf3c1..4807350 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -50,8 +50,13 @@ ******/ function have_natonetooneruleint_access($if) { $security_url = "firewall_nat_1to1_edit.php?if=". strtolower($if); - if(isAllowedPage($security_url, $_SESSION['Username'])) + if (!session_id()) + session_start(); + if(isAllowedPage($security_url, $_SESSION['Username'])) { + session_commit(); return true; + } + session_commit(); return false; } diff --git a/usr/local/www/firewall_virtual_ip.php b/usr/local/www/firewall_virtual_ip.php index e4aee0d..f2de3ea 100755 --- a/usr/local/www/firewall_virtual_ip.php +++ b/usr/local/www/firewall_virtual_ip.php @@ -124,11 +124,14 @@ if ($_GET['act'] == "del") { if (!$input_errors) { + if (!session_id()) + session_start(); $user = getUserEntry($_SESSION['Username']); if (is_array($user) && userHasPrivilege($user, "user-config-readonly")) { header("Location: firewall_virtual_ip.php"); exit; } + session_commit(); // Special case since every proxyarp vip is handled by the same daemon. if ($a_vip[$_GET['id']]['mode'] == "proxyarp") { diff --git a/usr/local/www/headjs.php b/usr/local/www/headjs.php index 4cf1ab2..197d806 100644 --- a/usr/local/www/headjs.php +++ b/usr/local/www/headjs.php @@ -48,7 +48,10 @@ function getHeadJS() { var input_errors = ''; jQuery(document).ready(init); "; + if (!session_id()) + session_start(); $_SESSION['NO_AJAX'] == "True" ? $noajax = "var noAjaxOnSubmit = true;" : $noajax = "var noAjaxOnSubmit = false;"; + session_commit(); $headjs .= " {$noajax} diff --git a/usr/local/www/system_firmware.php b/usr/local/www/system_firmware.php index 1a54d0d..26ead4b 100755 --- a/usr/local/www/system_firmware.php +++ b/usr/local/www/system_firmware.php @@ -213,7 +213,10 @@ include("head.inc"); <form action="system_firmware.php" method="post" enctype="multipart/form-data"> <?php /* Construct an upload_id for this session */ - $upload_id = "up". $_SESSION['Username']; + if (!session_id()) + $upload_id = uniqid(); + else + $upload_id = session_id(); ?> <input type="hidden" name="UPLOAD_IDENTIFIER" value="<?php echo $upload_id;?>" /> <?php include("fbegin.inc"); ?> diff --git a/usr/local/www/system_usermanager_passwordmg.php b/usr/local/www/system_usermanager_passwordmg.php index 0d64599..895d28d 100644 --- a/usr/local/www/system_usermanager_passwordmg.php +++ b/usr/local/www/system_usermanager_passwordmg.php @@ -64,12 +64,17 @@ if (isset($_POST['save'])) { } } +if (!session_id()) + session_start(); + /* determine if user is not local to system */ $islocal = false; foreach($config['system']['user'] as $user) if($user['name'] == $_SESSION['Username']) $islocal = true; +session_commit(); + include("head.inc"); ?> diff --git a/usr/local/www/upload_progress.php b/usr/local/www/upload_progress.php index 344ae67..812f7b7 100644 --- a/usr/local/www/upload_progress.php +++ b/usr/local/www/upload_progress.php @@ -38,12 +38,16 @@ include("guiconfig.inc"); +if (!session_id()) + session_start(); + // sanitize the ID value $id = $_SESSION['uploadid']; if (!$id) { echo gettext("Sorry, we could not find an uploadid code."); exit; } +session_commit(); // retrieve the upload data from APC $info = uploadprogress_get_info($id); |
