From 9ec826364ada5906c775152c1f681292ffea1b92 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Fri, 15 Feb 2008 12:49:23 +0100 Subject: invalidate all user session cache when userdatabase is changed FS#1085 A reference file is now stored in data/cache/sessionpurge and is used to check if user sessions are still valid. To accomondate for slow auth backends DokuWiki caches user info for a certain time in the user session. darcs-hash:20080215114923-7ad00-6874d5211efce7d07e54de37244becc2387c1ba7.gz --- lib/plugins/usermanager/admin.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'lib/plugins') diff --git a/lib/plugins/usermanager/admin.php b/lib/plugins/usermanager/admin.php index e20078d04..c5b720444 100644 --- a/lib/plugins/usermanager/admin.php +++ b/lib/plugins/usermanager/admin.php @@ -364,6 +364,8 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { * Delete user */ function _deleteUser(){ + global $conf; + if (!checkSecurityToken()) return false; if (!$this->_auth->canDo('delUser')) return false; @@ -381,6 +383,9 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { msg("$part1, $part2",-1); } + // invalidate all sessions + io_saveFile($conf['cachedir'].'/sessionpurge',time()); + return true; } @@ -410,6 +415,8 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { * Modify user (modified user data has been recieved) */ function _modifyUser(){ + global $conf; + if (!checkSecurityToken()) return false; if (!$this->_auth->canDo('UserMod')) return false; @@ -455,6 +462,9 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { $this->_notifyUser($notify,$newpass); } + // invalidate all sessions + io_saveFile($conf['cachedir'].'/sessionpurge',time()); + } else { msg($this->lang['update_fail'],-1); } -- cgit v1.2.3