[BUG/PATCH] cgi/session.rb, cgi/session/pstore.rb

ruby

    Sponsored Links

    Next

  • 1. Real emails on newsgroup version (was POP3Filter)
    This whole worm thing brings up a question: Why is it that those of us who use this as a mailing list, rather than a newsgroup, have our email addresses passed on to the newsgroups unchanged? Is this a conscious design decision or a bug? If it's a design decision, why??? If it's a bug, can I get the source of the reflector thingy and fix it? Ben
  • 2. 1.8,frozen, and untaint
    i'm getting error about calling untaint on a frozen object in 1.8 (kakiwiki). i've removed the call to untaint and things seem to work - but would this be the preferred method? -a ==================================== | Ara Howard | NOAA Forecast Systems Laboratory | Information and Technology Services | Data Systems Group | R/FST 325 Broadway | Boulder, CO 80305-3328 | Email: XXXX@XXXXX.COM | Phone: 303-497-7238 | Fax: 303-497-7259 | The difference between art and science is that science is what we understand | well enough to explain to a computer. Art is everything else. | -- Donald Knuth, "Discover" | ~ > /bin/sh -c 'for lang in ruby perl; do $lang -e "print \"\x3a\x2d\x29\x0a\""; done' ====================================

Re: [BUG/PATCH] cgi/session.rb, cgi/session/pstore.rb

Postby Ara.T.Howard » Thu, 15 Sep 2005 12:23:52 GMT




CGI::Session::MemoryStore and CGI::Session::PStore suffer from same issue...
updated patches (in the right order this time):


--- ./cgi/session.rb.org        2005-09-13 20:52:14.000000000 -0600
+++ ./cgi/session.rb    2005-09-13 21:13:22.000000000 -0600
@@ -244,7 +244,7 @@
      #   end
      #
      def initialize(request, option={})
-      @new_session = false
+      @new_session = nil
        session_key = option['session_key'] || '_session_id'
        session_id = option['session_id']
        unless session_id
@@ -381,10 +381,11 @@
          md5 = Digest::MD5.hexdigest(id)[0,16]
         @path = dir+"/"+prefix+md5+suffix
         unless File::exist? @path
-          unless session.new_session
+          unless session.new_session.nil?
              raise CGI::Session::NoSession, "uninitialized session"
            end
           @hash = {}
+          update
         end
        end

@@ -451,7 +452,7 @@
        def initialize(session, option=nil)
         @session_id = session.session_id
          unless GLOBAL_HASH_TABLE.key?(@session_id)
-          unless session.new_session
+          unless session.new_session.nil?
              raise CGI::Session::NoSession, "uninitialized session"
            end
            GLOBAL_HASH_TABLE[@session_id] = {}




--- ./cgi/session/pstore.rb.org 2005-09-13 21:07:52.000000000 -0600
+++ ./cgi/session/pstore.rb     2005-09-13 21:18:21.000000000 -0600
@@ -9,7 +9,7 @@
  # persistent of session data on top of the pstore library.  See
  # cgi/session.rb for more details on session storage managers.

-require 'cgi/session'
+require './cgi/session'
  require 'pstore'

  class CGI
@@ -62,7 +62,7 @@
         path = dir+"/"+prefix+md5
         path.untaint
         unless File::exist?(path)
-          unless session.new_session
+          unless session.new_session.nil?
              raise CGI::Session::NoSession, "uninitialized session"
            end
           @hash = {}


now i'm noticing that the create of session is not atomic... but that's for
another day.

-a
-- 
===============================================================================
| email :: ara [dot] t [dot] howard [at] noaa [dot] gov
| phone :: 303.497.6469
| Your life dwells amoung the causes of death
| Like a lamp standing in a strong breeze.  --Nagarjuna
===============================================================================




Re: [BUG/PATCH] cgi/session.rb, cgi/session/pstore.rb

Postby nobuyoshi nakada » Thu, 15 Sep 2005 12:42:40 GMT

Hi,

At Wed, 14 Sep 2005 12:23:52 +0900,
Ara.T.Howard wrote in [ruby-talk:156036]:

What does this change?


Library starts with "./" directs `require' to load from
current working directory.  I guess this isn't intended
change.

-- 
Nobu Nakada



Re: [BUG/PATCH] cgi/session.rb, cgi/session/pstore.rb

Postby Ara.T.Howard » Thu, 15 Sep 2005 14:57:02 GMT




that's right - too tired - going to bed ;-(

-a
-- 
===============================================================================
| email :: ara [dot] t [dot] howard [at] noaa [dot] gov
| phone :: 303.497.6469
| Your life dwells amoung the causes of death
| Like a lamp standing in a strong breeze.  --Nagarjuna
===============================================================================




Similar Threads:

1.[BUG/PATCH] cgi/session.rb (SOLVED?)

