If for any reason a Redis session lock is not being released, all subsequent
requests will wait to acquire the lock, forcing them to time out eventually.
This will happen till the original lock finally expires after the session timeout.
This sets the Redis session lock expiry time to whatever is lower,
either the PHP execution time `max_execution_time`, if the value was
defined in the `php.ini` or the globally configured `sessiontimeout`.
Setting it to the lower of the two will not make things worse it if the
execution timeout is longer than the session timeout.
For the PHP execution time, once the PHP execution time is over, we can
be sure that the lock is no longer actively held so that the lock can
expire safely. Although at `lib/classes/php_time_limit.php::raise(int)`,
Moodle can progressively increase the maximum PHP execution time, this
is limited to the `max_execution_time` value defined in the `php.ini`.
For the session timeout, we assume it is safe to consider the lock to
expire once the session itself expires.
If we unnecessarily hold the lock any longer, it blocks other session
requests.
Co-authored-by: Daniel Ziegenberg <daniel@ziegenberg.at>
Signed-off-by: Daniel Ziegenberg <daniel@ziegenberg.at>
Simple JSON reader which takes an issuer and reads its metadata. The
class is aware of request-centric rules, such as:
- The position of the well known suffix in the URL (per RFC8414)
- The requirement to have HTTPS auth server issuer URL
- The validity of query strings, paths and fragments in the auth server
issuer URL
,but makes no attempt to validate the config JSON returned.
Whenever some plugin is missing from disk but installed, the plugins
page (and the upgrade) shows them as "missing from disk". Still, the
code tries to do things with their directory that, now, is null.
That was silently defaulting to '' in previous php versions, but
php81 emits a deprecated warning. So we have to check for them.
Note: The original callback was incorrectly using the $PAGE output,
which cannot be relied upon in this callback. The best we can do here is
to add a notification to explain the situation.
Unregistered sites will now display registration form to admins
after every core upgrade. Non core upgrades will not trigger the
form.
Registration form will not show for sites that are not set to
public.
A new developer setting that adds comments in the page HTML specifying
which template is used to render each part of the page. It can be set
form the site admin development tab and it is stored
as $CFG->debugtemplateinfo.