diff options
author | Ermal <eri@pfsense.org> | 2013-01-03 22:50:26 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2013-01-03 22:50:47 +0000 |
commit | 4111fcf5307829b19b95fbb499addddff46264af (patch) | |
tree | 3c9ad48f642698d4ea45b119d8cd66c39ce8a084 /usr/local/www | |
parent | 24b78825916851bd374c11bd5227dbf140e0ab78 (diff) | |
download | pfsense-4111fcf5307829b19b95fbb499addddff46264af.zip pfsense-4111fcf5307829b19b95fbb499addddff46264af.tar.gz |
Always commit the session fast to allow other consumers to proceed to their requests. This unbreaks now the lock up the GUI had allowing only one action from same source per time. Now even if you run a command that blocks indefinitely for example the GUI want lock anymore but allow you to proceed to other actions
Diffstat (limited to 'usr/local/www')
-rwxr-xr-x | usr/local/www/firewall_virtual_ip.php | 3 | ||||
-rw-r--r-- | usr/local/www/headjs.php | 3 | ||||
-rwxr-xr-x | usr/local/www/system_firmware.php | 5 | ||||
-rw-r--r-- | usr/local/www/system_usermanager_passwordmg.php | 5 | ||||
-rw-r--r-- | usr/local/www/upload_progress.php | 4 |
5 files changed, 19 insertions, 1 deletions
diff --git a/usr/local/www/firewall_virtual_ip.php b/usr/local/www/firewall_virtual_ip.php index e4aee0d..f2de3ea 100755 --- a/usr/local/www/firewall_virtual_ip.php +++ b/usr/local/www/firewall_virtual_ip.php @@ -124,11 +124,14 @@ if ($_GET['act'] == "del") { if (!$input_errors) { + if (!session_id()) + session_start(); $user = getUserEntry($_SESSION['Username']); if (is_array($user) && userHasPrivilege($user, "user-config-readonly")) { header("Location: firewall_virtual_ip.php"); exit; } + session_commit(); // Special case since every proxyarp vip is handled by the same daemon. if ($a_vip[$_GET['id']]['mode'] == "proxyarp") { diff --git a/usr/local/www/headjs.php b/usr/local/www/headjs.php index 4cf1ab2..197d806 100644 --- a/usr/local/www/headjs.php +++ b/usr/local/www/headjs.php @@ -48,7 +48,10 @@ function getHeadJS() { var input_errors = ''; jQuery(document).ready(init); "; + if (!session_id()) + session_start(); $_SESSION['NO_AJAX'] == "True" ? $noajax = "var noAjaxOnSubmit = true;" : $noajax = "var noAjaxOnSubmit = false;"; + session_commit(); $headjs .= " {$noajax} diff --git a/usr/local/www/system_firmware.php b/usr/local/www/system_firmware.php index 1a54d0d..26ead4b 100755 --- a/usr/local/www/system_firmware.php +++ b/usr/local/www/system_firmware.php @@ -213,7 +213,10 @@ include("head.inc"); <form action="system_firmware.php" method="post" enctype="multipart/form-data"> <?php /* Construct an upload_id for this session */ - $upload_id = "up". $_SESSION['Username']; + if (!session_id()) + $upload_id = uniqid(); + else + $upload_id = session_id(); ?> <input type="hidden" name="UPLOAD_IDENTIFIER" value="<?php echo $upload_id;?>" /> <?php include("fbegin.inc"); ?> diff --git a/usr/local/www/system_usermanager_passwordmg.php b/usr/local/www/system_usermanager_passwordmg.php index 0d64599..895d28d 100644 --- a/usr/local/www/system_usermanager_passwordmg.php +++ b/usr/local/www/system_usermanager_passwordmg.php @@ -64,12 +64,17 @@ if (isset($_POST['save'])) { } } +if (!session_id()) + session_start(); + /* determine if user is not local to system */ $islocal = false; foreach($config['system']['user'] as $user) if($user['name'] == $_SESSION['Username']) $islocal = true; +session_commit(); + include("head.inc"); ?> diff --git a/usr/local/www/upload_progress.php b/usr/local/www/upload_progress.php index 344ae67..812f7b7 100644 --- a/usr/local/www/upload_progress.php +++ b/usr/local/www/upload_progress.php @@ -38,12 +38,16 @@ include("guiconfig.inc"); +if (!session_id()) + session_start(); + // sanitize the ID value $id = $_SESSION['uploadid']; if (!$id) { echo gettext("Sorry, we could not find an uploadid code."); exit; } +session_commit(); // retrieve the upload data from APC $info = uploadprogress_get_info($id); |