[Cs-webapplibs-commits] SF.net SVN: cs-webapplibs:[183] trunk/0.3/cs_sessionDB.class.php
Status: Beta
Brought to you by:
crazedsanity
Menu
▾
▴
[Cs-webapplibs-commits] SF.net SVN: cs-webapplibs:[183] trunk/0.3/cs_sessionDB.class.php
|
From: <cra...@us...> - 2010-09-01 14:09:59
|
Revision: 183
http://cs-webapplibs.svn.sourceforge.net/cs-webapplibs/?rev=183&view=rev
Author: crazedsanity
Date: 2010-09-01 14:09:53 +0000 (Wed, 01 Sep 2010)
Log Message:
-----------
More error handling for invalid SID's.
/cs_sessionDB.class.php:
* is_valid_sid():
-- call exception_handler() if something goes wrong.
* sessdb_write():
-- check if the SID is the proper length, call exception handler if it
is not.
Modified Paths:
--------------
trunk/0.3/cs_sessionDB.class.php
Modified: trunk/0.3/cs_sessionDB.class.php
===================================================================
--- trunk/0.3/cs_sessionDB.class.php 2010-09-01 14:07:52 UTC (rev 182)
+++ trunk/0.3/cs_sessionDB.class.php 2010-09-01 14:09:53 UTC (rev 183)
@@ -128,7 +128,7 @@
}
}
catch(exception $e) {
- //well... do nothing I guess.
+ $this->exception_handler(__METHOD__ .": invalid sid (". $sid .")");
}
}
@@ -188,52 +188,57 @@
//-------------------------------------------------------------------------
public function sessdb_write($sid, $data) {
- $data = array(
- 'session_data' => $data,
- 'user_id' => null
- );
- $cleanString = array(
- 'session_data' => 'sql',
- 'user_id' => 'numeric'
- );
-
-
-
- //pull the uid out of the session...
- if(defined('SESSION_DBSAVE_UIDPATH')) {
- $a2p = new cs_arrayToPath($_SESSION);
- $uidVal = $a2p->get_data(constant('SESSION_DBSAVE_UIDPATH'));
+ if(is_string($sid) && strlen($sid) >= 20) {
+ $data = array(
+ 'session_data' => $data,
+ 'user_id' => null
+ );
+ $cleanString = array(
+ 'session_data' => 'sql',
+ 'user_id' => 'numeric'
+ );
- if(is_string($uidVal) || is_numeric($uidVal)) {
- $data['user_id'] = $uidVal;
+
+
+ //pull the uid out of the session...
+ if(defined('SESSION_DBSAVE_UIDPATH')) {
+ $a2p = new cs_arrayToPath($_SESSION);
+ $uidVal = $a2p->get_data(constant('SESSION_DBSAVE_UIDPATH'));
+
+ if(is_string($uidVal) || is_numeric($uidVal)) {
+ $data['user_id'] = $uidVal;
+ }
}
+
+ $afterSql = "";
+ if($this->is_valid_sid($sid)) {
+ $type = 'update';
+ $sql = "UPDATE ". $this->tableName ." SET ";
+ $afterSql = "WHERE session_id='". $sid ."'";
+ $data['last_updated'] = 'NOW()';
+ $secondArg = false;
+ }
+ else {
+ $type = 'insert';
+ $sql = "INSERT INTO ". $this->tableName ." ";
+ $data['session_id'] = $sid;
+ $secondArg = $this->sequenceName;
+ }
+
+ $sql .= $this->gfObj->string_from_array($data, $type, null, $cleanString) .' '. $afterSql;
+ try {
+ $funcName = 'run_'. $type;
+ $res = $this->db->$funcName($sql, $secondArg);
+ }
+ catch(exception $e) {
+ //umm... yeah.
+ $this->exception_handler(__METHOD__ .": failed to perform action (". $type ."), sid=(". $sid ."), sid length=(". strlen($sid) ."), validSid=(". $this->is_valid_sid($sid) .")::: ". $e->getMessage());
+ }
}
-
- $afterSql = "";
- if($this->is_valid_sid($sid)) {
- $type = 'update';
- $sql = "UPDATE ". $this->tableName ." SET ";
- $afterSql = "WHERE session_id='". $sid ."'";
- $data['last_updated'] = 'NOW()';
- $secondArg = false;
- }
else {
- $type = 'insert';
- $sql = "INSERT INTO ". $this->tableName ." ";
- $data['session_id'] = $sid;
- $secondArg = $this->sequenceName;
+ $this->exception_handler(__METHOD__ .": invalid sid (". $sid ."), DATA::: ". $this->gfObj->debug_print($data,0));
}
- $sql .= $this->gfObj->string_from_array($data, $type, null, $cleanString) .' '. $afterSql;
- try {
- $funcName = 'run_'. $type;
- $res = $this->db->$funcName($sql, $secondArg);
- }
- catch(exception $e) {
- //umm... yeah.
- $this->exception_handler(__METHOD__ .": failed to perform action (". $type ."), sid=(". $sid ."), sid length=(". strlen($sid) ."), validSid=(". $this->is_valid_sid($sid) .")::: ". $e->getMessage());
- }
-
return(true);
}//end sessdb_write()
//-------------------------------------------------------------------------
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
