diff options
author | nikrou <nikrou@piwigo.org> | 2006-01-18 15:16:30 +0000 |
---|---|---|
committer | nikrou <nikrou@piwigo.org> | 2006-01-18 15:16:30 +0000 |
commit | 9410522e9f7d077bb4830158b6f01276a55276b3 (patch) | |
tree | 71350bab981b46a242669dd83543bae5ab08f28d | |
parent | 9e1fabeaf7b27d0b03227965dce2f9214b3ac655 (diff) |
bug fix 261: improve security of sessions (next to svn:1004):
- improve presentation code style
- add upgrade database file
git-svn-id: http://piwigo.org/svn/trunk@1007 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r-- | admin.php | 2 | ||||
-rw-r--r-- | include/config_default.inc.php | 19 | ||||
-rw-r--r-- | include/functions_session.inc.php | 82 | ||||
-rw-r--r-- | install/db/3-database.php | 57 |
4 files changed, 123 insertions, 37 deletions
@@ -86,7 +86,7 @@ $template->assign_vars( 'U_THUMBNAILS'=> $link_start.'thumbnail', 'U_USERS'=> $link_start.'user_list', 'U_GROUPS'=> $link_start.'group_list', - 'U_RETURN'=> PHPWG_ROOT_PATH.'category.php' + 'U_RETURN'=> PHPWG_ROOT_PATH.'category.php', 'U_ADMIN'=> PHPWG_ROOT_PATH.'admin.php', 'L_ADMIN' => $lang['admin'], 'L_ADMIN_HINT' => $lang['hint_admin'] diff --git a/include/config_default.inc.php b/include/config_default.inc.php index 31362a463..52fed3acc 100644 --- a/include/config_default.inc.php +++ b/include/config_default.inc.php @@ -264,19 +264,22 @@ $conf['use_exif_mapping'] = array( // | sessions | // +-----------------------------------------------------------------------+ -// specifies to use cookie to store the session id on client side -$conf['session_use_cookies'] = 1; +// session_use_cookies: specifies to use cookie to store +// the session id on client side +$conf['session_use_cookies'] = true; -// specifies to only use cookie to store the session id on client side -$conf['session_use_only_cookies'] = 1; +// session_use_only_cookies: specifies to only use cookie to store +// the session id on client side +$conf['session_use_only_cookies'] = true; -// do not use transparent session id support -$conf['session_use_trans_sid'] = 0; +// session_use_trans_sid: do not use transparent session id support +$conf['session_use_trans_sid'] = false; -// specifies the name of the session which is used as cookie name +// session_name: specifies the name of the session which is used as cookie name $conf['session_name'] = 'pwg_id'; -// comment the line below to use file handler for sessions. +// session_save_handler: comment the line below +// to use file handler for sessions. $conf['session_save_handler'] = 'db'; // authorize_remembering : permits user to stay logged for a long time. It diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php index 98a85c876..bc3bb12ca 100644 --- a/include/functions_session.inc.php +++ b/include/functions_session.inc.php @@ -25,20 +25,33 @@ // | USA. | // +-----------------------------------------------------------------------+ -if (isset($conf['session_save_handler']) and ($conf['session_save_handler'] == 'db')) { +if (isset($conf['session_save_handler']) + and ($conf['session_save_handler'] == 'db')) +{ session_set_save_handler('pwg_session_open', - 'pwg_session_close', - 'pwg_session_read', - 'pwg_session_write', - 'pwg_session_destroy', - 'pwg_session_gc' - ); + 'pwg_session_close', + 'pwg_session_read', + 'pwg_session_write', + 'pwg_session_destroy', + 'pwg_session_gc' + ); +} +if (isset($conf['session_use_cookies'])) +{ + ini_set('session.use_cookies', $conf['session_use_cookies']); +} +if (isset($conf['session_use_only_cookies'])) +{ + ini_set('session.use_only_cookies', $conf['session_use_only_cookies']); +} +if (isset($conf['session_use_trans_sid'])) +{ + ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid'])); +} +if (isset($conf['session_name'])) +{ + ini_set('session.name', $conf['session_name']); } - -ini_set('session.use_cookies', $conf['session_use_cookies']); -ini_set('session.use_only_cookies', $conf['session_use_only_cookies']); -ini_set('session.use_trans_sid', $conf['session_use_trans_sid']); -ini_set('session.name', $conf['session_name']); function pwg_session_open($path, $name) { @@ -53,29 +66,39 @@ function pwg_session_close() function pwg_session_read($session_id) { - $query = "SELECT data FROM " . SESSIONS_TABLE; - $query .