makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 22:28:51 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'develop-ascraeus' into develop

Browse source 
* develop-ascraeus:
  [ticket/13138] Do not use cookie data and autologin while forcing a user_id
This commit is contained in:
Nils Adermann 2014-10-20 14:53:52 -04:00
commit ee97b92e5d
1 changed files with 29 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
phpBB/phpbb/session.php
View file

@ -577,6 +577,22 @@ class session
} }
} }
if ($user_id !== false && !sizeof($this->data))
{
$this->cookie_data['k'] = '';
$this->cookie_data['u'] = $user_id;
$sql = 'SELECT *
FROM ' . USERS_TABLE . '
WHERE user_id = ' . (int) $this->cookie_data['u'] . '
AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')';
$result = $db->sql_query($sql);
$this->data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$bot = false;
}
else if (!$bot)
{
$provider_collection = $phpbb_container->get('auth.provider_collection'); $provider_collection = $phpbb_container->get('auth.provider_collection');
$provider = $provider_collection->get_provider(); $provider = $provider_collection->get_provider();
$this->data = $provider->autologin(); $this->data = $provider->autologin();
@ -602,19 +618,6 @@ class session
$db->sql_freeresult($result); $db->sql_freeresult($result);
$bot = false; $bot = false;
} }
else if ($user_id !== false && !sizeof($this->data))
{
$this->cookie_data['k'] = '';
$this->cookie_data['u'] = $user_id;
$sql = 'SELECT *
FROM ' . USERS_TABLE . '
WHERE user_id = ' . (int) $this->cookie_data['u'] . '
AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')';
$result = $db->sql_query($sql);
$this->data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$bot = false;
} }
// Bot user, if they have a SID in the Request URI we need to get rid of it // Bot user, if they have a SID in the Request URI we need to get rid of it