From 8b978f79fca72d3d8d76a1fb147addea2d7e3ded Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Sun, 14 Dec 2008 21:42:59 +0000 Subject: Added luci.sauth.kill, sanitize luci.sauth even more --- libs/web/luasrc/sauth.lua | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'libs/web/luasrc/sauth.lua') diff --git a/libs/web/luasrc/sauth.lua b/libs/web/luasrc/sauth.lua index 894732dfa..5d3dc95ca 100644 --- a/libs/web/luasrc/sauth.lua +++ b/libs/web/luasrc/sauth.lua @@ -60,6 +60,9 @@ function read(id) if not id then return end + if not id:match("^%w+$") then + error("Session ID is not sane!") + end clean() if not sane(sessionpath .. "/" .. id) then return @@ -85,6 +88,19 @@ function write(id, data) if not sane() then prepare() end + if not id:match("^%w+$") then + error("Session ID is not sane!") + end luci.fs.writefile(sessionpath .. "/" .. id, data) luci.fs.chmod(sessionpath .. "/" .. id, "a-rwx,u+rw") +end + + +--- Kills a session +-- @param id Session identifier +function kill(id) + if not id:match("^%w+$") then + error("Session ID is not sane!") + end + luci.fs.unlink(sessionpath .. "/" .. id) end \ No newline at end of file -- cgit v1.2.3