MyShaarli

History

VirtualTam 68bc21353a Session ID: extend the regex to match possible hash representations Improves #306 Relates to #335 & #336 Duplicated by #339 Issues: - PHP regenerates the session ID if it is not compliant - the regex checking the session ID does not cover all cases - different algorithms: md5, sha1, sha256, etc. - bit representations: 4, 5, 6 Fix: - `index.php`: - remove `uniqid()` usage - call `session_regenerate_id()` if an invalid cookie is detected - regex: support all possible characters - '[a-zA-Z,-]{2,128}' - tests: add coverage for all algorithms & bit representations See: - http://php.net/manual/en/session.configuration.php#ini.session.hash-function - https://secure.php.net/manual/en/session.configuration.php#ini.session.hash-bits-per-character - http://php.net/manual/en/function.session-id.php - http://php.net/manual/en/function.session-regenerate-id.php - http://php.net/manual/en/function.hash-algos.php Signed-off-by: VirtualTam <virtualtam@flibidi.net>		2015-09-06 16:14:24 +02:00
..
.htaccess	LinkDB: move to a proper file, add test coverage	2015-06-11 00:45:45 +02:00
Cache.php	Cache: simplify cached content cleanup, improve tests	2015-08-13 23:51:31 +02:00
CachedPage.php	CachedPage: move to a proper file, add tests	2015-08-13 23:48:06 +02:00
Config.php	PHP: ensure 5.3 compatibility, refactor timezone utilities	2015-07-13 13:06:06 +02:00
LinkDB.php	CachedPage: move to a proper file, add tests	2015-08-13 23:48:06 +02:00
TimeZone.php	Installation: default to the server's timezone	2015-08-04 23:54:03 +02:00
Url.php	Fixes #325 - Shaarli does not recognize saved links	2015-08-31 12:26:38 +02:00
Utils.php	Session ID: extend the regex to match possible hash representations	2015-09-06 16:14:24 +02:00