Marown/swad-core
Marown
/
swad-core
mirror of https://github.com/acanas/swad-core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Version 18.39

This commit is contained in:
Antonio Cañas Vargas 2019-02-13 13:32:11 +01:00
parent f3dcd54b04
commit c62e46d617
23 changed files with 235 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Makefile
View File

@ -36,7 +36,8 @@ OBJS = swad_account.o swad_action.o swad_agenda.o swad_alert.o \
swad_department.o swad_duplicate.o \
swad_enrolment.o swad_exam.o \
swad_figure.o swad_file.o swad_file_browser.o swad_file_extension.o \
swad_file_MIME.o swad_follow.o swad_form.o swad_forum.o \
swad_file_MIME.o swad_firewall.o swad_follow.o swad_form.o \
swad_forum.o \
swad_game.o swad_global.o swad_group.o \
swad_help.o swad_hierarchy.o swad_holiday.o \
swad_icon.o swad_ID.o swad_image.o swad_indicator.o swad_info.o \

19
sql/cambios.sql
View File

@ -12593,19 +12593,8 @@ ALTER TABLE ws_keys ENGINE=MyISAM;
OPTIMIZE TABLE ws_keys;
SELECT Weekday,TIME_TO_SEC(StartTime) AS S,TIME_TO_SEC(Duration) AS D,Place,ClassType,GrpCod FROM timetable_crs WHERE CrsCod=19 ORDER BY Weekday,S,ClassType,GrpCod,Place,D DESC;
CREATE TABLE IF NOT EXISTS firewall (ClickTime DATETIME NOT NULL,IP CHAR(15) NOT NULL,INDEX(ClickTime),INDEX(IP));

8
sql/swad.sql
View File

@ -522,6 +522,14 @@ CREATE TABLE IF NOT EXISTS files (
INDEX(ZoneUsrCod),
INDEX(PublisherUsrCod));
--
-- Table firewall: stores the most recent IPs in order to mitigate denial of service attacks
--
CREATE TABLE IF NOT EXISTS firewall (
ClickTime DATETIME NOT NULL,
IP CHAR(15) NOT NULL,
INDEX(ClickTime),
INDEX(IP));
--
-- Table forum_disabled_post: stores the forum post that have been disabled
--
CREATE TABLE IF NOT EXISTS forum_disabled_post (

2
swad_agenda.c
View File

@ -1125,7 +1125,7 @@ static void Agd_GetDataOfEventByCod (struct AgendaEvent *AgdEvent)
"SELECT AgdCod,Public,Hidden,"
"UNIX_TIMESTAMP(StartTime),"
"UNIX_TIMESTAMP(EndTime),"
"NOW()>EndTime," // Past event?
"NOW()>EndTime," // Past event?
"NOW()<StartTime," // Future event?
"Event,Location"
" FROM agendas"

10
swad_changelog.h
View File

@ -359,6 +359,8 @@ Buenos d
// TODO: Sale de vez en cuando un mensaje "Can not get information about a file or folder.", por ejemplo en el timeline.
// TODO: Tabla de asistencia con símbolos tip ok como entidades HTML
/*****************************************************************************/
/****************************** Public constants *****************************/
/*****************************************************************************/
@ -378,11 +380,15 @@ En OpenSWAD:
ps2pdf source.ps destination.pdf
*/
#define Log_PLATFORM_VERSION "SWAD 18.38 (2019-02-13)"
#define Log_PLATFORM_VERSION "SWAD 18.39 (2019-02-13)"
#define CSS_FILE "swad18.33.css"
#define JS_FILE "swad18.32.1.js"
/*
Version 18.38: Feb 13, 2019 New icons for social networks. (? lines)
Version 18.39: Feb 13, 2019 New module swad_firewall to mitigate mitigate DoS attacks. (239101 lines)
1 change necessary in database:
CREATE TABLE IF NOT EXISTS firewall (ClickTime DATETIME NOT NULL,IP CHAR(15) NOT NULL,INDEX(ClickTime),INDEX(IP));
Version 18.38: Feb 13, 2019 New icons for social networks. (238940 lines)
2 changes necessary in database:
DELETE FROM usr_webs WHERE Web='quitter';
ALTER TABLE usr_webs CHANGE Web Web ENUM('www', '500px', 'delicious', 'deviantart', 'diaspora', 'edmodo', 'facebook', 'flickr', 'foursquare', 'github', 'gnusocial', 'googleplus', 'googlescholar', 'identica', 'instagram', 'linkedin', 'orcid', 'paperli', 'pinterest', 'researchgate', 'researcherid', 'scoopit', 'slideshare', 'stackoverflow', 'storify', 'tumblr', 'twitter', 'wikipedia', 'youtube') NOT NULL;

