From: Steven Barth <steven@midlink.org>
Date: Sun, 14 Dec 2008 21:42:59 +0000 (+0000)
Subject: Added luci.sauth.kill, sanitize luci.sauth even more
X-Git-Tag: 0.9.0~900
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=8b978f79fca72d3d8d76a1fb147addea2d7e3ded;p=oweals%2Fluci.git

Added luci.sauth.kill, sanitize luci.sauth even more
---

diff --git a/libs/web/luasrc/sauth.lua b/libs/web/luasrc/sauth.lua
index 894732dfa..5d3dc95ca 100644
--- a/libs/web/luasrc/sauth.lua
+++ b/libs/web/luasrc/sauth.lua
@@ -60,6 +60,9 @@ function read(id)
 	if not id then
 		return
 	end
+	if not id:match("^%w+$") then
+		error("Session ID is not sane!")
+	end
 	clean()
 	if not sane(sessionpath .. "/" .. id) then
 		return
@@ -85,6 +88,19 @@ function write(id, data)
 	if not sane() then
 		prepare()
 	end
+	if not id:match("^%w+$") then
+		error("Session ID is not sane!")
+	end
 	luci.fs.writefile(sessionpath .. "/" .. id, data)
 	luci.fs.chmod(sessionpath .. "/" .. id, "a-rwx,u+rw")
+end
+
+
+--- Kills a session
+-- @param id	Session identifier
+function kill(id)
+	if not id:match("^%w+$") then
+		error("Session ID is not sane!")
+	end
+	luci.fs.unlink(sessionpath .. "/" .. id)
 end
\ No newline at end of file