diff options
| author | Andreas Brachold <vdr07@deltab.de> | 2009-11-08 16:21:23 +0000 |
|---|---|---|
| committer | Andreas Brachold <vdr07@deltab.de> | 2009-11-08 16:21:23 +0000 |
| commit | 4571a61a157b8fb60594e2f2c793a39c8c82a6e6 (patch) | |
| tree | b0fb6175d6c7e8e81b0691283464b1276a8233c1 /lib | |
| parent | adb3bbe0f05f7df75f8e5563674745294ef8d352 (diff) | |
| download | xxv-4571a61a157b8fb60594e2f2c793a39c8c82a6e6.tar.gz xxv-4571a61a157b8fb60594e2f2c793a39c8c82a6e6.tar.bz2 | |
* HTTPD: fix cookie parsing
* USERS: allow multiple sessions from same user
* AJAX: Change message response {data:msg,param.state=success} to a shorter response {data:msg,success=true}
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/XXV/MODULES/HTTPD.pm | 4 | ||||
| -rw-r--r-- | lib/XXV/MODULES/USER.pm | 8 | ||||
| -rw-r--r-- | lib/XXV/OUTPUT/Ajax.pm | 9 |
3 files changed, 13 insertions, 8 deletions
diff --git a/lib/XXV/MODULES/HTTPD.pm b/lib/XXV/MODULES/HTTPD.pm index a7b200b..b93530c 100644 --- a/lib/XXV/MODULES/HTTPD.pm +++ b/lib/XXV/MODULES/HTTPD.pm @@ -405,8 +405,8 @@ sub parseRequest { $data->{accept_gzip} = 1; } elsif($line =~ /If-None-Match: (\S+)/i) { $data->{Match} = $1; - } elsif($line =~ /Cookie: (\S+)=(\S+)/i) { - my %cookies = CGI::Cookie->parse($line); + } elsif($line =~ /Cookie: (.*)/i) { + my %cookies = CGI::Cookie->parse($1); foreach (keys %cookies) { if(exists $cookies{$_}->{value} and scalar($cookies{$_}->{value})) { diff --git a/lib/XXV/MODULES/USER.pm b/lib/XXV/MODULES/USER.pm index 1e5d690..288bc33 100644 --- a/lib/XXV/MODULES/USER.pm +++ b/lib/XXV/MODULES/USER.pm @@ -875,12 +875,14 @@ sub _checkUser { return $user; } +# Create new session sub _createSession { my $self = shift || return error('No object defined!'); my $uid = shift; my $ip = shift; - $self->_closeSession($uid); + #Close all session with same uid + #$self->_closeSession($uid); for(my $c = 3; $c >= 1; $c--) { my $random = int( rand(4294967296) ); @@ -893,6 +895,7 @@ sub _createSession { return undef; } +# Update timestamp of expires sessions sub _updateSession { my $self = shift || return error('No object defined!'); my $sid = shift; @@ -901,6 +904,7 @@ sub _updateSession { $sth->execute( $sid ); } +# Delete expires sessions sub _deleteSession { my $self = shift || return error('No object defined!'); @@ -908,6 +912,7 @@ sub _deleteSession { $sth->execute( ); } +# Close all session with same uid sub _closeSession { my $self = shift || return error('No object defined!'); my $uid = shift; @@ -916,6 +921,7 @@ sub _closeSession { $sth->execute($uid); } +# Check exits session by sid and ip sub _checkSession { my $self = shift || return error('No object defined!'); my $sid = shift; diff --git a/lib/XXV/OUTPUT/Ajax.pm b/lib/XXV/OUTPUT/Ajax.pm index 1c873c1..d250cb5 100644 --- a/lib/XXV/OUTPUT/Ajax.pm +++ b/lib/XXV/OUTPUT/Ajax.pm @@ -319,7 +319,8 @@ sub login { my $self = shift || return error('No object defined!'); my $msg = shift || ''; - $self->statusmsg(401,$msg,gettext("Authorization required")); + # Send 403 insteed 401, deny all ajax logins + $self->statusmsg(403,$msg,gettext("Authorization required")); } # ------------------ @@ -448,7 +449,6 @@ sub msg { my $data = shift || 0; my $err = shift || 0; - my $state = $err ? 'error' : 'success'; my $msg; if(ref $data eq 'ARRAY') { $msg = join("\r\n",@{$data}); @@ -456,9 +456,8 @@ sub msg { $msg = $data; } - $self->out( $msg, { state => $state }, 'msg' ); - - #$self->{call} = ''; + $self->{output}->{success} = $err ? \0 : \1; + $self->out( $msg, 0, 'msg' ); } # ------------------ |