dave/pathfinder
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- upgraded FatFreeFramework 3.6.1 -> 3.6.2

Browse Source
This commit is contained in:
Mark Friedrich
2018-01-06 19:51:16 +01:00
parent 6fdb1ed91b
commit ac417fb19f
26 changed files with 842 additions and 580 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
app/lib/db/sql/session.php
View File

@@ -73,7 +73,7 @@ class Session extends Mapper {
//NB: `session_destroy` can't be called at that stage (`session_start` not completed)
$this->destroy($id);
$this->close();
$fw->clear('COOKIE.'.session_name());
unset($fw->{'COOKIE.'.session_name()});
$fw->error(403);
}
}
@@ -170,8 +170,9 @@ class Session extends Mapper {
if ($force) {
$eol="\n";
$tab="\t";
$sqlsrv=preg_match('/mssql|sqlsrv|sybase/',$db->driver());
$db->exec(
(preg_match('/mssql|sqlsrv|sybase/',$db->driver())?
($sqlsrv?
('IF NOT EXISTS (SELECT * FROM sysobjects WHERE '.
'name='.$db->quote($table).' AND xtype=\'U\') '.
'CREATE TABLE dbo.'):
@@ -179,12 +180,14 @@ class Session extends Mapper {
((($name=$db->name())&&$db->driver()!='pgsql')?
($db->quotekey($name,FALSE).'.'):''))).
$db->quotekey($table,FALSE).' ('.$eol.
($sqlsrv?$tab.$db->quotekey('id').' INT IDENTITY,'.$eol:'').
$tab.$db->quotekey('session_id').' VARCHAR(255),'.$eol.
$tab.$db->quotekey('data').' TEXT,'.$eol.
$tab.$db->quotekey('ip').' VARCHAR(45),'.$eol.
$tab.$db->quotekey('agent').' VARCHAR(300),'.$eol.
$tab.$db->quotekey('stamp').' INTEGER,'.$eol.
$tab.'PRIMARY KEY ('.$db->quotekey('session_id').')'.$eol.
$tab.'PRIMARY KEY ('.$db->quotekey($sqlsrv?'id':'session_id').')'.$eol.
($sqlsrv?',CONSTRAINT [UK_session_id] UNIQUE(session_id)':'').
');'
);
}
@@ -200,12 +203,15 @@ class Session extends Mapper {
);
register_shutdown_function('session_commit');
$fw=\Base::instance();
$headers=$fw->get('HEADERS');
$this->_csrf=$fw->get('SEED').'.'.$fw->hash(mt_rand());
$headers=$fw->HEADERS;
$this->_csrf=$fw->SEED.'.'.$fw->hash(mt_rand());
if ($key)
$fw->set($key,$this->_csrf);
$fw->$key=$this->_csrf;
$this->_agent=isset($headers['User-Agent'])?$headers['User-Agent']:'';
$this->_ip=$fw->get('IP');
if (strlen($this->_agent) > 300) {
$this->_agent = substr($this->_agent, 0, 300);
}
$this->_ip=$fw->IP;
}
}