2
swad_course.c
View File

@ -3470,7 +3470,7 @@ void Crs_RemoveOldCrss (void)
/***** Get old courses from database *****/
NumCrss = DB_QuerySELECT (&mysql_res,"can not get old courses",
"SELECT CrsCod FROM crs_last WHERE"
" LastTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')"
" LastTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)"
" AND CrsCod NOT IN (SELECT DISTINCT CrsCod FROM crs_usr)",
SecondsWithoutAccess);
if (NumCrss)

21
swad_database.c
View File

@ -1149,6 +1149,23 @@ mysql> DESCRIBE files;
"INDEX(ZoneUsrCod),"
"INDEX(PublisherUsrCod))");
/***** Table firewall *****/
/*
mysql> DESCRIBE firewall;
+-----------+----------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-----------+----------+------+-----+---------+-------+
| ClickTime | datetime | NO | MUL | NULL | |
| IP | char(15) | NO | MUL | NULL | |
+-----------+----------+------+-----+---------+-------+
2 rows in set (0.00 sec)
*/
DB_CreateTable ("CREATE TABLE IF NOT EXISTS firewall ("
"ClickTime DATETIME NOT NULL,"
"IP CHAR(15) NOT NULL," // Cns_MAX_BYTES_IP
"INDEX(ClickTime),"
"INDEX(IP))");
/***** Table forum_disabled_post *****/
/*
mysql> DESCRIBE forum_disabled_post;
@ -1543,7 +1560,7 @@ mysql> DESCRIBE log_full;
"ClickTime DATETIME NOT NULL,"
"TimeToGenerate INT NOT NULL,"
"TimeToSend INT NOT NULL,"
"IP CHAR(15) NOT NULL," // Cns_MAX_CHARS_IP
"IP CHAR(15) NOT NULL," // Cns_MAX_BYTES_IP
"UNIQUE INDEX(LogCod),"
"INDEX(ActCod),"
"INDEX(CtyCod),"
@ -1590,7 +1607,7 @@ mysql> DESCRIBE log_recent;
"ClickTime DATETIME NOT NULL,"
"TimeToGenerate INT NOT NULL,"
"TimeToSend INT NOT NULL,"
"IP CHAR(15) NOT NULL," // Cns_MAX_CHARS_IP
"IP CHAR(15) NOT NULL," // Cns_MAX_BYTES_IP
"UNIQUE INDEX(LogCod),"
"INDEX(ActCod),"
"INDEX(CtyCod),"

8
swad_enrolment.c
View File

@ -862,7 +862,7 @@ void Enr_RemoveOldUsrs (void)
"SELECT UsrCod FROM"
"("
"SELECT UsrCod FROM usr_last WHERE"
" LastTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')"
" LastTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)"
" UNION "
"SELECT UsrCod FROM usr_data WHERE"
" UsrCod NOT IN (SELECT UsrCod FROM usr_last)"
@ -3062,15 +3062,15 @@ static void Enr_RemoveExpiredEnrolmentRequests (void)
" SET notif.Status=(notif.Status | %u)"
" WHERE notif.NotifyEvent=%u"
" AND notif.Cod=crs_usr_requests.ReqCod"
" AND crs_usr_requests.RequestTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')",
" AND crs_usr_requests.RequestTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
(unsigned) Ntf_STATUS_BIT_REMOVED,
(unsigned) Ntf_EVENT_ENROLMENT_REQUEST,
Cfg_TIME_TO_DELETE_ENROLMENT_REQUESTS);
/***** Remove expired requests for enrolment *****/
DB_QueryDELETE ("can not remove expired requests for enrolment",
"DELETE FROM crs_usr_requests"
" WHERE RequestTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')",
"DELETE LOW_PRIORITY FROM crs_usr_requests"
" WHERE RequestTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
Cfg_TIME_TO_DELETE_ENROLMENT_REQUESTS);
}

2
swad_figure.h
View File

@ -27,8 +27,6 @@
/********************************* Headers ***********************************/
/*****************************************************************************/
// #include "swad_user.h"
/*****************************************************************************/
/************************** Public types and constants ***********************/
/*****************************************************************************/

