Skip to content

Commit 0c5ba45

Browse files
committed
fix session API broken and SQL pretection
1 parent 69a9823 commit 0c5ba45

File tree

7 files changed

+5
-12
lines changed

7 files changed

+5
-12
lines changed

Diff for: cmd/web.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -72,7 +72,7 @@ func checkVersion() {
7272
log.Fatal(4, "Package i18n version is too old, did you forget to update?(github.com/macaron-contrib/i18n)")
7373
}
7474
sessionVer := git.MustParseVersion(session.Version())
75-
if sessionVer.LessThan(git.MustParseVersion("0.0.3")) {
75+
if sessionVer.LessThan(git.MustParseVersion("0.0.5")) {
7676
log.Fatal(4, "Package session version is too old, did you forget to update?(github.com/macaron-contrib/session)")
7777
}
7878
}

Diff for: conf/app.ini

-4
Original file line numberDiff line numberDiff line change
@@ -163,10 +163,6 @@ ENABLE_SET_COOKIE = true
163163
GC_INTERVAL_TIME = 86400
164164
; Session life time, default is 86400
165165
SESSION_LIFE_TIME = 86400
166-
; session id hash func, Either "sha1", "sha256" or "md5" default is sha1
167-
SESSION_ID_HASHFUNC = sha1
168-
; Session hash key, default is use random string
169-
SESSION_ID_HASHKEY =
170166

171167
[picture]
172168
; The place to picture data, either "server" or "qiniu", default is "server"

Diff for: gogs.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ import (
1717
"github.com/gogits/gogs/modules/setting"
1818
)
1919

20-
const APP_VER = "0.5.6.1102 Beta"
20+
const APP_VER = "0.5.6.1104 Beta"
2121

2222
func init() {
2323
runtime.GOMAXPROCS(runtime.NumCPU())

Diff for: models/repo.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -1161,7 +1161,7 @@ func SearchRepositoryByName(opt SearchOption) (repos []*Repository, err error) {
11611161
if !opt.Private {
11621162
sess.And("is_private=false")
11631163
}
1164-
sess.And("lower_name like '%" + opt.Keyword + "%'").Find(&repos)
1164+
sess.And("lower_name like ?", "%"+opt.Keyword+"%").Find(&repos)
11651165
return repos, err
11661166
}
11671167

Diff for: models/user.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -581,7 +581,7 @@ func SearchUserByName(opt SearchOption) (us []*User, err error) {
581581
opt.Keyword = strings.ToLower(opt.Keyword)
582582

583583
us = make([]*User, 0, opt.Limit)
584-
err = x.Limit(opt.Limit).Where("type=0").And("lower_name like '%" + opt.Keyword + "%'").Find(&us)
584+
err = x.Limit(opt.Limit).Where("type=0").And("lower_name like ?", "%"+opt.Keyword+"%").Find(&us)
585585
return us, err
586586
}
587587

Diff for: modules/setting/setting.go

-3
Original file line numberDiff line numberDiff line change
@@ -394,9 +394,6 @@ func newSessionService() {
394394
SessionConfig.EnableSetCookie = Cfg.MustBool("session", "ENABLE_SET_COOKIE", true)
395395
SessionConfig.Gclifetime = Cfg.MustInt64("session", "GC_INTERVAL_TIME", 86400)
396396
SessionConfig.Maxlifetime = Cfg.MustInt64("session", "SESSION_LIFE_TIME", 86400)
397-
SessionConfig.SessionIDHashFunc = Cfg.MustValueRange("session", "SESSION_ID_HASHFUNC",
398-
"sha1", []string{"sha1", "sha256", "md5"})
399-
SessionConfig.SessionIDHashKey = Cfg.MustValue("session", "SESSION_ID_HASHKEY", string(com.RandomCreateBytes(16)))
400397

401398
if SessionProvider == "file" {
402399
os.MkdirAll(path.Dir(SessionConfig.ProviderConfig), os.ModePerm)

Diff for: templates/.VERSION

+1-1
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
0.5.6.1102 Beta
1+
0.5.6.1104 Beta

0 commit comments

Comments
 (0)