2.[BUG/PATCH] cgi/session.rb

the following program with fail both the way it is, and using the commented
section:


   ~ > cat a.cgi
   #! /usr/local/bin/ruby

   require 'cgi'
   require 'cgi/session'

   cgi = CGI::new

   database_manager = CGI::Session::FileStore

   session =
   =begin
     begin
       s = CGI::Session::new cgi, 'database_manager' => database_manager, 'new_session' => false
       s.delete
       s
     rescue ArgumentError
       CGI::Session::new cgi, 'database_manager' => database_manager, 'new_session' => true
     end
   =end
       CGI::Session::new cgi, 'database_manager' => database_manager

   session.close

   this_time = Time::now
   last_time = session['last_time'] || this_time
   session['last_time'] = this_time
   session.close

   content = ''
   content << "<hr> THIS_TIME @ <b>#{ this_time }</b> <hr>"
   content << "<hr> LAST_TIME @ <b>#{ last_time }</b> <hr>"

   cgi.out{ content }


in either case a new session is __always__ created.  the docs say:

..
   # A CGI::Session instance is created from a CGI object.  By default,
   # this CGI::Session instance will start a new session if none currently
   # exists, or continue the current session for this client if one does
   # exist.  The +new_session+ option can be used to either always or
   # never create a new session.  See #new() for more details.
..

so there is no way to re-use a session attm.  this seems serious.  i think this
patch addresses the issue:


[ahoward@localhost build/ruby-1.8.2/lib/] diff -u -b -B cgi/session.rb.org cgi/session.rb
--- cgi/session.rb.org  2005-09-13 20:52:14.000000000 -0600
+++ cgi/session.rb      2005-09-13 20:53:32.000000000 -0600
@@ -244,7 +244,7 @@
      #   end
      #
      def initialize(request, option={})
-      @new_session = false
+      @new_session = nil
        session_key = option['session_key'] || '_session_id'
        session_id = option['session_id']
        unless session_id
@@ -381,10 +381,11 @@
          md5 = Digest::MD5.hexdigest(id)[0,16]
         @path = dir+"/"+prefix+md5+suffix
         unless File::exist? @path
-          unless session.new_session
+          unless session.new_session.nil?
              raise CGI::Session::NoSession, "uninitialized session"
            end
           @hash = {}
+          update
         end
        end


and, indeed, with the change the following works as expected/doccumented:

   #! /usr/local/bin/ruby
   require 'cgi'
   require './cgi/session'

   cgi = CGI::new
   content = ''
   database_manager = CGI::Session::FileStore
   this_time = Time::now

   begin
     session = CGI::Session::new cgi, 'database_manager' => database_manager
     last_time = session['last_time'] || this_time
     session['last_time'] = this_time
     session.close

     content << "<hr> THIS_TIME @ <b>#{ this_time }</b> <hr>"
     content << "<hr> LAST_TIME @ <b>#{ last_time }</b> <hr>"
   rescue Exception => e
     m, c, b = e.message, e.class, e.backtrace.join("\n")
     content << "<pre>#{ m } (#{ c })\n#{ b }</pre>"
   end
   cgi.out{ content }


hopefully this hasn't already been fixed - i searched for a while....

regards.


-a
-- 
===============================================================================
| email :: ara [dot] t [dot] howard [at] noaa [dot] gov
| phone :: 303.497.6469
| Your life dwells amoung the causes of death
| Like a lamp standing in a strong breeze.  --Nagarjuna
===============================================================================



3.Sessions and GET (CGI.rb)

4.multipart forms and cgi - cgi.rb bug?

Hi Robert,

>
> Maybe the output is truncated.  Maybe you you didn't enter a file name
> before submitting the form. ...
>
> Kind regards
>
>     robert
>
>

There seems to be a bug in version 1.63 of cgi.rb when it comes to
multipart forms. After trying every combination of cgi['formname'],
cgi.param['formname'] etc it turns out it was only passing the first field
in the form.

I downloaded version 1.56 of cgi.rb from the cvs repository and replaced
1.63 and the multipart form now works correctly.

regards,

Martin



5.cgi/session , deleting old sessions.

6. StringIO#binmode: bug in cgi.rb and yaml.rb

7. Bug in cgi/session

8. BUG: CGI.Session on Windows



Return to ruby

 

Who is online

Users browsing this forum: No registered users and 54 guest