From 950650fd1f908a8c09033963d6d5d5dae0394c7c Mon Sep 17 00:00:00 2001
From: Skylar Ittner <admin@netsyms.com>
Date: Fri, 9 Jun 2017 03:44:55 -0600
Subject: [PATCH] Automatically delete old sessions

---
 api.php               | 7 +++++++
 settings.template.php | 5 ++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/api.php b/api.php
index ced2072..239a44f 100644
--- a/api.php
+++ b/api.php
@@ -3,6 +3,13 @@
 require __DIR__ . '/required.php';
 header("Content-Type: application/json");
 
+// Oldest session allowed
+$session_min_date = date("Y-m-d H:i:s", strtotime("-" . SESSION_EXPIRE_MINUTES . " minutes"));
+// Delete old sessions
+$old_sessions = $database->select("sessions", "sid", ["timestamp[<]" => $session_min_date]);
+$database->delete("scrambled_answers", ["sid" => $old_sessions]);
+$database->delete("sessions", ["sid" => $old_sessions]);
+
 switch ($VARS['action']) {
     case "ping":
         $out = ["status" => "OK", "pong" => true];
diff --git a/settings.template.php b/settings.template.php
index 5653230..51225e9 100644
--- a/settings.template.php
+++ b/settings.template.php
@@ -11,4 +11,7 @@ define("DB_NAME", "captcheck");
 define("DB_SERVER", "localhost");
 define("DB_USER", "");
 define("DB_PASS", "");
-define("DB_CHARSET", "utf8");
\ No newline at end of file
+define("DB_CHARSET", "utf8");
+
+// Sessions more than this many minutes old will be automatically deleted.
+define("SESSION_EXPIRE_MINUTES", 30);
\ No newline at end of file