mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-28 22:28:51 +00:00
More sid checks ... perhaps a bit OTT but better "safe" than sorry
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@3169 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
parent
7e6340e34d
commit
9f138d01f6
2 changed files with 23 additions and 12 deletions
|
|
@ -70,12 +70,12 @@ $template->set_filenames(array(
|
||||||
//
|
//
|
||||||
if ( $userdata['session_logged_in'] )
|
if ( $userdata['session_logged_in'] )
|
||||||
{
|
{
|
||||||
$u_login_logout = 'login.'.$phpEx.'?logout=true';
|
$u_login_logout = 'login.'.$phpEx.'?logout=true&sid=' . $userdata['session_id'];
|
||||||
$l_login_logout = $lang['Logout'] . ' [ ' . $userdata['username'] . ' ]';
|
$l_login_logout = $lang['Logout'] . ' [ ' . $userdata['username'] . ' ]';
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
$u_login_logout = 'login.'.$phpEx;
|
$u_login_logout = 'login.'.$phpEx . '&sid=' . $userdata['session_id'];
|
||||||
$l_login_logout = $lang['Login'];
|
$l_login_logout = $lang['Login'];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -40,13 +40,24 @@ init_userprefs($userdata);
|
||||||
// End session management
|
// End session management
|
||||||
//
|
//
|
||||||
|
|
||||||
|
// session id check
|
||||||
|
if (!empty($HTTP_POST_VARS['sid']) || !empty($HTTP_GET_VARS['sid']))
|
||||||
|
{
|
||||||
|
$sid = (!empty($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : $HTTP_GET_VARS['sid'];
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$sid = '';
|
||||||
|
}
|
||||||
|
|
||||||
if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) )
|
if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) )
|
||||||
{
|
{
|
||||||
//
|
// session id check
|
||||||
// This appears to work for IIS5 CGI under Win2K. Uses getenv
|
if ($sid == '' || $sid != $userdata['session_id'])
|
||||||
// since this doesn't exist for ISAPI mode and therefore the
|
{
|
||||||
// normal Location redirector is used in preference
|
message_die(ERROR, 'Invalid_session');
|
||||||
//
|
}
|
||||||
|
|
||||||
if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] )
|
if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] )
|
||||||
{
|
{
|
||||||
$username = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : '';
|
$username = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : '';
|
||||||
|
|
@ -90,10 +101,10 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
|
||||||
$redirect = str_replace("?", "&", $redirect);
|
$redirect = str_replace("?", "&", $redirect);
|
||||||
|
|
||||||
$template->assign_vars(array(
|
$template->assign_vars(array(
|
||||||
'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("login.$phpEx?redirect=$redirect") . '">')
|
'META' => '<meta http-equiv="refresh" content="3;url=' . "login.$phpEx?redirect=$redirect&sid=" . $userdata['session_id'] . '">')
|
||||||
);
|
);
|
||||||
|
|
||||||
$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], '<a href="' . append_sid("login.$phpEx?redirect=$redirect") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
|
$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], '<a href="' . "login.$phpEx?redirect=$redirect&sid=" . $userdata['session_id'] . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
|
||||||
|
|
||||||
message_die(GENERAL_MESSAGE, $message);
|
message_die(GENERAL_MESSAGE, $message);
|
||||||
}
|
}
|
||||||
|
|
@ -105,10 +116,10 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
|
||||||
$redirect = str_replace("?", "&", $redirect);
|
$redirect = str_replace("?", "&", $redirect);
|
||||||
|
|
||||||
$template->assign_vars(array(
|
$template->assign_vars(array(
|
||||||
'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("login.$phpEx?redirect=$redirect") . '">')
|
'META' => '<meta http-equiv="refresh" content="3;url=' . "login.$phpEx?redirect=$redirect&sid=" . $userdata['session_id'] . '">')
|
||||||
);
|
);
|
||||||
|
|
||||||
$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], '<a href="' . append_sid("login.$phpEx?redirect=$redirect") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
|
$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], '<a href="' . "login.$phpEx?redirect=$redirect&sid=" . $userdata['session_id'] . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
|
||||||
|
|
||||||
message_die(GENERAL_MESSAGE, $message);
|
message_die(GENERAL_MESSAGE, $message);
|
||||||
}
|
}
|
||||||
|
|
@ -190,7 +201,7 @@ else
|
||||||
|
|
||||||
$username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : '';
|
$username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : '';
|
||||||
|
|
||||||
$s_hidden_fields = '<input type="hidden" name="redirect" value="' . $forward_page . '" />';
|
$s_hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" /><input type="hidden" name="redirect" value="' . $forward_page . '" />';
|
||||||
|
|
||||||
make_jumpbox('viewforum.'.$phpEx, $forum_id);
|
make_jumpbox('viewforum.'.$phpEx, $forum_id);
|
||||||
$template->assign_vars(array(
|
$template->assign_vars(array(
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue