diff options
author | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2001-05-06 15:06:00 +0000 |
---|---|---|
committer | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2001-05-06 15:06:00 +0000 |
commit | 1d3d27b42d1371ba6242ec217ca803f107ceb9eb (patch) | |
tree | 8d7e184fd63610124717df8dec31e719901965ad /lib/cgi | |
parent | 94df732f8b69356626130e0ec8b2dbc9340082ef (diff) | |
download | ruby-1d3d27b42d1371ba6242ec217ca803f107ceb9eb.tar.gz |
forgot some checkins.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@1363 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib/cgi')
-rw-r--r-- | lib/cgi/session.rb | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/lib/cgi/session.rb b/lib/cgi/session.rb index 1120fb50f0..1a3379b88a 100644 --- a/lib/cgi/session.rb +++ b/lib/cgi/session.rb @@ -96,10 +96,19 @@ class CGI end class FileStore + def check_id(id) + /[^0-9a-zA-Z]/ =~ id.to_s ? false : true + end + module_function :check_id + def initialize(session, option={}) dir = option['tmpdir'] || ENV['TMP'] || '/tmp' prefix = option['prefix'] || '' - path = dir+"/"+prefix+session.session_id + id = session.session_id + unless check_id(id) + raise ArgumentError, "session_id `%s' is invalid" % id + end + path = dir+"/"+prefix+id path.untaint unless File::exist? path @hash = {} @@ -149,9 +158,9 @@ class CGI class MemoryStore GLOBAL_HASH_TABLE = {} - def initialize(session, option={}) + def initialize(session, option=nil) @session_id = session.session_id - GLOBAL_HASH_TABLE[@session_id] = {} + GLOBAL_HASH_TABLE[@session_id] ||= {} end def restore @@ -167,7 +176,7 @@ class CGI end def delete - GLOBAL_HASH_TABLE[@session_id] = nil + GLOBAL_HASH_TABLE.delete(@session_id) end end end |