4
swad_file_browser.c
View File

@ -7860,7 +7860,7 @@ void Brw_RemoveExpiredExpandedFolders (void)
/***** Remove all expired clipboards *****/
DB_QueryDELETE ("can not remove old expanded folders",
"DELETE LOW_PRIORITY FROM expanded_folders"
" WHERE ClickTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')",
" WHERE ClickTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
Cfg_TIME_TO_DELETE_BROWSER_EXPANDED_FOLDERS);
}
@ -7873,7 +7873,7 @@ static void Brw_RemoveExpiredClipboards (void)
/***** Remove all expired clipboards *****/
DB_QueryDELETE ("can not remove old paths from clipboard",
"DELETE LOW_PRIORITY FROM clipboard"
" WHERE CopyTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')",
" WHERE CopyTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
Cfg_TIME_TO_DELETE_BROWSER_CLIPBOARD);
}

118
swad_firewall.c Normal file
View File

@ -0,0 +1,118 @@
// swad_firewall.c: firewall to mitigate mitigate denial of service attacks
/*
SWAD (Shared Workspace At a Distance),
is a web platform developed at the University of Granada (Spain),
and used to support university teaching.
This file is part of SWAD core.
Copyright (C) 1999-2019 Antonio Cañas Vargas
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*****************************************************************************/
/********************************* Headers ***********************************/
/*****************************************************************************/
#include "swad_database.h"
#include "swad_global.h"
/*****************************************************************************/
/************** External global variables from others modules ****************/
/*****************************************************************************/
extern struct Globals Gbl;
/*****************************************************************************/
/***************************** Private constants *****************************/
/*****************************************************************************/
#define Fw_CHECK_INTERVAL ((time_t)(10UL)) // Check clicks in the last 10 seconds
#define Fw_MAX_CLICKS_IN_INTERVAL 30 // Maximum of 30 clicks allowed in 10 seconds
#define Fw_TIME_TO_DELETE_OLD_CLICKS Fw_CHECK_INTERVAL // Remove clicks older than these seconds
/*****************************************************************************/
/******************************* Private types *******************************/
/*****************************************************************************/
/*****************************************************************************/
/***************************** Internal prototypes ***************************/
/*****************************************************************************/
/*****************************************************************************/
/************************** Log access into firewall *************************/
/*****************************************************************************/
void FW_LogAccess (void)
{
/***** Log access in firewall recent log *****/
DB_QueryINSERT ("can not log access into firewall",
"INSERT INTO firewall (ClickTime,IP) VALUES (NOW(),'%s')",
Gbl.IP);
}
/*****************************************************************************/
/************************** Log access into firewall *************************/
/*****************************************************************************/
void FW_CheckFirewallAndExitIfTooManyRequests (void)
{
unsigned long NumClicks;
/***** Get number of clicks from database *****/
NumClicks = DB_QueryCOUNT ("can not check firewall",
"SELECT COUNT(*) FROM firewall"
" WHERE IP='%s'"
" AND ClickTime>FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
Gbl.IP,
Fw_CHECK_INTERVAL);
/***** Exit with status 429 if too many connections *****/
/* RFC 6585 suggests "429 Too Many Requests", according to
https://stackoverflow.com/questions/46664695/whats-the-correct-http-response-code-to-return-for-denial-of-service-dos-atta
https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429 */
if (NumClicks > Fw_MAX_CLICKS_IN_INTERVAL)
{
/* Return status 429 Too Many Requests */
fprintf (stdout,"Content-Type: text/html; charset=windows-1252\n"
"Retry-After: 3600\n"
"Status: 429\r\n\r\n"
"<html>"
"<head>"
"<title>Too Many Requests</title>"
"</head>"
"<body>"
"<h1>Please stop that</h1>"
"</body>"
"</html>\n");
/* Close database connection and exit */
DB_CloseDBConnection ();
exit (0);
}
}
/*****************************************************************************/
/********************** Remove old clicks from firewall **********************/
/*****************************************************************************/
void FW_PurgeFirewall (void)
{
/***** Remove old clicks *****/
DB_QueryDELETE ("can not purge firewall",
"DELETE LOW_PRIORITY FROM firewall"
" WHERE ClickTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
Fw_TIME_TO_DELETE_OLD_CLICKS);
}

