From f57a46b48287d7e5e5807100156e73730cf74e0c Mon Sep 17 00:00:00 2001 From: Kyle Farris Date: Mon, 29 Aug 2011 23:26:07 -0300 Subject: Added the 'user_data' key to the userdata property so that sessions using a database can be deleted properly when using the table schema found in the "Saving Session Data to a Database" section of the Session Class in the user guide. --- system/libraries/Session.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'system/libraries/Session.php') diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 2c8a80163..8ee08c5b2 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -317,7 +317,8 @@ class CI_Session { 'session_id' => md5(uniqid($sessid, TRUE)), 'ip_address' => $this->CI->input->ip_address(), 'user_agent' => substr($this->CI->input->user_agent(), 0, 120), - 'last_activity' => $this->now + 'last_activity' => $this->now, + 'user_data' => '' ); -- cgit v1.2.3-24-g4f1b From 9593349964e9ba557b14e8cda9c16b16498a55a5 Mon Sep 17 00:00:00 2001 From: Chris Muench Date: Sun, 16 Oct 2011 14:14:04 -0400 Subject: Fixes issue #439 some slashes not escaped in session data --- system/libraries/Session.php | 45 ++++++++++++++++++++++++++++---------------- 1 file changed, 29 insertions(+), 16 deletions(-) (limited to 'system/libraries/Session.php') diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 8ee08c5b2..dd951c325 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -688,13 +688,7 @@ class CI_Session { { if (is_array($data)) { - foreach ($data as $key => $val) - { - if (is_string($val)) - { - $data[$key] = str_replace('\\', '{{slash}}', $val); - } - } + array_walk_recursive($data, array(&$this, '_escape_slashes')); } else { @@ -703,9 +697,23 @@ class CI_Session { $data = str_replace('\\', '{{slash}}', $data); } } - return serialize($data); } + + /** + * Escape slashes + * + * This function converts any slashes found into a temporary marker + * + * @access private + */ + function _escape_slashes(&$val, $key) + { + if (is_string($val)) + { + $val = str_replace('\\', '{{slash}}', $val); + } + } // -------------------------------------------------------------------- @@ -725,19 +733,24 @@ class CI_Session { if (is_array($data)) { - foreach ($data as $key => $val) - { - if (is_string($val)) - { - $data[$key] = str_replace('{{slash}}', '\\', $val); - } - } - + array_walk_recursive($data, array(&$this, '_unescape_slashes')); return $data; } return (is_string($data)) ? str_replace('{{slash}}', '\\', $data) : $data; } + + /** + * Unescape slashes + * + * This function converts any slash markers back into actual slashes + * + * @access private + */ + function _unescape_slashes(&$val, $key) + { + $val= str_replace('{{slash}}', '\\', $val); + } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 3e414f9f72e387449d9e3984e1869b386564deaf Mon Sep 17 00:00:00 2001 From: Chris Muench Date: Sun, 16 Oct 2011 23:03:55 -0400 Subject: Check for string value before doing str_replace. (Issue #439) --- system/libraries/Session.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'system/libraries/Session.php') diff --git a/system/libraries/Session.php b/system/libraries/Session.php index dd951c325..867314bf9 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -749,7 +749,10 @@ class CI_Session { */ function _unescape_slashes(&$val, $key) { - $val= str_replace('{{slash}}', '\\', $val); + if (is_string($val)) + { + $val= str_replace('{{slash}}', '\\', $val); + } } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From f4a4bd8fac188ebc9cda822ffc811c218fd92b45 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Thu, 20 Oct 2011 12:18:42 -0500 Subject: adding new license file (OSL 3.0) and updating readme to ReST added notice of license to all source files. OSL to all except the few files we ship inside of the application folder, those are AFL. Updated license in user guide. incrementing next dev version to 3.0 due to licensing change --- system/libraries/Session.php | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'system/libraries/Session.php') diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 867314bf9..08d2ba4ba 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -21,7 +33,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Sessions - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session { -- cgit v1.2.3-24-g4f1b