diff options
author | Yorhel <git@yorhel.nl> | 2009-07-31 12:50:31 +0200 |
---|---|---|
committer | Yorhel <git@yorhel.nl> | 2009-07-31 12:50:31 +0200 |
commit | af5293b8d33f4948ee5c9bcc2c4df38e611c88c6 (patch) | |
tree | 7f530f9df07bbfb893c74e406f127237b89b316b /lib/VNDB/DB/Users.pm | |
parent | 5e9e6a78d3b7ffd177d91dba6602946dbd9a4c09 (diff) |
Use bytea data type to store session tokens
To be consistent with users.passwd - hashes are stored in binary. All
conversion from/to hex is done in the DB layer.
Diffstat (limited to 'lib/VNDB/DB/Users.pm')
-rw-r--r-- | lib/VNDB/DB/Users.pm | 18 |
1 files changed, 8 insertions, 10 deletions
diff --git a/lib/VNDB/DB/Users.pm b/lib/VNDB/DB/Users.pm index ae46b896..a0e204e8 100644 --- a/lib/VNDB/DB/Users.pm +++ b/lib/VNDB/DB/Users.pm @@ -117,10 +117,10 @@ sub dbUserDel { sub dbSessionAdd { my($s, @o) = @_; if (defined $o[2]) { - $s->dbExec(q|INSERT INTO sessions (uid, token, expiration) VALUES(?, ?, ?)|, + $s->dbExec(q|INSERT INTO sessions (uid, token, expiration) VALUES(?, decode(?, 'hex'), ?)|, @o); } else { - $s->dbExec(q|INSERT INTO sessions (uid, token) VALUES(?, ?)|, + $s->dbExec(q|INSERT INTO sessions (uid, token) VALUES(?, decode(?, 'hex'))|, @o); } } @@ -131,13 +131,9 @@ sub dbSessionAdd { # uid, token (optional) sub dbSessionDel { my($s, @o) = @_; - if (defined $o[1]) { - $s->dbExec(q|DELETE FROM sessions WHERE uid = ? AND token = ?|, - @o[0..1]); - } else { - $s->dbExec(q|DELETE FROM sessions WHERE uid = ?|, - $o[0]); - } + my %where = ('uid = ?' => $o[0]); + $where{"token = decode(?, 'hex')"} = $o[1] if $o[1]; + $s->dbExec('DELETE FROM sessions !W', \%where); } @@ -146,7 +142,9 @@ sub dbSessionDel { # uid, token sub dbSessionCheck { my($s, @o) = @_; - return $s->dbRow(q|SELECT count(uid) AS count FROM sessions WHERE uid = ? AND token = ? LIMIT 1|, @o)->{count}||0; + return $s->dbRow( + q|SELECT count(uid) AS count FROM sessions WHERE uid = ? AND token = decode(?, 'hex') LIMIT 1|, @o + )->{count}||0; } |