Fixed highly critical security issue on cookie driver

PHPSocialNetwork · Jan 24, 2017 · 82a84ad · 82a84ad
1 parent 7ddf1bb
commit 82a84ad
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/src/phpFastCache/Drivers/cookie.php b/src/phpFastCache/Drivers/cookie.php
@@ -72,7 +72,7 @@ public function driver_set($keyword, $value = '', $time = 300, $option = array()
     {
         $this->connectServer();
         $keyword = 'phpFastCache_' . $keyword;
-        $v = $this->encode($value);
+        $v = json_encode($value);
         if(isset($this->config['limited_memory_each_object'])
             && strlen($v) > $this->config['limited_memory_each_object']) {
             return false;
@@ -92,7 +92,7 @@ public function driver_get($keyword, $option = array())
         // return null if no caching
         // return value if in caching
         $keyword = 'phpFastCache_' . $keyword;
-        $x = isset($_COOKIE[ $keyword ]) ? $this->decode($_COOKIE[ $keyword ]) : false;
+        $x = isset($_COOKIE[ $keyword ]) ? json_decode($_COOKIE[ $keyword ]) : false;
         if ($x == false) {
             return null;
         } else {