From 72a904c5007dae6cee52ce88241fbe4358e27878 Mon Sep 17 00:00:00 2001
From: Meik Sievertsen <acydburn@phpbb.com>
Date: Mon, 20 Aug 2007 15:07:18 +0000
Subject: [PATCH] fix for bug #14165... hopefully

git-svn-id: file:///svn/phpbb/trunk@8057 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/includes/functions.php        | 8 +++++---
 phpBB/includes/ucp/ucp_register.php | 8 +++++---
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index c00406512b..d9f8256483 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -2293,8 +2293,10 @@ function login_forum_box($forum_data)
 	if ($password)
 	{
 		// Remove expired authorised sessions
-		$sql = 'SELECT session_id
-			FROM ' . SESSIONS_TABLE;
+		$sql = 'SELECT f.session_id
+			FROM ' . FORUMS_ACCESS_TABLE . ' f
+			LEFT JOIN ' . SESSIONS_TABLE . ' s ON (f.session_id = s.session_id)
+			WHERE s.session_id IS NULL';
 		$result = $db->sql_query($sql);
 
 		if ($row = $db->sql_fetchrow($result))
@@ -2308,7 +2310,7 @@ function login_forum_box($forum_data)
 
 			// Remove expired sessions
 			$sql = 'DELETE FROM ' . FORUMS_ACCESS_TABLE . '
-				WHERE ' . $db->sql_in_set('session_id', $sql_in, true);
+				WHERE ' . $db->sql_in_set('session_id', $sql_in);
 			$db->sql_query($sql);
 		}
 		$db->sql_freeresult($result);
diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php
index b62ee04318..2e22cf5519 100644
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@@ -427,8 +427,10 @@ class ucp_register
 			$str = '';
 			if (!$change_lang)
 			{
-				$sql = 'SELECT session_id
-					FROM ' . SESSIONS_TABLE;
+				$sql = 'SELECT c.session_id
+					FROM ' . CONFIRM_TABLE . ' c
+					LEFT JOIN ' . SESSIONS_TABLE . ' s ON (c.session_id = s.session_id)
+					WHERE s.session_id IS NULL';
 				$result = $db->sql_query($sql);
 
 				if ($row = $db->sql_fetchrow($result))
@@ -443,7 +445,7 @@ class ucp_register
 					if (sizeof($sql_in))
 					{
 						$sql = 'DELETE FROM ' . CONFIRM_TABLE . '
-							WHERE ' . $db->sql_in_set('session_id', $sql_in, true) . '
+							WHERE ' . $db->sql_in_set('session_id', $sql_in) . '
 								AND confirm_type = ' . CONFIRM_REG;
 						$db->sql_query($sql);
 					}