Please review: Saving resources by disabling sessions for non-Admins Please review: Saving resources by disabling sessions for non-Admins
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Please review: Saving resources by disabling sessions for non-Admins

Started by ulikoeln, April 21, 2006, 05:10:53 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

ulikoeln

April 21, 2006, 05:10:53 PM Last Edit: April 21, 2006, 06:14:59 PM by GauGau
Hi,

our gallery is used for anonymous browsing only - users can view, upload and comment
without having to register. The only user we need is the admin user.

Unfortunately,  1.4.x  now uses DB sessions for all users (different from 1.3.x). This would have
been great if the session were used to cache all kinds of config data in order to save multiple
DB calls. However, this is not the case and the session stuff adds even more DB requests.

So to save DB resources, we made some modifications to disable sessions for non-Admins.
So far, it seems to work well - but those who know better about the internals of CPG are
invited to comment. Maybe we are breaking some functionality unknowingly?


This is what we did: in init.inc.php we check the IP of the user. If it is from an array
of pre-defined admin IPs, we include the regular bridge-file of CPG. So we, the owners, can use CPG
in the original state with sessions and stuff.  If the request comes from a non-Admin IP, we include
a special bridge file where the session stuff is left out. It always returns "0" on the login function
and has all DB Requests replaced by "0" results in order to mimic the original coppermine.inc's behaviour.

This will save us lots of DB queries. Works great, the anonymous users can still write comments and ecards
and upload into the galleries we  allow.  So will these changes break something we are not aware of?


changes:

init.inc.php  (around line 234 )

$nc_admin_ips = array("1.2.3.4", "127.0.0.1");
if ( in_array($_SERVER["REMOTE_ADDR"], $nc_admin_ips) )
{
  require_once 'bridge/' . UDB_INTEGRATION . '.inc.php';
}
else
{
  require_once 'bridge/' . UDB_INTEGRATION . '_nosession.inc.php';
}


and the diffs:

diff -b -B coppermine_nosession.inc.php coppermine.inc.php
106,109d105
<
< ################ NO LOGIN ALLOWED !!! ##########################################
<                 return false;
<
166c162
< ################cpg_db_query($sql, $this->link_id);
---
>                 cpg_db_query($sql, $this->link_id);
216c212
< ################cpg_db_query($sql, $this->link_id);
---
>                 cpg_db_query($sql, $this->link_id);
220,221c216,217
< ################cpg_db_query($sql, $this->link_id);
< /*
---
>                 cpg_db_query($sql, $this->link_id);
>
227c223
< ####################$result = cpg_db_query($sql);
---
>                     $result = cpg_db_query($sql);
257c253
< ########################$this->create_session();
---
>                         $this->create_session();
263c259
< ####################$this->create_session();
---
>                     $this->create_session();
265,266d260
< */
<                 return ($id) ? array($id, $pass) : false;
268c262
<                 return false;
---
>                 return ($id) ? array($id, $pass) : false;
277c271
< ################cpg_db_query($sql);
---
>                 cpg_db_query($sql);
292c286
< ################cpg_db_query($sql, $this->link_id);
---
>                 cpg_db_query($sql, $this->link_id);
308,309d301
< ################################
< /*
315d306
< */
330,331c321
< ########################$count = mysql_fetch_assoc($result);
<                         $count = 0;
---
>                         $count = mysql_fetch_assoc($result);
336,337c326
< ########################$count = array_merge(mysql_fetch_assoc($result), $count);
<                         $count = array_merge(0, $count);
---
>                         $count = array_merge(mysql_fetch_assoc($result), $coun
t);


Regards,
Ulrich

douglasgblake

#1
November 15, 2006, 04:49:03 PM
Hi Ulrich, did you ever get a reply to your post?

What I want is for a single ADMIN user and everyone else to be guest browsers of the album(s). I dont want comments or any other uploading.

Doug

Joachim Müller

#2
November 16, 2006, 07:09:52 AM
This mod does not deal with the ability of users to use certain Coppermine features (like commenting or uploading). You can turn those features off in Coppermine already, you won't need this mod (read the documentation). This mod takes care of starting a session - if you have no idea what a session is, then don't use this mod. In fact, I can't see the point of this mod anyway, as starting a session doesn't hurt in terms of performance, compared to the other things Coppermine does (in terms of burning CPU cycles).

hassan784

#3
September 13, 2007, 10:08:46 PM
my site use much resources..i use coppermine ..what I do?

Joachim Müller

#4
September 14, 2007, 09:11:02 AM
Don't use this mod. If you have issues with your coppermine gallery burning too many resources, start a new thread on the support board, posting a link to your gallery. Do not clutter this thread any longer. Just one posting above yours I already said the same thing: this mod is not meant to save resources. If you don't have issues with sessions, then butt out.
Print
Go Up Pages1
User actions