Skip to content
Permalink
Browse files

修正sessionid检查的一处隐患

  • Loading branch information
yunwuxin committed Jan 10, 2020
1 parent a30ecc0 commit 1bbe75019ce6c8e0101a6ef73706217e406439f2
Showing with 1 addition and 1 deletion.
  1. +1 −1 src/think/session/Store.php
@@ -118,7 +118,7 @@ public function getName(): string
*/
public function setId($id = null): void
{
$this->id = is_string($id) && strlen($id) === 32 ? $id : md5(microtime(true) . session_create_id());
$this->id = is_string($id) && strlen($id) === 32 && ctype_alnum($id) ? $id : md5(microtime(true) . session_create_id());
}

/**

0 comments on commit 1bbe750

Please sign in to comment.
You can’t perform that action at this time.