MBonaldo/hfs2
1
0
Fork 0
mirror of https://github.com/rejetto/hfs2.git synced 2025-12-19 18:13:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

sounder session ID (fix possible session problem)

Browse Source
This commit is contained in:
Massimo Melina 2020-05-28 16:51:42 +02:00
parent 5fa867e194
commit 4a44d5daa4
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
main.pas
View File

@ -2233,9 +2233,11 @@ if assigned(mainFrm) then
mainfrm.visible:=userInteraction.bakVisible; mainfrm.visible:=userInteraction.bakVisible;
end; // reenableUserInteraction end; // reenableUserInteraction
function sanitizeSID(s:string):string;
begin result:=reReplace(s, '[\D\W]', '', '!') end;
function getNewSID():string; function getNewSID():string;
begin result:=replaceStr(base64encode(str_(now())+str_(random())), '=','') end; begin result:=sanitizeSID(base64encode(str_(now())+str_(random()))) end;
constructor Tsession.create(const sid:string=''); constructor Tsession.create(const sid:string='');
begin begin
@ -4894,7 +4896,8 @@ var
sid:=conn.getCookie(SESSION_COOKIE); sid:=conn.getCookie(SESSION_COOKIE);
if sid = '' then if sid = '' then
sid:=data.urlvars.Values[SESSION_COOKIE]; sid:=data.urlvars.Values[SESSION_COOKIE];
if sid = '' then sid:=sanitizeSID(sid);
if sid.length < 10 then
begin begin
data.session:=Tsession.create(); data.session:=Tsession.create();
data.session.ip:=conn.address; data.session.ip:=conn.address;