* Api/Filemanager/WebDAV: fix SQL error if login error or WebDAV path contains non-ascii chars

in that case we transliterate these to ascii for storage in egw_access_log table, which only allows ascii chars
2024-11-23 00:13:35 +01:00 · 2018-12-10 16:46:49 +01:00 · 2018-12-10 16:46:49 +01:00 · 351c2f56b7
commit 351c2f56b7
parent 8e9ff828ba
1 changed files with 14 additions and 1 deletions
--- a/api/src/Session.php
+++ b/api/src/Session.php
@ -675,7 +675,7 @@ class Session
 	/**
    * Write or update (for logout) the access_log
 	*
-	* @param string|int $sessionid nummeric or PHP session id or 0 for unsuccessful logins
+	* @param string|int $sessionid nummeric or PHP session id or error-message for unsuccessful logins
 	* @param string $login ='' account_lid (evtl. with domain) or '' for setting the logout-time
 	* @param string $user_ip ='' ip to log
 	* @param int $account_id =0 numerical account_id
@ -685,6 +685,13 @@ class Session
 	{
 		$now = time();

+		// if sessionid contains non-ascii chars (only happens for error-messages)
+		// --> transliterate it to ascii, as session_php only allows ascii chars
+		if (preg_match('/[^\x20-\x7f]/', $sessionid))
+		{
+			$sessionid = Translation::to_ascii($sessionid);
+		}
+
 		if ($login)
 		{
 			$GLOBALS['egw']->db->insert(self::ACCESS_LOG_TABLE,array(
@ -1407,10 +1414,16 @@ class Session
 	/**
 	 * Set action logged in access-log
 	 *
+	 * Non-ascii chars in $action get transliterate to ascii, as our session_action column allows only ascii.
+	 *
 	 * @param string $action
 	 */
 	public function set_action($action)
 	{
+		if (preg_match('/[^\x20-\x7f]/', $action))
+		{
+			$action = Translation::to_ascii($action);
+		}
 		$this->action = $action;
 	}