aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/phpbb/session.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/phpbb/session.php')
-rw-r--r--phpBB/phpbb/session.php25
1 files changed, 19 insertions, 6 deletions
diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php
index 30b364821d..477e91efd6 100644
--- a/phpBB/phpbb/session.php
+++ b/phpBB/phpbb/session.php
@@ -441,12 +441,13 @@ class session
if (!$session_expired)
{
- // Only update session DB a minute or so after last update or if page changes and is not ajax request
- if (($this->time_now - $this->data['session_time'] > 60 || ($this->update_session_page && $this->data['session_page'] != $this->page['page'])) && !$request->is_ajax())
+ // Only update session DB a minute or so after last update or if page changes
+ if ($this->time_now - $this->data['session_time'] > 60 || ($this->update_session_page && $this->data['session_page'] != $this->page['page']))
{
$sql_ary = array('session_time' => $this->time_now);
- if ($this->update_session_page)
+ // Do not update the session page for ajax requests, so the view online still works as intended
+ if ($this->update_session_page && !$request->is_ajax())
{
$sql_ary['session_page'] = substr($this->page['page'], 0, 199);
$sql_ary['session_forum_id'] = $this->page['forum'];
@@ -580,6 +581,11 @@ class session
$provider = $provider_collection->get_provider();
$this->data = $provider->autologin();
+ if ($user_id !== false && sizeof($this->data) && $this->data['user_id'] != $user_id)
+ {
+ $this->data = array();
+ }
+
if (sizeof($this->data))
{
$this->cookie_data['k'] = '';
@@ -597,11 +603,18 @@ class session
AND k.user_id = u.user_id
AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'";
$result = $db->sql_query($sql);
- $this->data = $db->sql_fetchrow($result);
+ $user_data = $db->sql_fetchrow($result);
+
+ if ($user_id === false || (isset($user_data['user_id']) && $user_id == $user_data['user_id']))
+ {
+ $this->data = $user_data;
+ $bot = false;
+ }
+
$db->sql_freeresult($result);
- $bot = false;
}
- else if ($user_id !== false && !sizeof($this->data))
+
+ if ($user_id !== false && !sizeof($this->data))
{
$this->cookie_data['k'] = '';
$this->cookie_data['u'] = $user_id;
generated by cgit v1.2.1 (git 2.21.0) at 2025-08-21 23:23:34 +0000