-%# BEGIN LICENSE BLOCK
+%# BEGIN BPS TAGGED BLOCK {{{
%#
-%# Copyright (c) 1996-2003 Jesse Vincent <jesse@bestpractical.com>
+%# COPYRIGHT:
+%#
+%# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC
+%# <jesse@bestpractical.com>
%#
-%# (Except where explictly superceded by other copyright notices)
+%# (Except where explicitly superseded by other copyright notices)
+%#
+%#
+%# LICENSE:
%#
%# This work is made available to you under the terms of Version 2 of
%# the GNU General Public License. A copy of that license should have
%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
%# General Public License for more details.
%#
-%# Unless otherwise specified, all modifications, corrections or
-%# extensions to this work which alter its source code become the
-%# property of Best Practical Solutions, LLC when submitted for
-%# inclusion in the work.
+%# You should have received a copy of the GNU General Public License
+%# along with this program; if not, write to the Free Software
+%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+%# 02110-1301 or visit their web page on the internet at
+%# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
+%#
+%#
+%# CONTRIBUTION SUBMISSION POLICY:
+%#
+%# (The following paragraph is not intended to limit the rights granted
+%# to you to modify and distribute this software under the terms of
+%# the GNU General Public License and is only of importance to you if
+%# you choose to contribute your changes and enhancements to the
+%# community by submitting them to Best Practical Solutions, LLC.)
%#
+%# By intentionally submitting any modifications, corrections or
+%# derivatives to this work, or any other work intended for use with
+%# Request Tracker, to Best Practical Solutions, LLC, you confirm that
+%# you are the copyright holder for those contributions and you grant
+%# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
+%# royalty-free, perpetual, license to use, copy, create derivative
+%# works based on those contributions, and sublicense and distribute
+%# those contributions and any derivatives thereof.
%#
-%# END LICENSE BLOCK
+%# END BPS TAGGED BLOCK }}}
<%init>
-my %cookies = CGI::Cookie->fetch();
-my %backends = (
- mysql => 'Apache::Session::MySQL',
- Pg => 'Apache::Session::Postgres',
- Oracle => 'Apache::Session::Oracle',
-) unless $RT::WebSessionClass;
-my $session_class = $RT::WebSessionClass || $backends{$RT::DatabaseType} || 'Apache::Session::File';
-my $pm = "$session_class.pm"; $pm =~ s|::|/|g; require $pm;
+return if $m->is_subrequest; # avoid reentrancy, as suggested by masonbook
- eval {
- tie %session, $session_class,
- $SessionCookie || ( $cookies{'RT_SID'} ? $cookies{'RT_SID'}->value() : undef ),
- $backends{$RT::DatabaseType} ? {
- Handle => $RT::Handle->dbh,
- LockHandle => $RT::Handle->dbh,
- } : {
- Directory => $RT::MasonSessionDir,
- LockDirectory => $RT::MasonSessionDir,
- };
+my %cookies = CGI::Cookie->fetch();
+my $cookiename = "RT_SID_" . $RT::rtname . "." . $ENV{'SERVER_PORT'};
+$SessionCookie = $cookies{$cookiename} ? $cookies{$cookiename}->value : undef;
+
+my %backends = (
+ mysql => 'Apache::Session::MySQL',
+ Pg => 'Apache::Session::Postgres',
+
+ # Oracle => 'Apache::Session::Oracle',
+);
+
+my $session_class = $RT::WebSessionClass
+ || $backends{$RT::DatabaseType}
+ || 'Apache::Session::File';
+my $pm = "$session_class.pm";
+$pm =~ s|::|/|g;
+require $pm;
+
+# morning bug avoidance attempt -- pdh 20030815
+unless ( $RT::Handle->dbh && $RT::Handle->dbh->ping ) {
+ $RT::Handle->Connect();
+}
+
+my $session_properties;
+if ( $session_class eq 'Apache::Session::File' ) {
+ $session_properties = {
+ Directory => $RT::MasonSessionDir,
+ LockDirectory => $RT::MasonSessionDir,
+ Transaction => 1
+ };
+} else {
+ $session_properties = {
+ Handle => $RT::Handle->dbh,
+ LockHandle => $RT::Handle->dbh,
+ Transaction => 1
};
- if ($@) {
+}
- # If the session is invalid, create a new session.
- if ( $@ =~ /Object does not/i ) {
- tie %session, $session_class, undef,
- $backends{$RT::DatabaseType} ? {
- Handle => $RT::Handle->dbh,
- LockHandle => $RT::Handle->dbh,
- } : {
- Directory => $RT::MasonSessionDir,
- LockDirectory => $RT::MasonSessionDir,
- };
- undef $cookies{'RT_SID'};
- }
- else {
- die "RT Couldn't write to session directory '$RT::MasonSessionDir': $@. Check that this dir ectory's permissions are correct.";
- }
+eval {
+ tie %session, $session_class, $SessionCookie, $session_properties
+};
+if ($@) {
+
+ # If the session is invalid, create a new session.
+ eval {
+ tie %session, $session_class, undef, $session_properties;
+ undef $cookies{$cookiename};
+ };
+}
+elsif ( !($session{'CurrentUser'} && $session{'CurrentUser'}->id) ) {
+ eval {
+ undef $cookies{$cookiename};
+ tied(%session)->delete;
+ tie %session, $session_class, undef, $session_properties;
}
+}
+
+if ($@) {
+ die loc("RT couldn't store your session.") . "\n"
+ . loc(
+ "This may mean that that the directory '[_1]' isn't writable or a database table is missing or corrupt.",
+ $RT::MasonSessionDir
+ )
+ . "\n\n"
+ . $@;
+}
+
+if ( !$cookies{$cookiename} ) {
+ my $cookie = new CGI::Cookie(
+ -name => $cookiename,
+ -value => $session{_session_id},
+ -path => $RT::WebPath,
+ -secure => ($RT::WebSecureCookies ? 1 :0)
+ );
+ $r->headers_out->{'Set-Cookie'} = $cookie->as_string;
- if ( !$cookies{'RT_SID'} ) {
- my $cookie = new CGI::Cookie(
- -name => 'RT_SID',
- -value => $session{_session_id},
- -path => '/',
- );
- $r->header_out('Set-Cookie', $cookie->as_string);
+}
- }
- return();
+return ();
</%init>
<%args>
-$SessionCookie => ''
+$SessionCookie => undef
</%args>