holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

we did a double serialize, that's bad!!!! i was searching the whole day. but

Browse Source 
maybe i'm a bad coder! :)
This commit is contained in:
Lars Kneschke 2001-04-15 21:49:50 +00:00
parent 4d93655896
commit 2890047713
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
phpgwapi/inc/class.sessions.inc.php
View File

@ -404,8 +404,7 @@
// This was not properly decoding structures saved into session data properly // This was not properly decoding structures saved into session data properly
// $data = $phpgw->common->decrypt($data); // $data = $phpgw->common->decrypt($data);
// $data = stripslashes($data); // $data = stripslashes($data);
$data = $phpgw->crypto->decrypt($data); return $phpgw->crypto->decrypt($data);
return unserialize($data);
} else { } else {
$phpgw->db->query("select content from phpgw_app_sessions where " $phpgw->db->query("select content from phpgw_app_sessions where "
@ -415,14 +414,15 @@
if ($phpgw->db->num_rows()==0) { if ($phpgw->db->num_rows()==0) {
// I added these into seperate steps for easier debugging // I added these into seperate steps for easier debugging
$data = serialize($data);
$data = $phpgw->crypto->encrypt($data); $data = $phpgw->crypto->encrypt($data);
$data = addslashes($data);
$phpgw->db->query("INSERT INTO phpgw_app_sessions (sessionid,loginid,app,location,content,session_dla) " $phpgw->db->query("INSERT INTO phpgw_app_sessions (sessionid,loginid,app,location,content,session_dla) "
. "VALUES ('".$this->sessionid."','".$this->account_id."','".$appname . "VALUES ('".$this->sessionid."','".$this->account_id."','".$appname
. "','".$location."','".$data."','" . time() . "')",__LINE__,__FILE__); . "','".$location."','".$data."','" . time() . "')",__LINE__,__FILE__);
} else { } else {
$data = $phpgw->crypto->encrypt(serialize($data)); $data = $phpgw->crypto->encrypt($data);
$data = addslashes($data);
$phpgw->db->query("update phpgw_app_sessions set content = '".$data."'" $phpgw->db->query("update phpgw_app_sessions set content = '".$data."'"
. "where sessionid = '".$this->sessionid."'" . "where sessionid = '".$this->sessionid."'"
. "and loginid = '".$this->account_id."' and app = '".$appname."'" . "and loginid = '".$this->account_id."' and app = '".$appname."'"
@ -437,11 +437,13 @@
{ {
global $phpgw; global $phpgw;
$serializedData = $this->appsession(); $sessionData = $this->appsession("sessiondata");
$sessionData = unserialize($serializedData); print "Tyoe: ".$sessionData;
# $sessionData = unserialize($serializedData);
if (is_array($sessionData)) if (is_array($sessionData))
{ {
print "is Array<br>";
reset($sessionData); reset($sessionData);
while(list($key,$value) = each($sessionData)) while(list($key,$value) = each($sessionData))
{ {
@ -469,7 +471,7 @@
$sessionData[$key] = $$key; $sessionData[$key] = $$key;
} }
} }
$this->appsession($sessionData); $this->appsession("sessiondata",'',$sessionData);
} }
} }