Skip to content

Commit 07eda62

Browse files
authored
Merge pull request #9152 from sbulen/30_bot_sessions
[3.0] Bots - reduce session writes
2 parents 1a70eab + 18ca5ec commit 07eda62

1 file changed

Lines changed: 11 additions & 0 deletions

File tree

Sources/Session.php

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -95,11 +95,20 @@ public function read(string $session_id): string
9595
*/
9696
public function write(string $session_id, string $data): bool
9797
{
98+
// Any action that is not dependent on data within the session may be added to this array
99+
static $no_writes = ['dlattach'];
100+
98101
// Don't bother writing the session if cookies are disabled
99102
if (empty($_COOKIE)) {
100103
return true;
101104
}
102105

106+
// Don't bother writing the session for users just browsing
107+
// If verification is required, always write the session
108+
if ((empty($_REQUEST['action']) || \in_array($_REQUEST['action'], $no_writes, true)) && !empty(Config::$scripturl) && empty(Utils::$context['require_verification']) && !empty(Config::$modSettings['allow_guest_access'])) {
109+
return true;
110+
}
111+
103112
if (preg_match('~^[A-Za-z0-9,-]{16,64}$~', $session_id) == 0) {
104113
return false;
105114
}
@@ -195,6 +204,8 @@ public static function load(): void
195204
@ini_set('session.use_cookies', '1');
196205
@ini_set('url_rewriter.tags', '');
197206
@ini_set('arg_separator.output', '&');
207+
@ini_set('session.lazy_write', '1');
208+
@ini_set('session.cookie_secure', !empty(Config::$modSettings['secureCookies']));
198209

199210
// Allows mods to change/add PHP settings
200211
IntegrationHook::call('integrate_load_session');

0 commit comments

Comments
 (0)