* string.c (str_gsub): internal buffer should not be listed by

ObjectSpace.each_object() by String#gsub. [ruby-dev:24931] * lib/cgi/session.rb (CGI::Session::FileStore::initialize): raise exception if data corresponding to session specified from the client does not exist. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7326 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2022-11-09 12:17:21 -05:00 · 2004-11-19 16:59:11 +00:00 · 2004-11-19 16:59:11 +00:00 · 77a23fba35
commit 77a23fba35
parent a6610efee8
7 changed files with 41 additions and 8 deletions
--- a/lib/cgi/session.rb
+++ b/lib/cgi/session.rb
@ -156,7 +156,7 @@ class CGI
  class Session

    # The id of this session.
-    attr_reader :session_id
+    attr_reader :session_id, :new_session

    def Session::callback(dbman)  #:nodoc:
      Proc.new{
@ -170,7 +170,7 @@ class CGI
    # a random number, and a constant string.  This routine
    # is used internally for automatically generated
    # session ids. 
-    def Session::create_new_id
+    def create_new_id
      require 'digest/md5'
      md5 = Digest::MD5::new
      now = Time::now
@ -179,8 +179,10 @@ class CGI
      md5.update(String(rand(0)))
      md5.update(String($$))
      md5.update('foobar')
+      @new_session = true
      md5.hexdigest[0,16]
    end
+    private :create_new_id

    # Create a new CGI::Session object for +request+.
    #
@ -239,6 +241,7 @@ class CGI
    #   end
    #
    def initialize(request, option={})
+      @new_session = false
      session_key = option['session_key'] || '_session_id'
      id = option['session_id']
      unless id
@ -367,6 +370,9 @@ class CGI
        md5 = Digest::MD5.hexdigest(id)[0,16]
 	@path = dir+"/"+prefix+md5+suffix
 	unless File::exist? @path
+          unless session.new_session
+            raise RuntimeError, "uninitialized session"
+          end
 	  @hash = {}
 	end
      end
@ -433,7 +439,12 @@ class CGI
      # currently recognised.
      def initialize(session, option=nil)
 	@session_id = session.session_id
-	GLOBAL_HASH_TABLE[@session_id] ||= {}
+        unless GLOBAL_HASH_TABLE.key?(@session_id)
+          unless session.new_session
+            raise RuntimeError, "uninitialized session"
+          end
+          GLOBAL_HASH_TABLE[@session_id] = {}
+        end
      end

      # Restore session state.
--- a/lib/cgi/session/pstore.rb
+++ b/lib/cgi/session/pstore.rb
@ -61,7 +61,10 @@ class CGI
        md5 = Digest::MD5.hexdigest(id)[0,16]
 	path = dir+"/"+prefix+md5
 	path.untaint
-	unless File::exist? path
+	unless File::exist?(path)
+          unless session.new_session
+            raise RuntimeError, "uninitialized session"
+          end
 	  @hash = {}
 	end
 	@p = ::PStore.new(path)