oopsie in gc

git-svn-id: file:///svn/phpbb/trunk@4769 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/includes/session.php

@@ -165,7 +165,7 @@ class session
 
 		// Garbage collection ... remove old sessions updating user information
 		// if necessary. It means (potentially) 11 queries but only infrequently
-		if ($current_time > $config['session_last_gc'] + $config['session_gc'] && defined('PHPBB_INSTALLED'))
+		if ($current_time > $config['session_last_gc'] + $config['session_gc'])
 		{
 			$this->gc($current_time);
 		}
@@ -365,11 +365,13 @@ class session
 				// last_visit field won't be updated, which I believe should be
 				// the normal behavior anyway
 				$db->sql_return_on_error(TRUE);
+
 				$sql = 'DELETE FROM ' . SESSIONS_TABLE . '
 					USING ' . SESSIONS_TABLE . ' s1, ' . SESSIONS_TABLE . ' s2
 					WHERE s1.session_user_id = s2.session_user_id
 						AND s1.session_time < s2.session_time';
 				$db->sql_query($sql);
+
 				$db->sql_return_on_error(FALSE);
 
 				// Update last visit time
@@ -387,6 +389,8 @@ class session
 				set_config('session_last_gc', $current_time);
 				break;
 
+			default:
+
 				// Get expired sessions, only most recent for each user
 				$sql = 'SELECT session_user_id, session_page, MAX(session_time) AS recent_time
 					FROM ' . SESSIONS_TABLE . '
@@ -429,6 +433,7 @@ class session
 					// called again to delete other sessions
 					set_config('session_last_gc', $current_time);
 				}
+				break;
 		}
 
 		return;
@@ -970,7 +975,7 @@ class auth
 	{
 		global $db;
 
-		$where_sql = ($user_id) ? ' WHERE user_id = ' . $user_id : '';
+		$where_sql = ($user_id) ? ' WHERE user_id ' . ((is_array($user_id)) ? ' IN (' . implode(', ', array_map('intval', $user_id)) . ')' : " = $user_id") : '';
 
 		$sql = 'UPDATE ' . USERS_TABLE . "
 			SET user_permissions = ''