Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Fixed #6082: file-based sessions now verify that SESSION_FILE_PATH is…

… a valid storage location, and raise ImproperlyConfigured if not. Thanks, jags78.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@6889 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 602b7bca7aa0b94bb38ba16735635959e04d91ab 1 parent 76dd53a
Jacob Kaplan-Moss authored December 04, 2007

Showing 1 changed file with 11 additions and 2 deletions. Show diff stats Hide diff stats

  1. 13  django/contrib/sessions/backends/file.py
13  django/contrib/sessions/backends/file.py
... ...
@@ -1,14 +1,23 @@
1 1
 import os
  2
+import tempfile
2 3
 from django.conf import settings
3 4
 from django.contrib.sessions.backends.base import SessionBase
4  
-from django.core.exceptions import SuspiciousOperation
  5
+from django.core.exceptions import SuspiciousOperation, ImproperlyConfigured
5 6
 
6 7
 class SessionStore(SessionBase):
7 8
     """
8 9
     Implements a file based session store.
9 10
     """
10 11
     def __init__(self, session_key=None):
11  
-        self.storage_path = settings.SESSION_FILE_PATH
  12
+        self.storage_path = getattr(settings, "SESSION_FILE_PATH", tempfile.gettempdir())
  13
+        
  14
+        # Make sure the storage path is valid.
  15
+        if not os.path.isdir(self.storage_path):
  16
+            raise ImproperlyConfigured("The session storage path %r doesn't exist. "\
  17
+                                       "Please set your SESSION_FILE_PATH setting "\
  18
+                                       "to an existing directory in which Django "\
  19
+                                       "can store session data." % self.storage_path)
  20
+        
12 21
         self.file_prefix = settings.SESSION_COOKIE_NAME    
13 22
         super(SessionStore, self).__init__(session_key)
14 23
     

0 notes on commit 602b7bc

Please sign in to comment.
Something went wrong with that request. Please try again.