Refactor value check and normalization of extended_session_lifetime config

option

Author: pabzm

program/include/rcmail_output_html.php

@@ -2349,14 +2349,12 @@ protected function login_form($attrib)
             'buttons' => [],
         ];
 
-        $extended_session_lifetime_days = $this->config->get('extended_session_lifetime_days', 0);
-        if (is_int($extended_session_lifetime_days) && $extended_session_lifetime_days > 0) {
+        if ($this->config->extended_session_lifetime_days() > 0) {
             $extended_session_lifetime_hidden_field = new html_hiddenfield(['name' => '_extended_session_lifetime', 'value' => '0']);
             $form_content['hidden']['extended_session_lifetime'] = $extended_session_lifetime_hidden_field->show();
 
             // Make sure the value is in the range 1..365.
-            $extended_session_lifetime_days = min(max(1, $extended_session_lifetime_days), 365);
-            $extended_session_lifetime_text = str_replace('#', $extended_session_lifetime_days, $this->app->gettext('extended_session_lifetime_switch_text'));
+            $extended_session_lifetime_text = str_replace('#', $this->config->extended_session_lifetime_days(), $this->app->gettext('extended_session_lifetime_switch_text'));
             $extended_session_lifetime_checkbox = new html_checkbox(['name' => '_extended_session_lifetime', 'id' => '_extended_session_lifetime', 'title' => $extended_session_lifetime_text]);
             $form_content['inputs']['extended_session_lifetime'] = [
                 'content' => html::label(['for' => '_extended_session_lifetime'], [$extended_session_lifetime_checkbox->show(), $extended_session_lifetime_text]),

program/lib/Roundcube/rcube_config.php

@@ -34,6 +34,7 @@ class rcube_config
     private $userprefs = [];
     private $immutable = [];
     private $client_tz;
+    private $extended_session_lifetime_days;
 
     /**
      * Renamed options
@@ -926,4 +927,18 @@ public static function resolve_timezone_alias($tzname)
 
         return $deprecated_timezones[$tzname] ?? $tzname;
     }
+
+    public function extended_session_lifetime_days(): int
+    {
+        if ($this->extended_session_lifetime_days === null) {
+            $config_value = $this->get('extended_session_lifetime_days', 0);
+            if (is_int($config_value) && $config_value > 0) {
+                // Make sure the value is in the range 1..365.
+                $this->extended_session_lifetime_days = min(max(1, $config_value), 365);
+            } else {
+                $this->extended_session_lifetime_days = 0;
+            }
+        }
+        return $this->extended_session_lifetime_days;
+    }
 }

program/lib/Roundcube/rcube_session.php

@@ -745,13 +745,12 @@ public function check_auth()
     public function set_auth_cookie(bool $extended_session_lifetime = false): void
     {
         if ($extended_session_lifetime === true) {
-            $extended_session_lifetime_days = $this->config->get('extended_session_lifetime_days', 0);
-            if (is_int($extended_session_lifetime_days) && $extended_session_lifetime_days > 0) {
-                // Make sure the value is in the range 1..365.
-                $days = min(max(1, $extended_session_lifetime_days), 365);
-                $this->set_lifetime($days * 24 * 60 * 60);
-                $_SESSION['extended_session_lifetime'] = $days * 24 * 60 * 60;
-                $cookie_expiry = time() + $_SESSION['extended_session_lifetime'];
+
+            if ($this->config->extended_session_lifetime_days() > 0) {
+                $lifetime_seconds = $this->config->extended_session_lifetime_days() * 24 * 60 * 60;
+                $this->set_lifetime($lifetime_seconds);
+                $_SESSION['extended_session_lifetime'] = $lifetime_seconds;
+                $cookie_expiry = time() + $lifetime_seconds;
                 // Set the sessid-cookie (again) to force/renew its expiration date.
                 rcube_utils::setcookie(ini_get('session.name'), session_id(), $cookie_expiry);
             }