Apache-AuthCAS
2 results

 view release on metacpan or  search on metacpan

Changes  view on Meta::CPAN 

Revision history for mod_perl module Apache::AuthCAS

Release 0.5
===========
Sun Mar 23 15:23:09 PDT 2008
	- fixed a security vulnerability where a tainted cookie could be sent
	  by a malicious user and it would be used in an SQL query without
	  protection against SQL injection.  All database calls have been updated
	  to use bind parameters to prevent this possibility.
	- patch to allow for DBs other than PostgreSQL

Release 0.4
===========
1.7  Tue Oct 12 17:33:24 PDT 2004
	- fixed a bug which made AuthCAS only initialize once.  This meant that
	  only one configuration could be used on any host properly.  Fixed to
	  allow single-configuration setups for speed with STATIC_INITIALIZATION
	  flag.  This "enhancement" sneaked into 0.3 without being logged below =P

lib/Apache/AuthCAS.pm  view on Meta::CPAN 

		$sth->execute($last_accessed, $uid, $pgtiou, $sid);
		my $rc = $sth->err;

		# if we have an error when updating the session
		if ($rc) {
			Apache->warn("$$: CAS: set_session_data(): error updating session sid='$sid'") unless ($LOG_LEVEL < $LOG_DEBUG);
			$sth->finish();
			$dbh->disconnect();
			return "";
		}
		Apache->warn("$$: CAS: set_session_data(): updated session sid='$sid': last_accessed='$last_accessed', uid='$uid', pgtiou='$pgtiou'") unless ($LOG_LEVEL < $LOG_DEBUG);
	} else {
		Apache->warn("$$: CAS: set_session_data(): creating new session sid='$sid' to update") unless ($LOG_LEVEL < $LOG_DEBUG);

		#print "DEBUG2: '$id', '$last_accessed', '$uid', '$pgtiou'\n";
		my $sth = $dbh->prepare("INSERT INTO $DB_SESSION_TABLE(id,last_accessed,uid,pgtiou) VALUES(?, ?, ?, ?);");
		$sth->execute($sid, $last_accessed, $uid, $pgtiou);
		my $rc = $sth->err;

		# if we have an error when updating the session
		if ($rc) {

lib/Apache/AuthCAS.pm  view on Meta::CPAN 

		my $rc = $sth->err;

		# if we have an error when updating the session
		if ($rc) {
			$sth->finish();
			$dbh->disconnect();
			return "";
		}
	}
	
	Apache->warn("$$: CAS: set_pgt(): updated '$count' pgtiou/pgt map") unless ($LOG_LEVEL < $LOG_DEBUG);

	$sth->finish();
	$dbh->disconnect();

	return 1;
}

# takes a pgtiou and returns a pgt
sub get_pgt($$) {
	my $self = shift;



( run in 0.260 second using v1.01-cache-2.11-cpan-05444aca049 )