From 1079c4a1eadc10abee11c9b3ac1f9833405aaa6f Mon Sep 17 00:00:00 2001
From: iglocska <andras.iklody@gmail.com>
Date: Wed, 16 Sep 2015 18:55:28 +0200
Subject: [PATCH] Added a diagnostic to check and purge overgrown session
 tables

---
 VERSION.json                                     |  2 +-
 app/Controller/ServersController.php             | 16 +++++++++++++++-
 app/Model/AppModel.php                           | 13 +++++++------
 app/Model/Server.php                             | 11 +++++++++++
 app/View/Elements/healthElements/diagnostics.ctp | 15 +++++++++++++++
 5 files changed, 49 insertions(+), 8 deletions(-)

diff --git a/VERSION.json b/VERSION.json
index 04f80fdef..53326bbc8 100644
--- a/VERSION.json
+++ b/VERSION.json
@@ -1 +1 @@
-{"major":2, "minor":3, "hotfix":127}
\ No newline at end of file
+{"major":2, "minor":3, "hotfix":128}
\ No newline at end of file
diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php
index 3773cc856..725d241ec 100755
--- a/app/Controller/ServersController.php
+++ b/app/Controller/ServersController.php
@@ -319,6 +319,7 @@ class ServersController extends AppController {
 			$stixOperational = array(0 => 'STIX or CyBox library not installed correctly', 1 => 'OK');
 			$stixVersion = array(0 => 'Incorrect STIX version installed, found $current, expecting $expected', 1 => 'OK');
 			$cyboxVersion = array(0 => 'Incorrect CyBox version installed, found $current, expecting $expected', 1 => 'OK');
+			$sessionErrors = array(0 => 'OK', 1 => 'High');
 			
 			$finalSettings = $this->Server->serverSettingsRead();
 			$issues = array(	
@@ -380,7 +381,12 @@ class ServersController extends AppController {
 				// if Proxy is set up in the settings, try to connect to a test URL
 				$proxyStatus = $this->Server->proxyDiagnostics($diagnostic_errors);
 				
-				$additionalViewVars = array('gpgStatus', 'proxyStatus', 'zmqStatus', 'stixVersion', 'cyboxVersion','gpgErrors', 'proxyErrors', 'zmqErrors', 'stixOperational', 'stix');
+				// check the size of the session table
+				$sessionCount = 0;
+				$sessionStatus = $this->Server->sessionDiagnostics($diagnostic_errors, $sessionCount);
+				$this->set('sessionCount', $sessionCount);
+				
+				$additionalViewVars = array('gpgStatus', 'sessionErrors', 'proxyStatus', 'sessionStatus', 'zmqStatus', 'stixVersion', 'cyboxVersion','gpgErrors', 'proxyErrors', 'zmqErrors', 'stixOperational', 'stix');
 			}
 			// check whether the files are writeable
 			$writeableDirs = $this->Server->writeableDirsDiagnostics($diagnostic_errors);
@@ -654,4 +660,12 @@ class ServersController extends AppController {
 		}		
 		$this->render('ajax/zeromqstatus');
 	}
+	
+	public function purgeSessions() {
+		if (!$this->_isSiteAdmin()) throw new MethodNotAllowedException();
+		if ($this->Server->updateDatabase('cleanSessionTable') == false) {
+			$this->Session->setFlash('Could not purge the session table.');
+		}
+		$this->redirect('/servers/serverSettings/diagnostics');
+	}
 }
diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php
index bc784b818..6bb46b7e7 100755
--- a/app/Model/AppModel.php
+++ b/app/Model/AppModel.php
@@ -49,16 +49,14 @@ class AppModel extends Model {
 
