diff options
| -rwxr-xr-x[-rw-r--r--] | lib/util.php | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/lib/util.php b/lib/util.php index 7c85db71f5f..b6f3cb5df44 100644..100755 --- a/lib/util.php +++ b/lib/util.php @@ -358,12 +358,30 @@ class OC_Util { * Todo: Write howto */ public static function callRegister(){ + //mamimum time before token exires + $maxtime=(60*60); // 1 hour + // generate a random token. $token=mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000); // store the token together with a timestamp in the session. $_SESSION['requesttoken-'.$token]=time(); + // cleanup old tokens garbage collector + // only run every 20th time so we donīt waste cpu cycles + if(rand(0,20)==0) { + foreach($_SESSION as $key=>$value) { + // search all tokens in the session + if(substr($key,0,12)=='requesttoken') { + if($value+$maxtime<time()){ + // remove outdated tokens + unset($_SESSION[$key]); + } + } + } + } + + // return the token return($token); } |