Menu
▾
▴
[TWiki-Dev] [SVN] KennethLavrsen r12972 - in twiki/branches/MAIN/lib: . TWiki
|
From: <de...@de...> - 2007-02-26 01:16:53
|
Author: KennethLavrsen
Date: 2007-02-25 19:16:47 -0600 (Sun, 25 Feb 2007)
New Revision: 12972
Modified:
twiki/branches/MAIN/lib/TWiki.pm
twiki/branches/MAIN/lib/TWiki/Client.pm
twiki/branches/MAIN/lib/TWiki/UI.pm
Log:
Item3568: TWiki now properly auto creates {TempfileDir} no matter
which version of CGI::Session you have.
Also made similar update for passthru and cleaned up additional
bad code related to passthru
Modified: twiki/branches/MAIN/lib/TWiki/Client.pm
===================================================================
--- twiki/branches/MAIN/lib/TWiki/Client.pm 2007-02-25 19:31:24 UTC (rev 12971)
+++ twiki/branches/MAIN/lib/TWiki/Client.pm 2007-02-26 01:16:47 UTC (rev 12972)
@@ -239,6 +239,17 @@
_trace($this, "No cookie ");
}
+ # Item3568: CGI::Session from 4.0 already does the -d and creates the
+ # sessions directory if it does not exist. For performance reasons we
+ # only test for and create session file directory for older CGI::Session
+ if( $CGI::Session::VERSION < 4.0 ) {
+ unless ( -d $TWiki::cfg{TempfileDir} ) {
+ unless ( mkdir($TWiki::cfg{TempfileDir}) ) {
+ die "Could not create $TWiki::cfg{TempfileDir} for session files";
+ }
+ }
+ }
+
# First, see if there is a cookied session, creating a new session
# if necessary.
if( $TWiki::cfg{Sessions}{MapIP2SID} ) {
Modified: twiki/branches/MAIN/lib/TWiki/UI.pm
===================================================================
--- twiki/branches/MAIN/lib/TWiki/UI.pm 2007-02-25 19:31:24 UTC (rev 12971)
+++ twiki/branches/MAIN/lib/TWiki/UI.pm 2007-02-26 01:16:47 UTC (rev 12972)
@@ -104,25 +104,27 @@
read(STDIN, my $buf, $content_length, 0 ) if $content_length;
}
my $cache = $query->param('twiki_redirect_cache');
- if ($cache) {
- $cache = TWiki::Sandbox::untaintUnchecked($cache);
+ # Never trust input data from a query. We will only accept an MD5 32 character string
+ if ($cache && $cache =~ /^([a-f0-9]{32})$/) {
+ $cache = $1;
# Read cached post parameters
- if (open(F, '<'.$cache)) {
+ my $passthruFilename = $TWiki::cfg{TempfileDir} . '/passthru_' . $cache;
+ if (open(F, '<'.$passthruFilename)) {
local $/;
if (TRACE_PASSTHRU) {
print STDERR "Passthru: Loading cache for ",
$query->url(),'?',$query->query_string(),"\n";
print STDERR <F>,"\n";
close(F);
- open(F, '<'.$cache);
+ open(F, '<'.$passthruFilename);
}
$query = new CGI(\*F);
close(F);
- unlink($cache);
- print STDERR "Passtrhru: Loaded and unlinked $cache\n"
+ unlink($passthruFilename);
+ print STDERR "Passthru: Loaded and unlinked $passthruFilename\n"
if TRACE_PASSTHRU;
} else {
- print STDERR "Passtrhru: Could not find $cache\n"
+ print STDERR "Passthru: Could not find $passthruFilename\n"
if TRACE_PASSTHRU;
}
}
Modified: twiki/branches/MAIN/lib/TWiki.pm
===================================================================
--- twiki/branches/MAIN/lib/TWiki.pm 2007-02-25 19:31:24 UTC (rev 12971)
+++ twiki/branches/MAIN/lib/TWiki.pm 2007-02-26 01:16:47 UTC (rev 12972)
@@ -778,8 +778,16 @@
require Digest::MD5;
my $md5 = new Digest::MD5();
$md5->add($$, time(), rand(time));
- my $uid = $TWiki::cfg{TempfileDir}.'/passthru_'.$md5->hexdigest();
- open(F, ">$uid") || die "{TempfileDir} cache not writable $!";
+ my $uid = $md5->hexdigest();
+ my $passthruFilename = $TWiki::cfg{TempfileDir} . '/passthru_' . $uid;
+
+ unless ( -d $TWiki::cfg{TempfileDir} ) {
+ unless ( mkdir($TWiki::cfg{TempfileDir}) ) {
+ die "Could not create $TWiki::cfg{TempfileDir} for passthrough files";
+ }
+ }
+
+ open(F, ">$passthruFilename") || die "{TempfileDir} cache not writable $!";
$query->save(\*F);
close(F);
return 'twiki_redirect_cache='.$uid;
|