diff options
| author | Nils Adermann <naderman@naderman.de> | 2015-02-25 16:20:50 +0100 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2015-02-25 16:20:50 +0100 |
| commit | 6f3f6282d192704854ae00a1aa1c0daaa68a307d (patch) | |
| tree | 3a6e385b270095a2f0cbf49a5adb553b2a08bd9a | |
| parent | 877774a296c2a61856c6f7012b588965d56073a9 (diff) | |
| download | forums-6f3f6282d192704854ae00a1aa1c0daaa68a307d.tar forums-6f3f6282d192704854ae00a1aa1c0daaa68a307d.tar.gz forums-6f3f6282d192704854ae00a1aa1c0daaa68a307d.tar.bz2 forums-6f3f6282d192704854ae00a1aa1c0daaa68a307d.tar.xz forums-6f3f6282d192704854ae00a1aa1c0daaa68a307d.zip | |
[ticket/13617] Enforce column size limit for session_forum_id
PHPBB3-13617
| -rw-r--r-- | phpBB/includes/session.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 8b93ab762d..04b15b17d3 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -121,6 +121,8 @@ class session $script_path .= (substr($script_path, -1, 1) == '/') ? '' : '/'; $root_script_path .= (substr($root_script_path, -1, 1) == '/') ? '' : '/'; + $forum_id = (isset($_REQUEST['f']) && $_REQUEST['f'] > 0 && $_REQUEST['f'] < 16777215) ? (int) $_REQUEST['f'] : 0; + $page_array += array( 'page_name' => $page_name, 'page_dir' => $page_dir, @@ -130,7 +132,7 @@ class session 'root_script_path' => str_replace(' ', '%20', htmlspecialchars($root_script_path)), 'page' => $page, - 'forum' => (isset($_REQUEST['f']) && $_REQUEST['f'] > 0) ? (int) $_REQUEST['f'] : 0, + 'forum' => $forum_id, ); return $page_array; |