aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authornikrou <nikrou@piwigo.org>2006-01-18 15:16:30 +0000
committernikrou <nikrou@piwigo.org>2006-01-18 15:16:30 +0000
commit9410522e9f7d077bb4830158b6f01276a55276b3 (patch)
tree71350bab981b46a242669dd83543bae5ab08f28d
parent9e1fabeaf7b27d0b03227965dce2f9214b3ac655 (diff)
bug fix 261: improve security of sessions (next to svn:1004):
- improve presentation code style - add upgrade database file git-svn-id: http://piwigo.org/svn/trunk@1007 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r--admin.php2
-rw-r--r--include/config_default.inc.php19
-rw-r--r--include/functions_session.inc.php82
-rw-r--r--install/db/3-database.php57
4 files changed, 123 insertions, 37 deletions
diff --git a/admin.php b/admin.php
index 107b4a40b..5036e369e 100644
--- a/admin.php
+++ b/admin.php
@@ -86,7 +86,7 @@ $template->assign_vars(
'U_THUMBNAILS'=> $link_start.'thumbnail',
'U_USERS'=> $link_start.'user_list',
'U_GROUPS'=> $link_start.'group_list',
- 'U_RETURN'=> PHPWG_ROOT_PATH.'category.php'
+ 'U_RETURN'=> PHPWG_ROOT_PATH.'category.php',
'U_ADMIN'=> PHPWG_ROOT_PATH.'admin.php',
'L_ADMIN' => $lang['admin'],
'L_ADMIN_HINT' => $lang['hint_admin']
diff --git a/include/config_default.inc.php b/include/config_default.inc.php
index 31362a463..52fed3acc 100644
--- a/include/config_default.inc.php
+++ b/include/config_default.inc.php
@@ -264,19 +264,22 @@ $conf['use_exif_mapping'] = array(
// | sessions |
// +-----------------------------------------------------------------------+
-// specifies to use cookie to store the session id on client side
-$conf['session_use_cookies'] = 1;
+// session_use_cookies: specifies to use cookie to store
+// the session id on client side
+$conf['session_use_cookies'] = true;
-// specifies to only use cookie to store the session id on client side
-$conf['session_use_only_cookies'] = 1;
+// session_use_only_cookies: specifies to only use cookie to store
+// the session id on client side
+$conf['session_use_only_cookies'] = true;
-// do not use transparent session id support
-$conf['session_use_trans_sid'] = 0;
+// session_use_trans_sid: do not use transparent session id support
+$conf['session_use_trans_sid'] = false;
-// specifies the name of the session which is used as cookie name
+// session_name: specifies the name of the session which is used as cookie name
$conf['session_name'] = 'pwg_id';
-// comment the line below to use file handler for sessions.
+// session_save_handler: comment the line below
+// to use file handler for sessions.
$conf['session_save_handler'] = 'db';
// authorize_remembering : permits user to stay logged for a long time. It
diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php
index 98a85c876..bc3bb12ca 100644
--- a/include/functions_session.inc.php
+++ b/include/functions_session.inc.php
@@ -25,20 +25,33 @@
// | USA. |
// +-----------------------------------------------------------------------+
-if (isset($conf['session_save_handler']) and ($conf['session_save_handler'] == 'db')) {
+if (isset($conf['session_save_handler'])
+ and ($conf['session_save_handler'] == 'db'))
+{
session_set_save_handler('pwg_session_open',
- 'pwg_session_close',
- 'pwg_session_read',
- 'pwg_session_write',
- 'pwg_session_destroy',
- 'pwg_session_gc'
- );
+ 'pwg_session_close',
+ 'pwg_session_read',
+ 'pwg_session_write',
+ 'pwg_session_destroy',
+ 'pwg_session_gc'
+ );
+}
+if (isset($conf['session_use_cookies']))
+{
+ ini_set('session.use_cookies', $conf['session_use_cookies']);
+}
+if (isset($conf['session_use_only_cookies']))
+{
+ ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
+}
+if (isset($conf['session_use_trans_sid']))
+{
+ ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid']));
+}
+if (isset($conf['session_name']))
+{
+ ini_set('session.name', $conf['session_name']);
}
-
-ini_set('session.use_cookies', $conf['session_use_cookies']);
-ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
-ini_set('session.use_trans_sid', $conf['session_use_trans_sid']);
-ini_set('session.name', $conf['session_name']);
function pwg_session_open($path, $name)
{
@@ -53,29 +66,39 @@ function pwg_session_close()
function pwg_session_read($session_id)
{
- $query = "SELECT data FROM " . SESSIONS_TABLE;
- $query .= " WHERE id = '$session_id'";
+ $query = '
+SELECT data FROM '.SESSIONS_TABLE.'