42
swad_firewall.h Normal file
View File

@ -0,0 +1,42 @@
// swad_firewall.h: firewall to mitigate mitigate denial of service attacks
#ifndef _SWAD_FW
#define _SWAD_FW
/*
SWAD (Shared Workspace At a Distance in Spanish),
is a web platform developed at the University of Granada (Spain),
and used to support university teaching.
This file is part of SWAD core.
Copyright (C) 1999-2019 Antonio Cañas Vargas
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*****************************************************************************/
/********************************* Headers ***********************************/
/*****************************************************************************/
/*****************************************************************************/
/************************** Public types and constants ***********************/
/*****************************************************************************/
/*****************************************************************************/
/***************************** Public prototypes *****************************/
/*****************************************************************************/
void FW_LogAccess (void);
void FW_CheckFirewallAndExitIfTooManyRequests (void);
void FW_PurgeFirewall (void);
#endif

2
swad_forum.c
View File

@ -4557,7 +4557,7 @@ static void For_RemoveExpiredThrsClipboards (void)
/***** Remove all expired clipboards *****/
DB_QueryDELETE ("can not remove old threads from clipboards",
"DELETE LOW_PRIORITY FROM forum_thr_clip"
" WHERE TimeInsert<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')",
" WHERE TimeInsert<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
Cfg_TIME_TO_DELETE_THREAD_CLIPBOARD);
}

8
swad_layout.c
View File

@ -37,6 +37,7 @@
#include "swad_connected.h"
#include "swad_database.h"
#include "swad_exam.h"
#include "swad_firewall.h"
#include "swad_follow.h"
#include "swad_form.h"
#include "swad_global.h"
@ -1405,9 +1406,12 @@ void Lay_RefreshNotifsAndConnected (void)
bool ShowConnected = (Gbl.Prefs.SideCols & Lay_SHOW_RIGHT_COLUMN) &&
Gbl.CurrentCrs.Crs.CrsCod > 0; // Right column visible && There is a course selected
// Sometimes, someone must do this work, so who best than processes that refresh via AJAX?
/***** Sometimes, someone must do this work,
so who best than processes that refresh via AJAX? *****/
if (!(Gbl.PID % 11)) // Do this only one of 11 times ( 11 is prime)
Ntf_SendPendingNotifByEMailToAllUsrs (); // Send pending notifications by email
else if (!(Gbl.PID % 19)) // Do this only one of 19 times ( 19 is prime)
FW_PurgeFirewall ();
else if (!(Gbl.PID % 1013)) // Do this only one of 1013 times (1013 is prime)
Brw_RemoveExpiredExpandedFolders (); // Remove old expanded folders (from all users)
else if (!(Gbl.PID % 1019)) // Do this only one of 1019 times (1019 is prime)
@ -1415,7 +1419,7 @@ void Lay_RefreshNotifsAndConnected (void)
else if (!(Gbl.PID % 1021)) // Do this only one of 1021 times (1021 is prime)
Sta_RemoveOldEntriesRecentLog (); // Remove old entries in recent log table, it's a slow query
// Send, before the HTML, the refresh time
/***** Send, before the HTML, the refresh time *****/
fprintf (Gbl.F.Out,"%lu|",Gbl.Usrs.Connected.TimeToRefreshInMs);
if (Gbl.Usrs.Me.Logged)
Ntf_WriteNumberOfNewNtfs ();

4
swad_mail.c
View File

@ -1774,8 +1774,8 @@ static void Mai_InsertMailKey (const char Email[Cns_MAX_BYTES_EMAIL_ADDRESS + 1]
{
/***** Remove expired pending emails from database *****/
DB_QueryDELETE ("can not remove old pending mail keys",
"DELETE FROM pending_emails"
" WHERE DateAndTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')",
"DELETE LOW_PRIORITY FROM pending_emails"
" WHERE DateAndTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
Cfg_TIME_TO_DELETE_OLD_PENDING_EMAILS);
/***** Insert mail key in database *****/

9
swad_main.c
View File

@ -34,6 +34,7 @@
#include "swad_config.h"
#include "swad_connected.h"
#include "swad_database.h"
#include "swad_firewall.h"
#include "swad_global.h"
#include "swad_hierarchy.h"
#include "swad_MFU.h"
@ -109,10 +110,10 @@ int main (void)
{
Par_CreateListOfParams ();
Par_GetMainParameters ();
/*
if (!strcmp (Gbl.IP,"83.50.221.168"))
fprintf (stdout,"Status: 403\r\n\r\n");
*/
/***** Mitigate DoS attacks *****/
FW_LogAccess ();
FW_CheckFirewallAndExitIfTooManyRequests ();
Hie_InitHierarchy ();
if (!Gbl.WebService.IsWebService)

