I have commited a new version into the CVS which should solve the
DeleteSession problem and also the GetSession problem you reported a few
days ago. It also includes the (slightly modified) patch for easier build on
debian you send. Maybe you can give it a try and see if it works for you.
(see http://perl.apache.org/embperl/CVS.pod.1.html#INTRO for cvs access)
I don't know from where the session tainting problem comes. You may try to
untaint the session_id in line 270 of Embperl/Session.pm by modifing it
from:
$self->{data}->{_session_id} = $self -> generate_id() if
(!$self->{data}->{_session_id}) ;
to
my $id = $self -> generate_id() if (!$self->{data}->{_session_id})
;
$id =~ /^(.*?)$/ ;
$self->{data}->{_session_id} = $1 ;
this should untaint the newly generated session id.
Let me know if it works
Gerald
-------------------------------------------------------------
Gerald Richter ecos electronic communication services gmbh
Internetconnect * Webserver/-design/-datenbanken * Consulting
Post: Tulpenstrasse 5 D-55276 Dienheim b. Mainz
E-Mail: [EMAIL PROTECTED] Voice: +49 6133 925151
WWW: http://www.ecos.de Fax: +49 6133 925152
-------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