+ WHERE id = \''.$session_id.'\'';
$result = pwg_query($query);
- if ($result) {
+ if ($result)
+ {
$row = mysql_fetch_assoc($result);
return $row['data'];
- } else {
+ }
+ else
+ {
return '';
}
}
function pwg_session_write($session_id, $data)
{
- $query = "SELECT id FROM " . SESSIONS_TABLE;
- $query .= " WHERE id = '$session_id'";
+ $query = '
+SELECT id FROM '.SESSIONS_TABLE.'
+ WHERE id = \''.$session_id.'\'';
$result = pwg_query($query);
- if (mysql_num_rows($result)) {
- $query = "UPDATE " . SESSIONS_TABLE . " SET expiration = now()";
- $query .= " WHERE id = '$session_id'";
+ if (mysql_num_rows($result))
+ {
+ $query = '
+UPDATE '.SESSIONS_TABLE.' SET expiration = now()
+ WHERE id = \''.$session_id.'\'';
pwg_query($query);
- } else {
- $query = "INSERT INTO " . SESSIONS_TABLE . " (id,data,expiration)";
- $query .= " VALUES('$session_id','$data',now())";
+ }
+ else
+ {
+ $query = '
+INSERT INTO '.SESSIONS_TABLE.'(id,data,expiration)
+ VALUES(\''.$session_id.'\',\''.$data.'\',now())';
pwg_query($query);
}
return true;
@@ -83,8 +106,9 @@ function pwg_session_write($session_id, $data)
function pwg_session_destroy($session_id)
{
- $query = "DELETE FROM " . SESSIONS_TABLE;
- $query .= " WHERE id = '$session_id'";
+ $query = '
+DELETE FROM '.SESSIONS_TABLE.'
+ WHERE id = '.$session_id;
pwg_query($query);
return true;
}
@@ -93,8 +117,10 @@ function pwg_session_gc()
{
global $conf;
- $query = "DELETE FROM " . SESSIONS_TABLE;
- $query .= " WHERE UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(expiration) > " . $conf['session_length'];
+ $query = '
+DELETE FROM '.SESSIONS_TABLE.'
+ WHERE UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(expiration) > '
+ .$conf['session_length'];
pwg_query($query);
return true;
}
diff --git a/install/db/3-database.php b/install/db/3-database.php
new file mode 100644
index 000000000..abcaa79aa
--- /dev/null
+++ b/install/db/3-database.php
@@ -0,0 +1,57 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | branch : BSF (Best So Far)
+// | file : $RCSfile$
+// | last update : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
+// | last modifier : $Author: plg $
+// | revision : $Revision: 870 $
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify |
+// | it under the terms of the GNU General Public License as published by |
+// | the Free Software Foundation |
+// | |
+// | This program is distributed in the hope that it will be useful, but |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
+// | General Public License for more details. |
+// | |
+// | You should have received a copy of the GNU General Public License |
+// | along with this program; if not, write to the Free Software |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA. |
+// +-----------------------------------------------------------------------+
+
+if (!defined('PHPWG_ROOT_PATH'))
+{
+ die('Hacking attempt!');
+}
+
+$upgrade_description = 'Update session table for new session system';
+
+// +-----------------------------------------------------------------------+
+// | Upgrade content |
+// +-----------------------------------------------------------------------+
+
+// delete content of old session table
+$query = '
+DELETE FROM '.PREFIX_TABLE.'sessions
+;';
+pwg_query($query);
+
+// column user_id becomes data of type text
+$query = '
+ALTER TABLE '.PREFIX_TABLE.'sessions
+ CHANGE COLUMN user_id data text NOT NULL
+;';
+pwg_query($query);
+
+echo
+"\n"
+.'Column modified in sessions table'
+."\n"
+;
+?>