DontSellMe/richdocuments
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use random and unique session id

Browse Source
This commit is contained in:
Victor Dubiniuk 2013-08-08 18:31:47 +03:00 committed by Tobias Hintze
parent 2632387517
commit 544991cab3
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/session.php
View File

@ -35,7 +35,7 @@ class Session {
$query = \OCP\DB::prepare('INSERT INTO `*PREFIX*office_session` (`es_id`, `genesis_url`, `genesis_hash`, `owner`) VALUES (?, ?, ?, ?) ');
$data = array(
'es_id' => self::getSessionId(),
'es_id' => self::getUniqueSessionId(),
'genesis_url' => $genesis,
'genesis_hash' => $hash,
'owner' => \OCP\User::getUser()
@ -48,8 +48,12 @@ class Session {
return false;
}
protected static function getSessionId(){
return (string) time();
protected static function getUniqueSessionId(){
do {
$id = \OC_Util::generate_random_bytes(30);
} while (self::getSession($id));
return $id;
}
}