4
swad_notification.c
View File

@ -1535,7 +1535,7 @@ void Ntf_SendPendingNotifByEMailToAllUsrs (void)
if ((NumRows = DB_QuerySELECT (&mysql_res,"can not get users"
" who must be notified",
"SELECT DISTINCT ToUsrCod FROM notif"
" WHERE TimeNotif<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')"
" WHERE TimeNotif<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)"
" AND (Status & %u)<>0"
" AND (Status & %u)=0"
" AND (Status & %u)=0",
@ -1578,7 +1578,7 @@ void Ntf_SendPendingNotifByEMailToAllUsrs (void)
/***** Delete old notifications ******/
DB_QueryDELETE ("can not remove old notifications",
"DELETE LOW_PRIORITY FROM notif"
" WHERE TimeNotif<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')",
" WHERE TimeNotif<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
Cfg_TIME_TO_DELETE_OLD_NOTIF);
}

4
swad_password.c
View File

@ -514,8 +514,8 @@ void Pwd_SetMyPendingPassword (char PlainPassword[Pwd_MAX_BYTES_PLAIN_PASSWORD +
/***** Remove expired pending passwords from database *****/
DB_QueryDELETE ("can not remove expired pending passwords",
"DELETE FROM pending_passwd"
" WHERE DateAndTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')",
"DELETE LOW_PRIORITY FROM pending_passwd"
" WHERE DateAndTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
Cfg_TIME_TO_DELETE_OLD_PENDING_PASSWORDS);
/***** Update my current password in database *****/

2
swad_photo.c
View File

@ -1469,7 +1469,7 @@ static long Pho_GetDegWithAvgPhotoLeastRecentlyUpdated (void)
"SELECT sta_degrees.DegCod"
" FROM sta_degrees,courses,crs_usr"
" WHERE sta_degrees.TimeAvgPhoto<"
"FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')"
"FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)"
" AND sta_degrees.DegCod=courses.DegCod"
" AND courses.CrsCod=crs_usr.CrsCod"
" AND crs_usr.Role=%u"

2
swad_preference.c
View File

@ -218,7 +218,7 @@ void Pre_RemoveOldPrefsFromIP (void)
/***** Remove old preferences *****/
DB_QueryDELETE ("can not remove old preferences",
"DELETE LOW_PRIORITY FROM IP_prefs"
" WHERE LastChange<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')",
" WHERE LastChange<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
Cfg_TIME_TO_DELETE_IP_PREFS);
}

4
swad_session.c
View File

@ -239,11 +239,11 @@ void Ses_RemoveExpiredSessions (void)
and last refresh is too old (browser probably was closed)) */
DB_QueryDELETE ("can not remove expired sessions",
"DELETE LOW_PRIORITY FROM sessions WHERE"
" LastTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')"
" LastTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)"
" OR "
"(LastRefresh>LastTime+INTERVAL 1 SECOND"
" AND"
" LastRefresh<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu'))",
" LastRefresh<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu))",
Cfg_TIME_TO_CLOSE_SESSION_FROM_LAST_CLICK,
Cfg_TIME_TO_CLOSE_SESSION_FROM_LAST_REFRESH);
}

3
swad_statistic.c
View File

@ -26,6 +26,7 @@
/*****************************************************************************/
#include <math.h> // For log10, floor, ceil, modf, sqrt...
#include <stdlib.h> // For getenv, malloc
#include <string.h> // For string functions
#include "swad_box.h"
@ -274,7 +275,7 @@ void Sta_RemoveOldEntriesRecentLog (void)
/***** Remove all expired clipboards *****/
DB_QueryDELETE ("can not remove old entries from recent log",
"DELETE LOW_PRIORITY FROM log_recent"
" WHERE ClickTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')",
" WHERE ClickTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
Sta_SECONDS_IN_RECENT_LOG);
}

4
swad_web_service.c
View File

@ -487,8 +487,8 @@ static int Svc_RemoveOldWSKeys (void)
/***** Remove expired sessions *****/
/* A session expire when last click (LastTime) is too old,
or when there was at least one refresh (navigator supports AJAX) and last refresh is too old (browser probably was closed) */
sprintf (Query,"DELETE LOW_PRIORITY FROM ws_keys WHERE"
" LastTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-'%lu')",
sprintf (Query,"DELETE LOW_PRIORITY FROM ws_keys"
" WHERE LastTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
Cfg_TIME_TO_DELETE_WEB_SERVICE_KEY);
if (mysql_query (&Gbl.mysql,Query))
return soap_receiver_fault (Gbl.soap,