diff options
author | mattpiwik <matthieu.aubry@gmail.com> | 2013-01-18 06:05:48 +0400 |
---|---|---|
committer | mattpiwik <matthieu.aubry@gmail.com> | 2013-01-18 06:05:48 +0400 |
commit | b7562e440ac86ce753fc18112b384b3a7cd489de (patch) | |
tree | 63d9ef1eba97b8b25f15388deac7e537b2a8b6da /core/CacheFile.php | |
parent | 3c632e700d3605c5c7f78b9ec2dbeea04a97d575 (diff) |
do not delegate cleanup to callers but enforce it here as well, thanks MartÃn for suggestion
git-svn-id: http://dev.piwik.org/svn/trunk@7779 59fd770c-687e-43c8-a1e3-f5a4ff64c105
Diffstat (limited to 'core/CacheFile.php')
-rw-r--r-- | core/CacheFile.php | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/core/CacheFile.php b/core/CacheFile.php index 146e450e6e..2fc217844a 100644 --- a/core/CacheFile.php +++ b/core/CacheFile.php @@ -50,6 +50,8 @@ class Piwik_CacheFile if(empty($id)) { return false; } + $id = $this->cleanupId($id); + $cache_complete = false; $content = ''; @@ -63,6 +65,14 @@ class Piwik_CacheFile return false; } + protected function cleanupId($id) + { + if(!Piwik_Common::isValidFilename($id)) { + throw new Exception("Invalid cache ID request $id"); + } + return $id; + } + /** * A function to store content a cache entry. * @@ -82,6 +92,7 @@ class Piwik_CacheFile if (!is_writable($this->cachePath)) { return false; } + $id = $this->cleanupId($id); $id = $this->cachePath . $id . '.php'; @@ -123,6 +134,8 @@ class Piwik_CacheFile if(empty($id)) { return false; } + $id = $this->cleanupId($id); + $filename = $this->cachePath . $id . '.php'; if (file_exists($filename)) { @unlink ($filename); |