= " WHERE id = '$session_id'"; + $query = ' +SELECT data FROM '.SESSIONS_TABLE.' + WHERE id = \''.$session_id.'\''; $result = pwg_query($query); - if ($result) { + if ($result) + { $row = mysql_fetch_assoc($result); return $row['data']; - } else { + } + else + { return ''; } } function pwg_session_write($session_id, $data) { - $query = "SELECT id FROM " . SESSIONS_TABLE; - $query .= " WHERE id = '$session_id'"; + $query = ' +SELECT id FROM '.SESSIONS_TABLE.' + WHERE id = \''.$session_id.'\''; $result = pwg_query($query); - if (mysql_num_rows($result)) { - $query = "UPDATE " . SESSIONS_TABLE . " SET expiration = now()"; - $query .= " WHERE id = '$session_id'"; + if (mysql_num_rows($result)) + { + $query = ' +UPDATE '.SESSIONS_TABLE.' SET expiration = now() + WHERE id = \''.$session_id.'\''; pwg_query($query); - } else { - $query = "INSERT INTO " . SESSIONS_TABLE . " (id,data,expiration)"; - $query .= " VALUES('$session_id','$data',now())"; + } + else + { + $query = ' +INSERT INTO '.SESSIONS_TABLE.'(id,data,expiration) + VALUES(\''.$session_id.'\',\''.$data.'\',now())'; pwg_query($query); } return true; @@ -83,8 +106,9 @@ function pwg_session_write($session_id, $data) function pwg_session_destroy($session_id) { - $query = "DELETE FROM " . SESSIONS_TABLE; - $query .= " WHERE id = '$session_id'"; + $query = ' +DELETE FROM '.SESSIONS_TABLE.' + WHERE id = '.$session_id; pwg_query($query); return true; } @@ -93,8 +117,10 @@ function pwg_session_gc() { global $conf; - $query = "DELETE FROM " . SESSIONS_TABLE; - $query .= " WHERE UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(expiration) > " . $conf['session_length']; + $query = ' +DELETE FROM '.SESSIONS_TABLE.' + WHERE UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(expiration) > ' + .$conf['session_length']; pwg_query($query); return true; } diff --git a/install/db/3-database.php b/install/db/3-database.php new file mode 100644 index 000000000..abcaa79aa --- /dev/null +++ b/install/db/3-database.php @@ -0,0 +1,57 @@ +<?php +// +-----------------------------------------------------------------------+ +// | PhpWebGallery - a PHP based picture gallery | +// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net | +// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | +// +-----------------------------------------------------------------------+ +// | branch : BSF (Best So Far) +// | file : $RCSfile$ +// | last update : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $ +// | last modifier : $Author: plg $ +// | revision : $Revision: 870 $ +// +-----------------------------------------------------------------------+ +// | This program is free software; you can redistribute it and/or modify | +// | it under the terms of the GNU General Public License as published by | +// | the Free Software Foundation | +// | | +// | This program is distributed in the hope that it will be useful, but | +// | WITHOUT ANY WARRANTY; without even the implied warranty of | +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | +// | General Public License for more details. | +// | | +// | You should have received a copy of the GNU General Public License | +// | along with this program; if not, write to the Free Software | +// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | +// | USA. | +// +-----------------------------------------------------------------------+ + +if (!defined('PHPWG_ROOT_PATH')) +{ + die('Hacking attempt!'); +} + +$upgrade_description = 'Update session table for new session system'; + +// +-----------------------------------------------------------------------+ +// | Upgrade content | +// +-----------------------------------------------------------------------+ + +// delete content of old session table +$query = ' +DELETE FROM '.PREFIX_TABLE.'sessions +;'; +pwg_query($query); + +// column user_id becomes data of type text +$query = ' +ALTER TABLE '.PREFIX_TABLE.'sessions + CHANGE COLUMN user_id data text NOT NULL +;'; +pwg_query($query); + +echo +"\n" +.'Column modified in sessions table' +."\n" +; +?> |