diff options
| -rw-r--r-- | system/database/DB_driver.php | 1 | ||||
| -rw-r--r-- | system/database/drivers/oci8/oci8_driver.php | 8 | ||||
| -rw-r--r-- | system/libraries/Session/drivers/Session_cookie.php | 9 | ||||
| -rw-r--r-- | system/libraries/Session/drivers/Session_native.php | 6 | ||||
| -rw-r--r-- | user_guide_src/source/changelog.rst | 2 |
5 files changed, 18 insertions, 8 deletions
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 593d78ba4..425657e17 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -561,7 +561,6 @@ abstract class CI_DB_driver { if ($sql === '') { log_message('error', 'Invalid query: '.$sql); - return ($this->db_debug) ? $this->display_error('db_invalid_query') : FALSE; } elseif ( ! is_bool($return_object)) diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index 0ec8b53b8..93e62b4dd 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -327,12 +327,8 @@ class CI_DB_oci8_driver extends CI_DB { { if ($package === '' OR $procedure === '' OR ! is_array($params)) { - if ($this->db_debug) - { - log_message('error', 'Invalid query: '.$package.'.'.$procedure); - return $this->display_error('db_invalid_query'); - } - return FALSE; + log_message('error', 'Invalid query: '.$package.'.'.$procedure); + return ($this->db_debug) ? $this->display_error('db_invalid_query') : FALSE; } // build the query string diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php index 7174d63c8..d3d22d03a 100644 --- a/system/libraries/Session/drivers/Session_cookie.php +++ b/system/libraries/Session/drivers/Session_cookie.php @@ -402,6 +402,7 @@ class CI_Session_cookie extends CI_Session_driver { // Is the session data we unserialized an array with the correct format? if ( ! is_array($session) OR ! isset($session['session_id'], $session['ip_address'], $session['user_agent'], $session['last_activity'])) { + log_message('debug', 'Session: Wrong cookie data format'); $this->sess_destroy(); return FALSE; } @@ -409,6 +410,7 @@ class CI_Session_cookie extends CI_Session_driver { // Is the session current? if (($session['last_activity'] + $this->sess_expiration) < $this->now OR $session['last_activity'] > $this->now) { + log_message('debug', 'Session: Expired'); $this->sess_destroy(); return FALSE; } @@ -416,6 +418,7 @@ class CI_Session_cookie extends CI_Session_driver { // Does the IP match? if ($this->sess_match_ip === TRUE && $session['ip_address'] !== $this->CI->input->ip_address()) { + log_message('debug', 'Session: IP address mismatch'); $this->sess_destroy(); return FALSE; } @@ -424,6 +427,7 @@ class CI_Session_cookie extends CI_Session_driver { if ($this->sess_match_useragent === TRUE && trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120))) { + log_message('debug', 'Session: User Agent string mismatch'); $this->sess_destroy(); return FALSE; } @@ -459,6 +463,7 @@ class CI_Session_cookie extends CI_Session_driver { // No result? Kill it! if (empty($query) OR $query->num_rows() === 0) { + log_message('debug', 'Session: No match found in our database'); $this->sess_destroy(); return FALSE; } @@ -498,6 +503,8 @@ class CI_Session_cookie extends CI_Session_driver { 'last_activity' => $this->now, ); + log_message('debug', 'Session: Creating new session ('.$this->userdata['session_id'].')'); + // Check for database if ($this->sess_use_database === TRUE) { @@ -536,6 +543,8 @@ class CI_Session_cookie extends CI_Session_driver { { // Get new id $this->userdata['session_id'] = $this->_make_sess_id(); + + log_message('debug', 'Session: Regenerate ID'); } // Check for database diff --git a/system/libraries/Session/drivers/Session_native.php b/system/libraries/Session/drivers/Session_native.php index fb5ce1906..c237ad059 100644 --- a/system/libraries/Session/drivers/Session_native.php +++ b/system/libraries/Session/drivers/Session_native.php @@ -117,18 +117,21 @@ class CI_Session_native extends CI_Session_driver { if (isset($_SESSION['last_activity']) && (($_SESSION['last_activity'] + $expire) < $now OR $_SESSION['last_activity'] > $now)) { // Expired - destroy + log_message('debug', 'Session: Expired'); $destroy = TRUE; } elseif ($config['sess_match_ip'] === TRUE && isset($_SESSION['ip_address']) && $_SESSION['ip_address'] !== $this->CI->input->ip_address()) { // IP doesn't match - destroy + log_message('debug', 'Session: IP address mismatch'); $destroy = TRUE; } elseif ($config['sess_match_useragent'] === TRUE && isset($_SESSION['user_agent']) && $_SESSION['user_agent'] !== trim(substr($this->CI->input->user_agent(), 0, 50))) { // Agent doesn't match - destroy + log_message('debug', 'Session: User Agent string mismatch'); $destroy = TRUE; } @@ -145,9 +148,10 @@ class CI_Session_native extends CI_Session_driver { && ($_SESSION['last_activity'] + $config['sess_time_to_update']) < $now) { // Changing the session ID amidst a series of AJAX calls causes problems - if( ! $this->CI->input->is_ajax_request()) + if ( ! $this->CI->input->is_ajax_request()) { // Regenerate ID, but don't destroy session + log_message('debug', 'Session: Regenerate ID'); $this->sess_regenerate(FALSE); } } diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 369f40587..e8e2ea9c1 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -255,6 +255,7 @@ Release Date: Not Released - Added ``has_userdata()`` method to verify existence of userdata item. - Added ``tempdata()``, ``set_tempdata()``, and ``unset_tempdata()`` methods for manipulating tempdata. - ``keep_flashdata()`` now accepts an array of keys. + - Added *debug* level log messages for key events in the session validation process. - :doc:`File Uploading Library <libraries/file_uploading>` changes include: @@ -585,6 +586,7 @@ Bug fixes for 3.0 - Fixed a bug (#2380) - :doc:`URI Routing <general/routing>` method ``fetch_method()`` returned 'index' if the requested method name matches its controller name. - Fixed a bug (#2388) - :doc:`Email Library <libraries/email>` used to ignore attachment errors, resulting in broken emails being sent. - Fixed a bug (#2498) - :doc:`Form Validation Library <libraries/form_validation>` rule **valid_base64** only checked characters instead of actual validity. +- Fixed a bug (#2425) - OCI8 :doc:`database <database>` driver's method ``stored_procedure()`` didn't log an error unless **db_debug** was set to TRUE. Version 2.1.4 ============= |