diff options
author | Joas Schilling <nickvergessen@gmx.de> | 2015-02-27 22:43:32 +0100 |
---|---|---|
committer | Joas Schilling <nickvergessen@gmx.de> | 2015-02-27 22:43:32 +0100 |
commit | 62973faf4b4834715b510cee65796048820ff6eb (patch) | |
tree | 84711eb0b2df052248a553cbcacd611acc319258 | |
parent | 3db7ac0aadccc2e3d47f6cffaa0cc7925b167c58 (diff) | |
parent | 6f3f6282d192704854ae00a1aa1c0daaa68a307d (diff) | |
download | forums-62973faf4b4834715b510cee65796048820ff6eb.tar forums-62973faf4b4834715b510cee65796048820ff6eb.tar.gz forums-62973faf4b4834715b510cee65796048820ff6eb.tar.bz2 forums-62973faf4b4834715b510cee65796048820ff6eb.tar.xz forums-62973faf4b4834715b510cee65796048820ff6eb.zip |
Merge pull request #3443 from naderman/ticket/13617
[ticket/13617] Enforce column size limit for session_forum_id
-rw-r--r-- | phpBB/includes/session.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 8b93ab762d..04b15b17d3 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -121,6 +121,8 @@ class session $script_path .= (substr($script_path, -1, 1) == '/') ? '' : '/'; $root_script_path .= (substr($root_script_path, -1, 1) == '/') ? '' : '/'; + $forum_id = (isset($_REQUEST['f']) && $_REQUEST['f'] > 0 && $_REQUEST['f'] < 16777215) ? (int) $_REQUEST['f'] : 0; + $page_array += array( 'page_name' => $page_name, 'page_dir' => $page_dir, @@ -130,7 +132,7 @@ class session 'root_script_path' => str_replace(' ', '%20', htmlspecialchars($root_script_path)), 'page' => $page, - 'forum' => (isset($_REQUEST['f']) && $_REQUEST['f'] > 0) ? (int) $_REQUEST['f'] : 0, + 'forum' => $forum_id, ); return $page_array; |