From c9de665c294f0e4416a9f1ea751e2859eb065a9c Mon Sep 17 00:00:00 2001 From: Marcel de Rooy Date: Thu, 11 May 2017 09:10:50 +0200 Subject: [PATCH] Bug 18578: Use subdirectory in /tmp for session storage during installation Apply the change from bug 15553 to InstallAuth.pm too. Test plan: [1] Remove all cgisess_* files from your /tmp directory. [2] Remove directory /tmp/cgisess_koha_[your instance], if there. [3] Run the webinstaller /cgi-bin/koha/installer/install.pl?step=1&op=updatestructure [4] Check if you have cgisess_ files in /tmp/cgisess_koha_[your instance]. Signed-off-by: Marcel de Rooy Signed-off-by: Josef Moravec Signed-off-by: Jonathan Druart Signed-off-by: Kyle M Hall --- C4/InstallAuth.pm | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/C4/InstallAuth.pm b/C4/InstallAuth.pm index 68512140a4..9c6795f829 100644 --- a/C4/InstallAuth.pm +++ b/C4/InstallAuth.pm @@ -20,6 +20,7 @@ package C4::InstallAuth; use strict; #use warnings; FIXME - Bug 2505 use Digest::MD5 qw(md5_base64); +use File::Spec; require Exporter; use C4::Context; @@ -233,6 +234,7 @@ sub checkauth { my $dbh = C4::Context->dbh(); my $template_name; $template_name = "installer/auth.tt"; + my $sessdir = File::Spec->catdir( File::Spec->tmpdir, 'cgisess_' . C4::Context->config('database') ); # same construction as in C4/Auth # state variables my $loggedin = 0; @@ -243,7 +245,7 @@ sub checkauth { C4::Context->_new_userenv($sessionID); my $session = new CGI::Session( "driver:File;serializer:yaml", $sessionID, - { Directory => '/tmp' } ); + { Directory => $sessdir } ); if ( $session->param('cardnumber') ) { C4::Context->set_userenv( $session->param('number'), @@ -283,7 +285,7 @@ sub checkauth { } unless ($userid) { my $session = - new CGI::Session( "driver:File;serializer:yaml", undef, { Directory => '/tmp' } ); + new CGI::Session( "driver:File;serializer:yaml", undef, { Directory => $sessdir } ); $sessionID = $session->id; $userid = $query->param('userid'); C4::Context->_new_userenv($sessionID); -- 2.39.5