extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2025-02-18 11:21:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

* Api: no longer loggin last-logintime of anonymous user

Browse Source 
to not block website and also to better cope with high rate anon endpoints 
might be called creating a bottleneck in the egw_accounts table.
This commit is contained in:
Ralf Becker 2019-08-19 16:50:55 +02:00
parent ee4640ccda
commit 681679382c
1 changed files with 20 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
api/src/Session.php
View File

@ -634,9 +634,11 @@ class Session
if ($this->session_flags != 'A') // dont log anonymous sessions if ($this->session_flags != 'A') // dont log anonymous sessions
{ {
$this->sessionid_access_log = $this->log_access($this->sessionid,$login,$user_ip,$this->account_id); $this->sessionid_access_log = $this->log_access($this->sessionid,$login,$user_ip,$this->account_id);
} // We do NOT log anonymous sessions to not block website and also to cope with
// high rate anon endpoints might be called creating a bottleneck in the egw_accounts table.
Cache::setSession('phpgwapi', 'account_previous_login', $GLOBALS['egw']->auth->previous_login); Cache::setSession('phpgwapi', 'account_previous_login', $GLOBALS['egw']->auth->previous_login);
$GLOBALS['egw']->accounts->update_lastlogin($this->account_id,$user_ip); $GLOBALS['egw']->accounts->update_lastlogin($this->account_id,$user_ip);
}
$GLOBALS['egw']->db->transaction_commit(); $GLOBALS['egw']->db->transaction_commit();
if ($GLOBALS['egw_info']['server']['usecookies'] && !$no_session) if ($GLOBALS['egw_info']['server']['usecookies'] && !$no_session)
@ -974,6 +976,9 @@ class Session
/** /**
* Write or update (for logout) the access_log * Write or update (for logout) the access_log
*
* We do NOT log anonymous sessions to not block website and also to cope with
* high rate anon endpoints might be called creating a bottleneck in the egw_access_log table.
* *
* @param string|int $sessionid nummeric or PHP session id or error-message for unsuccessful logins * @param string|int $sessionid nummeric or PHP session id or error-message for unsuccessful logins
* @param string $login ='' account_lid (evtl. with domain) or '' for setting the logout-time * @param string $login ='' account_lid (evtl. with domain) or '' for setting the logout-time
@ -983,6 +988,11 @@ class Session
*/ */
private function log_access($sessionid,$login='',$user_ip='',$account_id=0) private function log_access($sessionid,$login='',$user_ip='',$account_id=0)
{ {
// do not log anything for anonymous sessions
if ($this->session_flags === 'A')
{
return;
}
$now = time(); $now = time();
// if sessionid contains non-ascii chars (only happens for error-messages) // if sessionid contains non-ascii chars (only happens for error-messages)