Changeset 20856


Ignore:
Timestamp:
2009-10-29T10:41:38+13:00 (14 years ago)
Author:
mdewsnip
Message:

Rewritten get_cookie() functions to prevent strange infinite loops and crashes in some circumstances, and to get rid of some *nasty* code (here+9, anyone?). By Jeffrey Ke at DL Consulting Ltd.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • gsdl/trunk/runtime-src/src/recpt/receptionist.cpp

    r19259 r20856  
    670670}
    671671
    672 // returns true if cookie already existed, false
    673 // if it was generated
    674 bool receptionist::get_cookie (text_t &cookie, text_tmap &fcgienv) {
    675 
     672
     673// Returns true if cookie already existed, false if it was generated
     674bool receptionist::get_cookie (text_t &cookie, text_tmap &fcgienv)
     675{
     676  // See if we can get the GSDL_UID cookie
    676677  text_t cookiestring = gsdl_getenv ("HTTP_COOKIE", fcgienv);
    677   if (!cookiestring.empty())
     678  if (!cookiestring.empty()) // This should really be handled by the findword function...
    678679  {
    679     text_t::const_iterator end = cookiestring.end(); 
    680     text_t::const_iterator here = findchar ((text_t::const_iterator)cookiestring.begin(), end, 'G');
    681 
    682     while (here+9 < end) {
    683    
    684       if (substr(here, here+8) == "GSDL_UID") {
    685     cookie = substr (here+9, findchar (here+9, end, ';'));
    686     return true;
    687       }
    688       ++here;
    689       here = findchar (here, end, 'G');
    690     }
    691   }
    692 
     680    // Check if the cookie contains GSDL_UID
     681    text_t gsdl_uid = "GSDL_UID=";
     682    text_t::const_iterator gsdl_uid_start = findword(cookiestring.begin(), cookiestring.end(), gsdl_uid);
     683    if (gsdl_uid_start != cookiestring.end())
     684    {
     685      // Yes, so extract its value
     686      cookie = substr(gsdl_uid_start + gsdl_uid.size(), findchar(gsdl_uid_start + gsdl_uid.size(), cookiestring.end(), ';'));
     687      return true;
     688    }
     689  }
     690
     691  // Generate a new key "[host]-[epoch time]", e.g. test.com-1256764496
    693692  cookie.clear();
    694693  text_t host = gsdl_getenv("REMOTE_ADDR", fcgienv);
    695694  time_t ttime = time(NULL);
    696   if (!host.empty()) {
     695  if (!host.empty())
     696  {
    697697    cookie += host;
    698698    cookie.push_back ('-');
    699699  }
    700700  cookie += text_t(ttime);
    701  
     701
    702702  return false;
    703703}
    704704
    705 // as above but just tests if cookie exists
    706 bool receptionist::get_cookie (text_tmap &fcgienv) {
    707 
    708   text_t c = gsdl_getenv("HTTP_COOKIE", fcgienv);
    709   if (!c.empty()) {
    710     text_t cookiestring = c;
    711    
    712     text_t::const_iterator end = cookiestring.end(); 
    713     text_t::const_iterator here = findchar ((text_t::const_iterator)cookiestring.begin(), end, 'G');
    714 
    715     while (here+9 < end) {
    716       if (substr(here, here+8) == "GSDL_UID") return true;
    717       ++here;
    718       here = findchar (here, end, 'G');
    719     }
    720   }
    721   return false;
    722 }
     705
     706// Same as above but just tests if cookie exists
     707bool receptionist::get_cookie (text_tmap &fcgienv)
     708{
     709  text_t cookie_jar = "";
     710  return get_cookie(cookie_jar, fcgienv);
     711}
     712
    723713
    724714bool receptionist::log_cgi_args (cgiargsclass &args, ostream &logout, text_tmap &fcgienv) {
Note: See TracChangeset for help on using the changeset viewer.