makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-26 20:08:55 +00:00
Code Issues Projects Releases Packages Wiki Activity

Session code update to support temporary cookies only

Browse source 
git-svn-id: file:///svn/phpbb/trunk@1181 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2001-10-14 15:48:18 +00:00
parent cc36eb86c3
commit 3537319489
1 changed files with 16 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
phpBB/includes/sessions.php
View file

@ -37,10 +37,10 @@ function session_begin($user_id, $user_ip, $page_id, $session_length, $login = 0
$cookiedomain = $board_config['cookie_domain']; $cookiedomain = $board_config['cookie_domain'];
$cookiesecure = $board_config['cookie_secure']; $cookiesecure = $board_config['cookie_secure'];
if( isset($HTTP_COOKIE_VARS[$cookiename]) ) if( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) )
{ {
$sessiondata = unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename])); $sessiondata = isset($HTTP_COOKIE_VARS[$cookiename]) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename])) : "";
$session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : ""; $session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? stripslashes($HTTP_COOKIE_VARS[$cookiename . '_sid']) : "";
$sessionmethod = SESSION_METHOD_COOKIE; $sessionmethod = SESSION_METHOD_COOKIE;
} }
@ -176,15 +176,17 @@ function session_pagestart($user_ip, $thispage_id, $session_length)
$cookiedomain = $board_config['cookie_domain']; $cookiedomain = $board_config['cookie_domain'];
$cookiesecure = $board_config['cookie_secure']; $cookiesecure = $board_config['cookie_secure'];
if(isset($HTTP_COOKIE_VARS[$cookiename])) if( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) )
{ {
$sessiondata = unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename])); $sessiondata = isset( $HTTP_COOKIE_VARS[$cookiename] ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename])) : "";
$session_id = isset( $HTTP_COOKIE_VARS[$cookiename . '_sid'] ) ? stripslashes($HTTP_COOKIE_VARS[$cookiename . '_sid']) : ""; $session_id = isset( $HTTP_COOKIE_VARS[$cookiename . '_sid'] ) ? stripslashes($HTTP_COOKIE_VARS[$cookiename . '_sid']) : "";
$sessionmethod = SESSION_METHOD_COOKIE; $sessionmethod = SESSION_METHOD_COOKIE;
} }
else else
{ {
$session_id = (isset($HTTP_GET_VARS['sid'])) ? $HTTP_GET_VARS['sid'] : ""; $session_id = (isset($HTTP_GET_VARS['sid'])) ? $HTTP_GET_VARS['sid'] : "";
$sessionmethod = SESSION_METHOD_GET; $sessionmethod = SESSION_METHOD_GET;
} }
$current_time = time(); $current_time = time();
@ -213,7 +215,7 @@ function session_pagestart($user_ip, $thispage_id, $session_length)
// //
$sql = "SELECT u.*, s.* $sql = "SELECT u.*, s.*
FROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u FROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u
WHERE s.session_id = '" . addslashes($session_id) . "' WHERE s.session_id = '$session_id'
AND s.session_ip = '$user_ip' AND s.session_ip = '$user_ip'
AND u.user_id = s.session_user_id"; AND u.user_id = s.session_user_id";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
@ -355,9 +357,9 @@ function session_end($session_id, $user_id)
$cookiedomain = $board_config['cookie_domain']; $cookiedomain = $board_config['cookie_domain'];
$cookiesecure = $board_config['cookie_secure']; $cookiesecure = $board_config['cookie_secure'];
if(isset($HTTP_COOKIE_VARS[$cookiename])) if( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) )
{ {
$sessiondata = unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename])); $sessiondata = isset( $HTTP_COOKIE_VARS[$cookiename] ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename])) : "";
$session_id = isset( $HTTP_COOKIE_VARS[$cookiename . '_sid'] ) ? stripslashes($HTTP_COOKIE_VARS[$cookiename . '_sid']) : ""; $session_id = isset( $HTTP_COOKIE_VARS[$cookiename . '_sid'] ) ? stripslashes($HTTP_COOKIE_VARS[$cookiename . '_sid']) : "";
$sessionmethod = SESSION_METHOD_COOKIE; $sessionmethod = SESSION_METHOD_COOKIE;
@ -381,7 +383,7 @@ function session_end($session_id, $user_id)
message_die(CRITICAL_ERROR, "Couldn't delete user session : session_end", __LINE__, __FILE__, $sql); message_die(CRITICAL_ERROR, "Couldn't delete user session : session_end", __LINE__, __FILE__, $sql);
} }
if($sessiondata['autologinid']) if( isset($sessiondata['autologinid']) )
{ {
$sql = "UPDATE " . USERS_TABLE . " $sql = "UPDATE " . USERS_TABLE . "
SET user_autologin_key = '' SET user_autologin_key = ''