 	public function updateDatabase($command) {
 		$sql = '';
-		$model = 'Event';
 		$this->Log = ClassRegistry::init('Log');
+		$clean = true;
 		switch ($command) {
 			case 'extendServerOrganizationLength':
 				$sql = 'ALTER TABLE `servers` MODIFY COLUMN `organization` varchar(255) NOT NULL;';
-				$model = 'Server';
 				break;
 			case 'convertLogFieldsToText':
 				$sql = 'ALTER TABLE `logs` MODIFY COLUMN `title` text, MODIFY COLUMN `change` text;';
-				$model= 'Log';
 				break;
 			case 'addEventBlacklists':
 				$sql = 'CREATE TABLE IF NOT EXISTS `event_blacklists` ( `id` int(11) NOT NULL AUTO_INCREMENT, `event_uuid` varchar(40) COLLATE utf8_bin NOT NULL, `created` datetime NOT NULL, PRIMARY KEY (`id`), `event_info` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, `comment` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, `event_orgc` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin ;';
@@ -74,13 +72,16 @@ class AppModel extends Model {
 				$this->__dropIndex('events', 'uuid');
 				$sql = 'ALTER TABLE `events` ADD UNIQUE (uuid);';
 				break;
+			case 'cleanSessionTable':
+				$sql = 'DELETE FROM `cake_sessions` WHERE `expires` < ' . time() . ';';
+				$clean = false;
+				break;
 			default:
 				return false;
 				break;
 		}
-		$m = ClassRegistry::init($model);
 		try {
-			$m->query($sql);
+			$this->query($sql);
 			$this->Log->create();
 			$this->Log->save(array(
 					'org' => 'SYSTEM',
@@ -105,7 +106,7 @@ class AppModel extends Model {
 					'change' => 'The executed SQL query was: ' . $sql . PHP_EOL . ' The returned error is: ' . $e->getMessage()
 			));
 		}
-		$this->cleanCacheFiles();
+		if ($clean) $this->cleanCacheFiles();
 		return true;
 	}
 	
diff --git a/app/Model/Server.php b/app/Model/Server.php
index 0dc4d0190..b977e2818 100755
--- a/app/Model/Server.php
+++ b/app/Model/Server.php
@@ -1551,6 +1551,17 @@ class Server extends AppModel {
 		return $proxyStatus;
 	}
 	
+	public function sessionDiagnostics(&$diagnostic_errors, &$sessionCount) {
+		$sql = 'SELECT COUNT(id) FROM `cake_sessions` WHERE `expires` < ' . time() . ';';
+		$sessionCount = $this->query($sql)[0][0]['COUNT(id)'];
+		$sessionStatus = 0;
+		if ($sessionCount > 100) {
+			$sessionStatus = 1;
+			$diagnostic_errors++;
+		}
+		return $sessionStatus;
+	}
+	
 	public function workerDiagnostics(&$workerIssueCount) {
 		$this->ResqueStatus = new ResqueStatus\ResqueStatus(Resque::redis());
 		$workers = $this->ResqueStatus->getWorkers();
diff --git a/app/View/Elements/healthElements/diagnostics.ctp b/app/View/Elements/healthElements/diagnostics.ctp
index 2d97a562b..dffbb0a96 100644
--- a/app/View/Elements/healthElements/diagnostics.ctp
+++ b/app/View/Elements/healthElements/diagnostics.ctp
@@ -125,4 +125,19 @@
 			echo 'Proxy settings....<span style="color:' . $colour . ';">' . $message . '</span>';
 		?>
 	</div>
+	<h3>
+	Session table
+	</h3>
+	<p>This tool checks how large your database's session table is. <br />Sessions in CakePHP rely on PHP's garbage collection for cleanup and in certain distributions this can be disabled by default resulting in an ever growing cake session table. <br />If you are affected by this, just click the clean session table button below.</p>
+	<div style="background-color:#f7f7f9;width:300px;">
+		<?php
+			$colour = 'green';
+			$message = $sessionErrors[$sessionStatus];
+			if ($sessionStatus > 0) {
+				$colour = 'red';
+			}
+			echo 'Expired sessions....<span style="color:' . $colour . ';">' . $sessionCount . ' (' . $message . ')' . '</span>';
+		?>
+	</div>
+	<a href ="/servers/purgeSessions"><span class="btn btn-inverse" style="padding-top:1px;padding-bottom:1px;">Purge sessions</span></a>
 </div>