fixed a bug that i created earlier today

added burst protection to page layouts to prevent slashdotting
2006-04-07 08:12:16 +00:00 · 2006-04-07 08:12:16 +00:00 · d272e7de58
commit d272e7de58
parent fcbdb06af8
5 changed files with 37 additions and 6 deletions
--- a/lib/WebGUI/Asset/Wobject/Layout.pm
+++ b/lib/WebGUI/Asset/Wobject/Layout.pm
@ -17,6 +17,7 @@ package WebGUI::Asset::Wobject::Layout;
 use strict;
 use WebGUI::Asset::Wobject;
 use WebGUI::Utility;
+use WebGUI::Cache;

 our @ISA = qw(WebGUI::Asset::Wobject);

@ -264,6 +265,34 @@ sub www_setContentPositions {
 #-------------------------------------------------------------------
 sub www_view {
 	my $self = shift;
+	# slashdot / burst protection
+	if ($self->session->var->get("userId") eq "1" && $self->session->form->param("func") eq "" && $self->session->form->param("op") eq "") { 
+		unless ($self->canView) {
+			if ($self->get("state") eq "published") { # no privileges, make em log in
+				return $self->session->privilege->noAccess();
+			} elsif ($self->session->var->get("adminOn") && $self->get("state") =~ /^trash/) { # show em trash
+				$self->session->http->setRedirect($self->getUrl("func=manageTrash"));
+				return undef;
+			} elsif ($self->session->var->get("adminOn") && $self->get("state") =~ /^clipboard/) { # show em clipboard
+				$self->session->http->setRedirect($self->getUrl("func=manageClipboard"));
+				return undef;
+			} else { # tell em it doesn't exist anymore
+				$self->session->http->setStatus("410");
+				return WebGUI::Asset->getNotFound($self->session)->www_view;
+			}
+		}
+		$self->logView();
+		# must find a way to do this next line better
+		$self->session->http->setCookie("wgSession",$self->session->var->{_var}{sessionId}) unless $self->session->var->{_var}{sessionId} eq $self->session->http->getCookies->{"wgSession"};
+		my $cache = WebGUI::Cache->new($self->session, "view_".$self->getId);
+		my $out = $cache->get if defined $cache;
+		unless ($out) {
+			$self->prepareView;
+			$out = $self->processStyle($self->view);
+			$cache->set($out, 60);
+		}
+		return $out;	
+	}
 	$self->{_viewPrintOverride} = 1; # we do this to make it output each easset as it goes, rather than waiting until the end
 	return $self->SUPER::www_view;
 }
--- a/lib/WebGUI/Auth.pm
+++ b/lib/WebGUI/Auth.pm
@ -572,7 +572,7 @@ sub login {
   #Create a new user
   $uid = $self->userId;
   $u = WebGUI::User->new($self->session,$uid);
-   $self->session->var->start($uid,$self->session->getId);
+   	$self->session->user({user=>$u});
   $u->karma($self->session->setting->get("karmaPerLogin"),"Login","Just for logging in.") if ($self->session->setting->get("useKarma"));
   $self->_logLogin($uid,"success");
   if ($self->session->scratch->get("redirectAfterLogin")) {
--- a/lib/WebGUI/Macro/L_loginBox.pm
+++ b/lib/WebGUI/Macro/L_loginBox.pm
@ -66,7 +66,7 @@ sub process {
 	my $templateId = $param[2] || "PBtmpl0000000000000044";
 	my %var;	
 	my $i18n = WebGUI::International->new($session,'Macro_L_loginBox');
-        $var{'user.isVisitor'} = ($session->user->userId eq "1");
+        $var{'user.isVisitor'} = ($session->var->get("userId") eq "1");
 	$var{'customText'} = $param[1];
 	$var{'customText'} =~ s/%(.*?)%/_createURL($session,$1)/ge;
 	$var{'hello.label'} = $i18n->get(48);
--- a/lib/WebGUI/Session.pm
+++ b/lib/WebGUI/Session.pm
@ -561,13 +561,13 @@ sub user {
 	my $option = shift;
 	if (defined $option) {
 		my $userId = $option->{userId} || $option->{user}->userId; 
+   		$self->var->start($userId,$self->getId);
 		if ($self->setting->get("passiveProfilingEnabled")) {
-			$self->db->write("update passiveProfileLog set userId = ".$self->db->quote($userId)." where sessionId = ".$self->db->quote($self->getId));
+			$self->db->write("update passiveProfileLog set userId = ? where sessionId = ?",[$userId,$self->getId]);
 		}	
 		delete $self->{_stow};
 		$self->{_user} = $option->{user} || WebGUI::User->new($self, $userId);
 		$self->request->user($self->{_user}->username) if ($self->request);
-   		$self->var->start($self->{_user}->userId,$self->getId);
 	} elsif (!exists $self->{_user}) {
 		$self->{_user} = WebGUI::User->new($self, $self->var->get('userId'));
 	}
--- a/lib/WebGUI/Session/Var.pm
+++ b/lib/WebGUI/Session/Var.pm
@ -225,8 +225,10 @@ Session id will be generated if not specified. In almost every case you should l

 sub start {
 	my $self = shift;
-	my $userId = shift || 1;
-	my $sessionId = shift || $self->session->id->generate;
+	my $userId = shift;
+	$userId = 1 if ($userId eq "");
+	my $sessionId = shift;
+	$sessionId = $self->session->id->generate if ($sessionId eq "");
 	$self->{_var} = {
 		expires=>$self->session->datetime->time() + $self->session->setting->get("sessionTimeout"),
 		lastPageView=>$self->session->datetime->time(),