From eee6944b5d260a104aa4738fcd48fa78915f58c8 Mon Sep 17 00:00:00 2001 From: thomascube Date: Sat, 27 Nov 2010 13:59:05 +0000 Subject: Save session data with bas64 ecoding to make it more robust against garbage data (#1487136) --- CHANGELOG | 1 + program/include/rcube_session.php | 31 +++++++++++++++++-------------- 2 files changed, 18 insertions(+), 14 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 9eb23bce2..60bc323cd 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,6 +1,7 @@ CHANGELOG Roundcube Webmail =========================== +- Make session data storage more robust against garbage session data (#1487136) - Config option for autocomplete on login screen - Allow plugin templates to include local files (#1487133) - List groups in address detail view and allow to subscribe/unsubscribe from there (#1486753) diff --git a/program/include/rcube_session.php b/program/include/rcube_session.php index b4f75ed3d..4137b3714 100644 --- a/program/include/rcube_session.php +++ b/program/include/rcube_session.php @@ -81,12 +81,12 @@ class rcube_session if ($sql_arr = $this->db->fetch_assoc($sql_result)) { $this->changed = $sql_arr['changed']; - $this->vars = $sql_arr['vars']; - $this->ip = $sql_arr['ip']; - $this->key = $key; + $this->ip = $sql_arr['ip']; + $this->vars = base64_decode($sql_arr['vars']); + $this->key = $key; - if (!empty($sql_arr['vars'])) - return $sql_arr['vars']; + if (!empty($this->vars)) + return $this->vars; } return false; @@ -107,19 +107,22 @@ class rcube_session } if ($oldvars !== false) { - $a_oldvars = $this->unserialize($oldvars); - foreach ((array)$this->unsets as $k) - unset($a_oldvars[$k]); + $a_oldvars = $this->unserialize($oldvars); + if (is_array($a_oldvars)) { + foreach ((array)$this->unsets as $k) + unset($a_oldvars[$k]); - $newvars = $this->serialize(array_merge( - (array)$a_oldvars, (array)$this->unserialize($vars))); + $newvars = $this->serialize(array_merge( + (array)$a_oldvars, (array)$this->unserialize($vars))); + } + else + $newvars = $vars; if (!$this->lifetime) { $timeout = 600; } else if ($this->keep_alive>0) { - $timeout = min($this->lifetime * 0.5, - $this->lifetime - $this->keep_alive); + $timeout = min($this->lifetime * 0.5, $this->lifetime - $this->keep_alive); } else { $timeout = 0; } @@ -128,7 +131,7 @@ class rcube_session $this->db->query( sprintf("UPDATE %s SET vars = ?, changed = %s WHERE sess_id = ?", get_table_name('session'), $now), - $newvars, $key); + base64_encode($newvars), $key); } } else { @@ -136,7 +139,7 @@ class rcube_session sprintf("INSERT INTO %s (sess_id, vars, ip, created, changed) ". "VALUES (?, ?, ?, %s, %s)", get_table_name('session'), $now, $now), - $key, $vars, (string)$_SERVER['REMOTE_ADDR']); + $key, base64_encode($vars), (string)$_SERVER['REMOTE_ADDR']); } $this->unsets = array(); -- cgit v1.2.3