Changeset 226

Show
Ignore:
Timestamp:
09/26/2007 14:14:55 (14 months ago)
Author:
zimbatm
Message:

Okay, SQL injection of [225] was fun but didn't work as expected. rdebug showed
me the light and gave me a good solution.

Files:
1 modified

Legend:

Unmodified
Added
Removed

  • trunk/lib/camping/session.rb

    r225 r226  
    1919class Session < Base 
    2020    serialize :ivars 
    21     # SQL injection to bypass id field checks 
    22     set_primary_key '"="" OR "' 
     21    set_primary_key :hashid 
    2322 
    2423    def []=(k, v) # :nodoc: 
     
    2928    end 
    3029 
     30  protected 
    3131    RAND_CHARS = [*'A'..'Z'] + [*'0'..'9'] + [*'a'..'z'] 
     32    def before_create 
     33      rand_max = RAND_CHARS.size 
     34      sid = (0...32).inject("") { |ret,_| ret << RAND_CHARS[rand(rand_max)] } 
     35      write_attribute('hashid', sid) 
     36    end 
    3237 
    3338    # Generates a new session ID and creates a row for the new session in the database. 
    3439    def self.generate cookies 
    35         rand_max = RAND_CHARS.size 
    36         sid = (0...32).inject("") { |ret,_| ret << RAND_CHARS[rand(rand_max)] } 
    37         sess = Session.create :hashid => sid, :ivars => Camping::H[] 
     40        sess = Session.create :ivars => Camping::H[] 
    3841        cookies.camping_sid = sess.hashid 
    3942        sess