projects
/
project
/
luci.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Added luci.sauth.kill, sanitize luci.sauth even more
[project/luci.git]
/
libs
/
web
/
luasrc
/
sauth.lua
diff --git
a/libs/web/luasrc/sauth.lua
b/libs/web/luasrc/sauth.lua
index
894732d
..
5d3dc95
100644
(file)
--- a/
libs/web/luasrc/sauth.lua
+++ b/
libs/web/luasrc/sauth.lua
@@
-60,6
+60,9
@@
function read(id)
if not id then
return
end
if not id then
return
end
+ if not id:match("^%w+$") then
+ error("Session ID is not sane!")
+ end
clean()
if not sane(sessionpath .. "/" .. id) then
return
clean()
if not sane(sessionpath .. "/" .. id) then
return
@@
-85,6
+88,19
@@
function write(id, data)
if not sane() then
prepare()
end
if not sane() then
prepare()
end
+ if not id:match("^%w+$") then
+ error("Session ID is not sane!")
+ end
luci.fs.writefile(sessionpath .. "/" .. id, data)
luci.fs.chmod(sessionpath .. "/" .. id, "a-rwx,u+rw")
luci.fs.writefile(sessionpath .. "/" .. id, data)
luci.fs.chmod(sessionpath .. "/" .. id, "a-rwx,u+rw")
+end
+
+
+--- Kills a session
+-- @param id Session identifier
+function kill(id)
+ if not id:match("^%w+$") then
+ error("Session ID is not sane!")
+ end
+ luci.fs.unlink(sessionpath .. "/" .. id)
end
\ No newline at end of file
end
\ No newline at end of file