summaryrefslogtreecommitdiffstats
path: root/system/libraries/Session/drivers
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2016-10-22 15:33:06 +0200
committerAndrey Andreev <narf@devilix.net>2016-10-22 15:33:06 +0200
commit6c6ee1a1e73b3f8a93ca031107bec35e56272a0a (patch)
tree359e27420e1ae51d4d052be8f531443e727af749 /system/libraries/Session/drivers
parentdae08b59fd808c3baf838161223fdba2a80f1610 (diff)
Close #4830, #3649
Diffstat (limited to 'system/libraries/Session/drivers')
-rw-r--r--system/libraries/Session/drivers/Session_files_driver.php18
1 files changed, 15 insertions, 3 deletions
diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php
index 5f05396c0..37315d3cd 100644
--- a/system/libraries/Session/drivers/Session_files_driver.php
+++ b/system/libraries/Session/drivers/Session_files_driver.php
@@ -77,6 +77,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
protected $_file_new;
/**
+ * Validate SID regular expression
+ *
+ * @var string
+ */
+ protected $_sid_regexp;
+
+ /**
* mbstring.func_override flag
*
* @var bool
@@ -106,6 +113,8 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
$this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\');
}
+ $this->_sid_regexp = $this->_config['_sid_regexp'];
+
isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
}
@@ -352,10 +361,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
$ts = time() - $maxlifetime;
+ $pattern = ($this->_config['match_ip'] === TRUE)
+ ? '[0-9a-f]{32}'
+ : '';
+
$pattern = sprintf(
- '/^%s[0-9a-f]{%d}$/',
- preg_quote($this->_config['cookie_name'], '/'),
- ($this->_config['match_ip'] === TRUE ? 72 : 40)
+ '#\A%s'.$pattern.$this->_sid_regexp.'\z#',
+ preg_quote($this->_config['cookie_name'])
);
while (($file = readdir($directory)) !== FALSE)