Added luci.sauth.kill, sanitize luci.sauth even more

author: Steven Barth <steven@midlink.org> 2008-12-14 21:42:59 +0000
committer: Steven Barth <steven@midlink.org> 2008-12-14 21:42:59 +0000
commit: 8b978f79fca72d3d8d76a1fb147addea2d7e3ded (patch)
tree: e006a280232eb446fc3839f0a58604bd90c87771 /libs/web
parent: f9a04e040f78a98071eae377728278b992925678 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/libs/web/luasrc/sauth.lua b/libs/web/luasrc/sauth.lua
index 894732dfa..5d3dc95ca 100644
--- a/libs/web/luasrc/sauth.lua
+++ b/libs/web/luasrc/sauth.lua
@@ -60,6 +60,9 @@ function read(id)
 	if not id then
 		return
 	end
+	if not id:match("^%w+$") then
+		error("Session ID is not sane!")
+	end
 	clean()
 	if not sane(sessionpath .. "/" .. id) then
 		return
@@ -85,6 +88,19 @@ function write(id, data)
 	if not sane() then
 		prepare()
 	end
+	if not id:match("^%w+$") then
+		error("Session ID is not sane!")
+	end
 	luci.fs.writefile(sessionpath .. "/" .. id, data)
 	luci.fs.chmod(sessionpath .. "/" .. id, "a-rwx,u+rw")
+end
+
+
+--- Kills a session
+-- @param id	Session identifier
+function kill(id)
+	if not id:match("^%w+$") then
+		error("Session ID is not sane!")
+	end
+	luci.fs.unlink(sessionpath .. "/" .. id)
 end
 \ No newline at end of file
author	Steven Barth <steven@midlink.org>	2008-12-14 21:42:59 +0000
committer	Steven Barth <steven@midlink.org>	2008-12-14 21:42:59 +0000
commit	8b978f79fca72d3d8d76a1fb147addea2d7e3ded (patch)
tree	e006a280232eb446fc3839f0a58604bd90c87771 /libs/web
parent	f9a04e040f78a98071eae377728278b992925678 (diff)