Download & Extend

Session [entered password] can be poisoned (remove heavy use of the $_SESSION variable)

Project:Protected node
Version:6.x-1.5
Component:Code
Category:bug report
Priority:normal
Assigned:AlexisWilke
Status:closed (fixed)

Issue Summary

If user protects a node and hits preview then leaves the page the module won't clean up completely after itself, because the entered_password session variable isn't cleared in this scenario.

Comments

#1

Version:5.x-1.2» 6.x-1.5

Wow, this is a pretty terrible problem. It could also happen in the situation where a piece of content is previewed or saved (or even when the "Delete" button is clicked) and then you later go and modify a *completely* different node through admin/content/node or Views Bulk Operations. You very well could accidentally changes passwords on a ton of nodes all at once.

The use of $_SESSION is completely unnecessary and should be removed entirely.

#2

It seems to work without the $_SESSION['_protected_node']['entered_password']

#3

Title:Session [entered password] can be poisoned» Session [entered password] can be poisoned (remove heavy use of the $_SESSION variable)

Making a note here, mainly. I'm not too sure I understand what you mean by "poisoned," but I'll look into how to remove all those $_SESSION. I think that the only one "necessary" is the one that representing a cookie so we know that a user entered the password. All the others are probably not necessary.

Thank you.
Alexis

#4

Assigned to:tolmi» AlexisWilke
Status:active» fixed

Alright, all $_SESSION's are gone except the one to mark that a password was entered (since we need to attach that to each specific user.)

Let me know if you like this version better.

Thank you.
Alexis Wilke

#5

Status:fixed» closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

nobody click here