jilo-web/app/includes/session_middleware.php

<?php

/**
 * Session Middleware
 *
 * Validates session status and handles session timeout.
 * If session is invalid, redirects to login page.
 */

function applySessionMiddleware($config, $app_root, $isTest = false) {
    // Start session if not already started
    if (session_status() !== PHP_SESSION_ACTIVE) {
        Session::startSession();
    }

    // Check session validity
    if (!Session::isValidSession()) {
        // Only show session timeout message if there was an active session
        // and we haven't shown it yet
        if (isset($_SESSION['LAST_ACTIVITY']) && !isset($_SESSION['session_timeout_shown'])) {
            Feedback::flash('LOGIN', 'SESSION_TIMEOUT');
            $_SESSION['session_timeout_shown'] = true;
        }

        // Session invalid, clean up and redirect
        Session::cleanup($config);

        if (!$isTest) {
            header('Location: ' . $app_root . '?page=login');
            exit();
        }
        return false;
    }

    return true;
}
Adds session management 2025-02-17 12:36:00 +00:00			`<?php`

			`/**`
			`* Session Middleware`
Adds tests for middleware 2025-02-19 13:31:01 +00:00			`*`
Adds session management 2025-02-17 12:36:00 +00:00			`* Validates session status and handles session timeout.`
Removes code duplicating with session class 2025-04-13 16:11:52 +00:00			`* If session is invalid, redirects to login page.`
Adds session management 2025-02-17 12:36:00 +00:00			`*/`

Removes code duplicating with session class 2025-04-13 16:11:52 +00:00			`function applySessionMiddleware($config, $app_root, $isTest = false) {`
			`// Start session if not already started`
			`if (session_status() !== PHP_SESSION_ACTIVE) {`
			`Session::startSession();`
Adds tests for middleware 2025-02-19 13:31:01 +00:00			`}`

Removes code duplicating with session class 2025-04-13 16:11:52 +00:00			`// Check session validity`
			`if (!Session::isValidSession()) {`
Session expiration bug fix 2025-04-14 07:06:13 +00:00			`// Only show session timeout message if there was an active session`
Fixes to show session expiration only once 2025-04-14 12:31:19 +00:00			`// and we haven't shown it yet`
			`if (isset($_SESSION['LAST_ACTIVITY']) && !isset($_SESSION['session_timeout_shown'])) {`
Session expiration bug fix 2025-04-14 07:06:13 +00:00			`Feedback::flash('LOGIN', 'SESSION_TIMEOUT');`
Fixes to show session expiration only once 2025-04-14 12:31:19 +00:00			`$_SESSION['session_timeout_shown'] = true;`
Session expiration bug fix 2025-04-14 07:06:13 +00:00			`}`

Removes code duplicating with session class 2025-04-13 16:11:52 +00:00			`// Session invalid, clean up and redirect`
			`Session::cleanup($config);`
Fixes session management and increases time to 2 hours w/out "remember me" 2025-04-12 13:22:41 +00:00
Removes code duplicating with session class 2025-04-13 16:11:52 +00:00			`if (!$isTest) {`
			`header('Location: ' . $app_root . '?page=login');`
			`exit();`
Fixes session management and increases time to 2 hours w/out "remember me" 2025-04-12 13:22:41 +00:00			`}`
Removes code duplicating with session class 2025-04-13 16:11:52 +00:00			`return false;`
Fixes session management and increases time to 2 hours w/out "remember me" 2025-04-12 13:22:41 +00:00			`}`

			`return true;`
			`}`