Added luci.sauth.kill, sanitize luci.sauth even more

author Steven Barth <steven@midlink.org>

Sun, 14 Dec 2008 21:42:59 +0000 (21:42 +0000)

committer Steven Barth <steven@midlink.org>

Sun, 14 Dec 2008 21:42:59 +0000 (21:42 +0000)
author Steven Barth <steven@midlink.org>
Sun, 14 Dec 2008 21:42:59 +0000 (21:42 +0000)
committer Steven Barth <steven@midlink.org>
Sun, 14 Dec 2008 21:42:59 +0000 (21:42 +0000)
diff --git a/libs/web/luasrc/sauth.lua b/libs/web/luasrc/sauth.lua

index 894732d..5d3dc95 100644 (file)
--- a/libs/web/luasrc/sauth.lua
+++ b/libs/web/luasrc/sauth.lua
@@ -60,6 +60,9 @@ function read(id)
         if not id then
                 return
         end
+       if not id:match("^%w+$") then
+               error("Session ID is not sane!")
+       end
         clean()
         if not sane(sessionpath .. "/" .. id) then
                 return
@@ -85,6 +88,19 @@ function write(id, data)
         if not sane() then
                 prepare()
         end
+       if not id:match("^%w+$") then
+               error("Session ID is not sane!")
+       end
         luci.fs.writefile(sessionpath .. "/" .. id, data)
         luci.fs.chmod(sessionpath .. "/" .. id, "a-rwx,u+rw")
+end
+
+
+--- Kills a session
+-- @param id   Session identifier
+function kill(id)
+       if not id:match("^%w+$") then
+               error("Session ID is not sane!")
+       end
+       luci.fs.unlink(sessionpath .. "/" .. id)
  end
 \ No newline at end of file
author	Steven Barth <steven@midlink.org>
	Sun, 14 Dec 2008 21:42:59 +0000 (21:42 +0000)
committer	Steven Barth <steven@midlink.org>
	Sun, 14 Dec 2008 21:42:59 +0000 (21:42 +0000)