diff options
author | Tom Atkinson <atkinson.tommy@neosoft.ba> | 2015-02-04 17:54:52 +0100 |
---|---|---|
committer | Tom Atkinson <atkinson.tommy@neosoft.ba> | 2015-02-05 19:59:01 +0100 |
commit | 388ce59de69cc524e6869994c4d18294c089477f (patch) | |
tree | 331d3b83d2a61eba9c2e32e4d1e753748d61dd84 /system/libraries | |
parent | cf2607d9c7f5d0ea6cb79fc75a9f2f3bcb893889 (diff) |
Use session cookie name in gc check
Diffstat (limited to 'system/libraries')
-rw-r--r-- | system/libraries/Session/drivers/Session_files_driver.php | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index d3ef34acd..5852277e8 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -107,7 +107,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle * Sanitizes the save_path directory. * * @param string $save_path Path to session files' directory - * @param string $name Session cookie name, unused + * @param string $name Session cookie name * @return bool */ public function open($save_path, $name) @@ -332,10 +332,16 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle $ts = time() - $maxlifetime; + $pattern = sprintf( + '/^%s[0-9a-f]{%d}$/', + preg_quote($this->_config['cookie_name'], '/'), + ($this->_config['match_ip'] === TRUE ? 72 : 40) + ); + foreach ($files as $file) { // If the filename doesn't match this pattern, it's either not a session file or is not ours - if ( ! preg_match('/(?:[0-9a-f]{32})?[0-9a-f]{40}$/i', $file) + if ( ! preg_match($pattern, $file) OR ! is_file($this->_config['save_path'].DIRECTORY_SEPARATOR.$file) OR ($mtime = filemtime($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)) === FALSE OR $mtime > $ts) |