From b48d9bf5d412a6f56f3f9ba4bad141ddfe175727 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Mon, 07 Sep 2009 08:51:21 -0400
Subject: [PATCH] - Use faster/secure mt_rand() (#1486094)
---
program/include/session.inc | 194 +++++++++++++++++++++++++++++++++--------------
1 files changed, 135 insertions(+), 59 deletions(-)
diff --git a/program/include/session.inc b/program/include/session.inc
index f9b7f86..bd4e2a1 100644
--- a/program/include/session.inc
+++ b/program/include/session.inc
@@ -5,7 +5,7 @@
| program/include/session.inc |
| |
| This file is part of the RoundCube Webmail client |
- | Copyright (C) 2005-2008, RoundCube Dev. - Switzerland |
+ | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland |
| Licensed under the GNU GPL |
| |
| PURPOSE: |
@@ -19,6 +19,7 @@
*/
+$GLOBALS['rcube_session_unsets'] = array();
function rcube_sess_open($save_path, $session_name)
{
@@ -38,10 +39,6 @@
global $SESS_CHANGED, $SESS_CLIENT_IP;
$DB = rcmail::get_instance()->get_dbh();
-
- if ($DB->is_error()) {
- return false;
- }
$sql_result = $DB->query(
"SELECT vars, ip, " . $DB->unixtimestamp('changed') . " AS changed
@@ -66,52 +63,158 @@
{
$DB = rcmail::get_instance()->get_dbh();
- if ($DB->is_error()) {
- return false;
- }
+ $now = $DB->fromunixtime(time());
$sql_result = $DB->query(
- "SELECT 1 FROM " . get_table_name('session') . "
- WHERE sess_id=?",
- $key);
+ "SELECT vars FROM " . get_table_name('session') . "
+ WHERE sess_id=?", $key);
- if ($DB->num_rows($sql_result)) {
+ if ($sql_arr = $DB->fetch_assoc($sql_result)) {
+
+ $a_oldvars = rcube_sess_unserialize($sql_arr['vars']);
+ foreach ((array)$GLOBALS['rcube_session_unsets'] as $k)
+ unset($a_oldvars[$k]);
+
$DB->query(
"UPDATE " . get_table_name('session') . "
- SET vars=?, changed=" . $DB->now() . "
+ SET vars=?, changed= " . $now . "
WHERE sess_id=?",
- $vars,
+ rcube_sess_serialize(array_merge($a_oldvars, rcube_sess_unserialize($vars))),
$key);
}
else {
$DB->query(
"INSERT INTO " . get_table_name('session') . "
(sess_id, vars, ip, created, changed)
- VALUES (?, ?, ?, ".$DB->now().", ".$DB->now().")",
+ VALUES (?, ?, ?, " . $now . ", " . $now .")",
$key,
$vars,
(string)$_SERVER['REMOTE_ADDR']);
}
+ $GLOBALS['rcube_session_unsets'] = array();
return true;
+}
+
+
+// unset session variable
+function rcube_sess_unset($var=NULL)
+{
+ if (empty($var))
+ return rcube_sess_destroy(session_id());
+
+ $GLOBALS['rcube_session_unsets'][] = $var;
+ unset($_SESSION[$var]);
+
+ return true;
+}
+
+
+// serialize session data
+function rcube_sess_serialize($vars)
+{
+ $data = '';
+ if (is_array($vars))
+ foreach ($vars as $var=>$value)
+ $data .= $var.'|'.serialize($value);
+ else
+ $data = 'b:0;';
+ return $data;
+}
+
+
+// unserialize session data
+// http://www.php.net/manual/en/function.session-decode.php#56106
+function rcube_sess_unserialize($str)
+{
+ $str = (string)$str;
+ $endptr = strlen($str);
+ $p = 0;
+
+ $serialized = '';
+ $items = 0;
+ $level = 0;
+
+ while ($p < $endptr) {
+ $q = $p;
+ while ($str[$q] != '|')
+ if (++$q >= $endptr) break 2;
+
+ if ($str[$p] == '!') {
+ $p++;
+ $has_value = false;
+ } else {
+ $has_value = true;
+ }
+
+ $name = substr($str, $p, $q - $p);
+ $q++;
+
+ $serialized .= 's:' . strlen($name) . ':"' . $name . '";';
+
+ if ($has_value) {
+ for (;;) {
+ $p = $q;
