diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2003-04-24 18:40:57 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2003-04-24 18:40:57 +0000 |
| commit | 51b0a56996b6e9f7aa4700dd6cc13c41e5bf7abb (patch) | |
| tree | d0af627e95bdd45a8a277065371fbe3086d8fc6e | |
| parent | 42ee5e7a54edb3f25d035da187637eb3ba52db1e (diff) | |
| download | forums-51b0a56996b6e9f7aa4700dd6cc13c41e5bf7abb.tar forums-51b0a56996b6e9f7aa4700dd6cc13c41e5bf7abb.tar.gz forums-51b0a56996b6e9f7aa4700dd6cc13c41e5bf7abb.tar.bz2 forums-51b0a56996b6e9f7aa4700dd6cc13c41e5bf7abb.tar.xz forums-51b0a56996b6e9f7aa4700dd6cc13c41e5bf7abb.zip | |
For the time being I want this to stay as addslashes for some cross-db compatibility testing ...
git-svn-id: file:///svn/phpbb/trunk@3950 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/includes/session.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index b000a70d07..15e069f345 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -36,7 +36,7 @@ class session $current_time = time(); $this->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? $_SERVER['HTTP_USER_AGENT'] : $_ENV['HTTP_USER_AGENT']; $this->page = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : $_ENV['REQUEST_URI']; - $this->page = preg_replace('#^.*?/?([a-z]+?)\.' . $phpEx . '\?sid=.*?(&.*)?$#', '\1\2', $this->page); + $this->page = preg_replace('#^.*?/?([a-z]+)\.' . $phpEx . '\?sid=.*?(&.*)?$#', '\1\2', $this->page); if (isset($_COOKIE[$config['cookie_name'] . '_sid']) || isset($_COOKIE[$config['cookie_name'] . '_data'])) { @@ -106,7 +106,7 @@ class session if (($current_time - $this->data['session_time'] > 60 || $this->data['session_page'] != $this->page) && $update) { $sql = "UPDATE " . SESSIONS_TABLE . " - SET session_time = $current_time, session_page = '$this->page' + SET session_time = $current_time, session_page = '" . $db->sql_escape($this->page) . "' WHERE session_id = '" . $this->session_id . "'"; $db->sql_query($sql); } @@ -726,7 +726,7 @@ class auth unset($local_hold); $sql = "UPDATE " . USERS_TABLE . " - SET user_permissions = '" . $db->sql_escape($userdata['user_permissions']) . "' + SET user_permissions = '" . addslashes($userdata['user_permissions']) . "' WHERE user_id = " . $userdata['user_id']; $db->sql_query($sql); } |