diff --git a/public_html/api.php b/public_html/api.php index 8214fe7..f338446 100644 --- a/public_html/api.php +++ b/public_html/api.php @@ -8,11 +8,21 @@ require_once __DIR__ . '/../api/config.php'; require_once __DIR__ . '/../api/lib/db.php'; require_once __DIR__ . '/../api/lib/kb_engine.php'; -// Skip session for agent/netscan/ping — each heartbeat would otherwise create -// an empty session file, producing millions of files that slow session GC for all requests. +// Skip session for machine-agent calls and netscan/ping — each heartbeat would +// otherwise create an empty session file, producing millions of files that slow +// session GC for all requests. Browser-facing agent sub-actions (list/status/myip) +// still need a session to verify auth, so we only skip for machine-agent actions. $_earlyParts = explode('/', trim(parse_url($_SERVER['REQUEST_URI'] ?? '/', PHP_URL_PATH), '/')); if (($_earlyParts[0] ?? '') === 'api') array_shift($_earlyParts); -if (!in_array($_earlyParts[0] ?? '', ['agent','netscan','ping'], true)) { +$_e0 = $_earlyParts[0] ?? ''; +$_e1 = $_earlyParts[1] ?? ''; +$_skipSession = match(true) { + $_e0 === 'ping' => true, + $_e0 === 'netscan' => true, + $_e0 === 'agent' && !in_array($_e1, ['list','status','myip'], true) => true, + default => false, +}; +if (!$_skipSession) { session_start(); }