makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-27 04:18:55 +00:00
Code Issues Projects Releases Packages Wiki Activity

Session now destroys userdata if autologin fails or isnt activated

Browse source 
git-svn-id: file:///svn/phpbb/trunk@756 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2001-07-28 00:38:27 +00:00
parent 0e9313a55c
commit 6697141b5f
1 changed files with 28 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
phpBB/includes/sessions.php
View file

@ -78,6 +78,19 @@ function session_begin($user_id, $user_ip, $page_id, $session_length, $login = 0
} }
else else
{ {
/*
$sql = "SELECT COUNT(*)
FROM " . SESSIONS_TABLE . "
WHERE session_ip = '$user_ip'";
if($result = $db->sql_query($sql))
{
if( $db->sql_numrows($result) > $board_config['session_max'] )
{
message_die(CRITICAL_MESSAGE, "Sorry but " . $board_config['sessions_max'] ." live sessions already exist for your IP. If you are browsing this site using multiple windows you should close one and visit later. If you are browsing from a single window or if this problem persists please contact the board administrator");
}
}
*/
if($user_id == ANONYMOUS) if($user_id == ANONYMOUS)
{ {
$login = 0; $login = 0;
@ -134,7 +147,7 @@ function session_begin($user_id, $user_ip, $page_id, $session_length, $login = 0
$serialised_cookiedata = serialize($sessiondata); $serialised_cookiedata = serialize($sessiondata);
setcookie($cookiename, $serialised_cookiedata, ($current_time + 31536000), $cookiepath, $cookiedomain, $cookiesecure); setcookie($cookiename, $serialised_cookiedata, ($current_time + 31536000), $cookiepath, $cookiedomain, $cookiesecure);
// The session cookie may well change to last just this session soon ... // The session cookie may well change to last just this session soon ...
setcookie($cookiename . '_sid', $session_id, ($current_time + 31536000), $cookiepath, $cookiedomain, $cookiesecure); setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
$SID = ($sessionmethod == SESSION_METHOD_GET) ? "sid=" . $session_id : ""; $SID = ($sessionmethod == SESSION_METHOD_GET) ? "sid=" . $session_id : "";
} }
@ -213,6 +226,10 @@ function session_pagestart($user_ip, $thispage_id, $session_length)
{ {
$SID = ($sessionmethod == SESSION_METHOD_GET) ? "sid=" . $session_id : ""; $SID = ($sessionmethod == SESSION_METHOD_GET) ? "sid=" . $session_id : "";
$sessiondata['sessiontime'] = $current_time;
$serialised_cookiedata = serialize($sessiondata);
setcookie($cookiename, $serialised_cookiedata, ($current_time + 31536000), $cookiepath, $cookiedomain, $cookiesecure);
// //
// Only update session DB a minute or so after last update // Only update session DB a minute or so after last update
// //
@ -230,20 +247,10 @@ function session_pagestart($user_ip, $thispage_id, $session_length)
} }
else else
{ {
//
// Update was success, send current time to cookie
// and return userdata
//
$userdata['session_time'] = $current_time; $userdata['session_time'] = $current_time;
$sessiondata['sessiontime'] = $current_time;
$serialised_cookiedata = serialize($sessiondata);
setcookie($cookiename, $serialised_cookiedata, ($current_time + 31536000), $cookiepath, $cookiedomain, $cookiesecure);
return $userdata; return $userdata;
} }
} }
// //
// We didn't need to update session // We didn't need to update session
@ -283,16 +290,23 @@ function session_pagestart($user_ip, $thispage_id, $session_length)
// //
$login = 1; $login = 1;
$autologin = 1; $autologin = 1;
$user_id = $sessiondata['userid'];
}
else
{
unset($userdata);
$user_id = ANONYMOUS;
} }
$user_id = $sessiondata['userid'];
} }
else else
{ {
unset($userdata);
$user_id = ANONYMOUS; $user_id = ANONYMOUS;
} }
} }
else else
{ {
unset($userdata);
$user_id = ANONYMOUS; $user_id = ANONYMOUS;
} }
@ -379,7 +393,7 @@ function session_end($session_id, $user_id)
$serialised_cookiedata = serialize($sessiondata); $serialised_cookiedata = serialize($sessiondata);
setcookie($cookiename, $serialised_cookiedata, ($current_time + 31536000), $cookiepath, $cookiedomain, $cookiesecure); setcookie($cookiename, $serialised_cookiedata, ($current_time + 31536000), $cookiepath, $cookiedomain, $cookiesecure);
// The session cookie may well change to last just this session soon ... // The session cookie may well change to last just this session soon ...
setcookie($cookiename . '_sid', $session_id, ($current_time + 31536000), $cookiepath, $cookiedomain, $cookiesecure); setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
$SID = ($sessionmethod == SESSION_METHOD_GET) ? "sid=" . $session_id : ""; $SID = ($sessionmethod == SESSION_METHOD_GET) ? "sid=" . $session_id : "";