diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php index c5f7789de8..bffe993bc7 100644 --- a/phpBB/includes/acp/acp_prune.php +++ b/phpBB/includes/acp/acp_prune.php @@ -327,7 +327,7 @@ class acp_prune 'USERNAME' => $usernames[$user_id], 'USER_ID' => $user_id, 'U_PROFILE' => get_username_string('profile', $user_id, $usernames[$user_id]), - 'U_USER_ADMIN' => ($auth->acl_get('a_user')) ? append_sid("{$phpbb_admin_path}index.$phpEx", 'i=users&mode=overview&u=' . $user_id, true, $user->session_id) : '', + 'U_USER_ADMIN' => ($auth->acl_get('a_user')) ? append_sid("{$phpbb_admin_path}index.$phpEx", 'i=users&mode=overview&u=' . $user_id) : '', )); } diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 80237fa901..9b303e4647 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3716,7 +3716,7 @@ function page_header($page_title = '', $display_online_list = false, $item_id = // Generate logged in/logged out status if ($user->data['user_id'] != ANONYMOUS) { - $u_login_logout = append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=logout', true, $user->session_id); + $u_login_logout = append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=logout'); $l_login_logout = $user->lang['LOGOUT']; } else diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index 7cb4c85916..8fe4c30179 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -542,7 +542,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $message_parser->message = ($action == 'reply') ? '' : $message_text; unset($message_text); - $s_action = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=$mode&action=$action", true, $user->session_id); + $s_action = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=$mode&action=$action"); $s_action .= (($folder_id) ? "&f=$folder_id" : '') . (($msg_id) ? "&p=$msg_id" : ''); // Delete triggered ? diff --git a/phpBB/phpbb/controller/helper.php b/phpBB/phpbb/controller/helper.php index 3262e6bbc4..e163894b4d 100644 --- a/phpBB/phpbb/controller/helper.php +++ b/phpBB/phpbb/controller/helper.php @@ -307,7 +307,7 @@ class helper 'TRANSLATION_INFO' => $this->language->is_set('TRANSLATION_INFO') ? $this->language->lang('TRANSLATION_INFO') : '', 'CREDIT_LINE' => $this->language->lang('POWERED_BY', 'phpBB® Forum Software © phpBB Limited'), - 'U_ACP' => ($this->auth->acl_get('a_') && !empty($this->user->data['is_registered'])) ? append_sid("{$this->admin_path}index.{$this->php_ext}", false, true, $this->user->session_id) : '', + 'U_ACP' => ($this->auth->acl_get('a_') && !empty($this->user->data['is_registered'])) ? append_sid("{$this->admin_path}index.{$this->php_ext}") : '', ]); if ($run_cron) diff --git a/phpBB/phpbb/log/log.php b/phpBB/phpbb/log/log.php index 6142246477..988fa6f705 100644 --- a/phpBB/phpbb/log/log.php +++ b/phpBB/phpbb/log/log.php @@ -748,7 +748,7 @@ class log implements \phpbb\log\log_interface { $log[$key]['viewtopic'] = (isset($topic_auth['f_read'][$row['topic_id']])) ? append_sid("{$this->phpbb_root_path}viewtopic.{$this->php_ext}", 'f=' . $topic_auth['f_read'][$row['topic_id']] . '&t=' . $row['topic_id']) : false; $log[$key]['viewpost'] = (isset($topic_auth['f_read'][$row['topic_id']]) && $row['post_id']) ? append_sid("{$this->phpbb_root_path}viewtopic.{$this->php_ext}", 'f=' . $topic_auth['f_read'][$row['topic_id']] . '&t=' . $row['topic_id'] . '&p=' . $row['post_id'] . '#p' . $row['post_id']) : false; - $log[$key]['viewlogs'] = (isset($topic_auth['m_'][$row['topic_id']])) ? append_sid("{$this->phpbb_root_path}mcp.{$this->php_ext}", 'i=logs&mode=topic_logs&t=' . $row['topic_id'], true, $this->user->session_id) : false; + $log[$key]['viewlogs'] = (isset($topic_auth['m_'][$row['topic_id']])) ? append_sid("{$this->phpbb_root_path}mcp.{$this->php_ext}", 'i=logs&mode=topic_logs&t=' . $row['topic_id']) : false; } } diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php index 4c911da894..fb93539b7d 100644 --- a/phpBB/phpbb/session.php +++ b/phpBB/phpbb/session.php @@ -272,8 +272,8 @@ class session $this->cookie_data['k'] = $request->variable($config['cookie_name'] . '_k', '', false, \phpbb\request\request_interface::COOKIE); $this->session_id = $request->variable($config['cookie_name'] . '_sid', '', false, \phpbb\request\request_interface::COOKIE); - $SID = (defined('NEED_SID')) ? '?sid=' . $this->session_id : '?sid='; - $_SID = (defined('NEED_SID')) ? $this->session_id : ''; + $SID = '?sid='; + $_SID = ''; if (empty($this->session_id)) { @@ -343,14 +343,6 @@ class session } } - // if no session id is set, redirect to index.php - $session_id = $request->variable('sid', ''); - if (defined('NEED_SID') && (empty($session_id) || $this->session_id !== $session_id)) - { - send_status_line(401, 'Unauthorized'); - redirect(append_sid("{$phpbb_root_path}index.$phpEx")); - } - // if session id is set if (!empty($this->session_id)) { diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index fe5190f4b6..3bb07da9df 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -645,9 +645,7 @@ $s_quickmod_action = append_sid( 'start' => $start, 'quickmod' => 1, 'redirect' => urlencode(str_replace('&', '&', $viewtopic_url)), - ), - true, - $user->session_id + ) ); $quickmod_array = array(