+ switch (strtolower($str[$q])) {
+ case 'n': /* null */
+ case 'b': /* boolean */
+ case 'i': /* integer */
+ case 'd': /* decimal */
+ do $q++;
+ while ( ($q < $endptr) && ($str[$q] != ';') );
+ $q++;
+ $serialized .= substr($str, $p, $q - $p);
+ if ($level == 0) break 2;
+ break;
+ case 'r': /* reference */
+ $q+= 2;
+ for ($id = ''; ($q < $endptr) && ($str[$q] != ';'); $q++) $id .= $str[$q];
+ $q++;
+ $serialized .= 'R:' . ($id + 1) . ';'; /* increment pointer because of outer array */
+ if ($level == 0) break 2;
+ break;
+ case 's': /* string */
+ $q+=2;
+ for ($length=''; ($q < $endptr) && ($str[$q] != ':'); $q++) $length .= $str[$q];
+ $q+=2;
+ $q+= (int)$length + 2;
+ $serialized .= substr($str, $p, $q - $p);
+ if ($level == 0) break 2;
+ break;
+ case 'a': /* array */
+ case 'o': /* object */
+ do $q++;
+ while ( ($q < $endptr) && ($str[$q] != '{') );
+ $q++;
+ $level++;
+ $serialized .= substr($str, $p, $q - $p);
+ break;
+ case '}': /* end of array|object */
+ $q++;
+ $serialized .= substr($str, $p, $q - $p);
+ if (--$level == 0) break 2;
+ break;
+ default:
+ return false;
+ }
+ }
+ } else {
+ $serialized .= 'N;';
+ $q+= 2;
+ }
+ $items++;
+ $p = $q;
+ }
+
+ return unserialize( 'a:' . $items . ':{' . $serialized . '}' );
}
// handler for session_destroy()
function rcube_sess_destroy($key)
{
- $rcmail = rcmail::get_instance();
- $DB = $rcmail->get_dbh();
+ $DB = rcmail::get_instance()->get_dbh();
- if ($DB->is_error()) {
- return false;
- }
-
- // delete session entries in cache table
- if ($rcmail->config->get('enable_caching')) {
- $DB->query("DELETE FROM " . get_table_name('cache') . " WHERE session_id=?", $key);
- }
-
$DB->query("DELETE FROM " . get_table_name('session') . " WHERE sess_id=?", $key);
return true;
@@ -124,40 +227,13 @@
$rcmail = rcmail::get_instance();
$DB = $rcmail->get_dbh();
- if ($DB->is_error()) {
- return false;
- }
+ // just delete all expired sessions
+ $DB->query("DELETE FROM " . get_table_name('session') . "
+ WHERE changed < " . $DB->fromunixtime(time() - $maxlifetime));
- // get all expired sessions
- $sql_result = $DB->query(
- "SELECT sess_id
- FROM " . get_table_name('session') . "
- WHERE " . $DB->unixtimestamp($DB->now())."-".$DB->unixtimestamp('changed') . " > ?",
- $maxlifetime);
-
- $exp_sessions = array();
- while ($sql_arr = $DB->fetch_assoc($sql_result)) {
- $exp_sessions[] = $sql_arr['sess_id'];
- }
+ if ($rcmail->config->get('enable_caching'))
+ rcmail_cache_gc();
- $caching = $rcmail->config->get('enable_caching');
-
- if (sizeof($exp_sessions)) {
- // delete session cache records
- if ($caching) {
- $DB->query("DELETE FROM " . get_table_name('cache') . "
- WHERE session_id IN ('".join("','", $exp_sessions)."')");
- }
-
- // delete session records
- $DB->query("DELETE FROM " . get_table_name('session') . "
- WHERE sess_id IN ('".join("','", $exp_sessions)."')");
- }
-
- // also run message cache GC
- if ($caching) {
- rcmail_message_cache_gc();
- }
rcmail_temp_gc();
return true;
@@ -169,7 +245,7 @@
$randval = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
for ($random = "", $i=1; $i <= 32; $i++) {
- $random .= substr($randval, rand(0,(strlen($randval) - 1)), 1);
+ $random .= substr($randval, mt_rand(0,(strlen($randval) - 1)), 1);
}
// use md5 value for id or remove capitals from string $randval
--
Gitblit v1.9.1