#!/usr/local/cpanel/3rdparty/bin/perl
# cpanel - scripts/clean_user_php_sessions Copyright 2017 cPanel, Inc.
# All rights Reserved.
# copyright@cpanel.net http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited
package scripts::clean_user_php_sessions;
use strict;
use warnings;
use Cpanel::ProgLang::Supported::php::Ini ();
use Cpanel::ProgLang ();
use Cpanel::EtcCpanel ();
use Cpanel::PHPINI ();
if ( !caller() ) {
exit main(@ARGV);
}
sub main {
my (@args) = @_;
return help() if grep {
my $arg = $_;
grep { $_ eq $arg } qw{-h --help}
} @args;
my $regex = $args[0] // "sess_.*";
die "$0 is not intended to be run by non-root users." if $> != 0;
if ( -e "$Cpanel::EtcCpanel::ETC_CPANEL_DIR/ea4/is_ea4" ) {
my $php = Cpanel::ProgLang->new( type => 'php' );
my $packages = $php->get_installed_packages();
foreach my $pack ( @{$packages} ) {
my $ini = $php->get_ini( 'package' => $pack );
my $directives = $ini->get_basic_directives();
my ( $path, $maxlifetime );
foreach my $directive ( @{$directives} ) {
$maxlifetime = $directive->{'value'} if $directive->{'key'} eq 'session.gc_maxlifetime';
$path = $directive->{'value'} if $directive->{'key'} eq 'session.save_path';
}
clean_sessions( $path, $maxlifetime, $regex );
}
}
else {
my $dirs = Cpanel::PHPINI::get_directives( [ 'session.save_path', 'session.gc_maxlifetime' ], 1, '/usr/local' );
clean_sessions( $dirs->{'session.save_path'}{'value'}, $dirs->{'session.gc_maxlifetime'}{'value'}, $regex );
}
return 0;
}
sub clean_sessions {
my ( $path, $maxlife, $regex ) = @_;
# session.save_path could be commented out, in which case we will let PHP handle garbage collection.
return 0 if !defined $path || !-d $path;
$maxlife = $Cpanel::ProgLang::Supported::php::Ini::SESSION_MAXLIFETIME if !defined $maxlife;
# get_basic_directives can return values with leading/trailing whitespace.
s/^\s+|\s+$//g for ( $path, $maxlife );
$maxlife = $Cpanel::ProgLang::Supported::php::Ini::SESSION_MAXLIFETIME if $maxlife !~ /^\d+$/;
my $time = time;
opendir( my $dh, $path ) or die "Could not open directory $path: $!";
while ( my $file = readdir $dh ) {
next if $file !~ m/$regex/i;
my $ctime = ( stat("$path/$file") )[10];
unlink "$path/$file" if $time - $ctime > $maxlife;
}
return 1;
}
sub help {
print <<USAGE;
$0 [--help]
$0 SESSION_MATCH_REGEX
Clean expired PHP session files.
PHP session files can be stored in a secure temporary directory. This removes PHP's ability
to clean up its own session files. This script should run at least once per day to remove any old PHP session files, and
is automatically added to your crontab via the /scripts/upcp script.
Users can also set custom session handler code via session_set_save_handler(),
which PHP does not know ahead of time how to clean up. Since a way to register a
session cleanup method does not exist, custom scripts are the only way to clean these up.
This script does allow you to remove all files within session.save_path older than session.gc_maxlifetime.
However, you must use a removal regex to prevent mistakes like save_path=/ destroying a system.
We only remove files with session.save_path that contain /sess_.*/ by default.
If one of your users sets a custom save handler that does not follow this format, you will have to provide
a custom regex to this script (SESSION_MATCH_REGEX). Make certain that your regex is specific enough to not be
destructive in the event of save_path being misconfigured.
Even then it is possible that users set exotic save handlers, such as writing to a database.
However, in that case one hopes they have good sense enough to clean up after themselves.
The crontab running this script is editable, and should not be overridden by upcp when adding SESSION_MATCH_REGEX.
USAGE
return 1;
}
1;
Copyright 2K16 - 2K18 Indonesian Hacker Rulez