aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/session.php
diff options
context:
space:
mode:
authorHenry Sudhof <kellanved@phpbb.com>2007-10-03 15:05:54 +0000
committerHenry Sudhof <kellanved@phpbb.com>2007-10-03 15:05:54 +0000
commit4defd8a8306fa8daa25427a37fb6db00bff390c7 (patch)
tree7914a43cdc9b2d2107e7baeb7061990664bdd841 /phpBB/includes/session.php
parent87e2e62c34da983258944db361d9a9b9785737e6 (diff)
downloadforums-4defd8a8306fa8daa25427a37fb6db00bff390c7.tar
forums-4defd8a8306fa8daa25427a37fb6db00bff390c7.tar.gz
forums-4defd8a8306fa8daa25427a37fb6db00bff390c7.tar.bz2
forums-4defd8a8306fa8daa25427a37fb6db00bff390c7.tar.xz
forums-4defd8a8306fa8daa25427a37fb6db00bff390c7.zip
Ok, here comes a big one. Poor updater. Also requires testing.
#i91 #i92 #i93 #i94 #i95 #i96 git-svn-id: file:///svn/phpbb/trunk@8120 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/session.php')
-rw-r--r--phpBB/includes/session.php18
1 files changed, 18 insertions, 0 deletions
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index cbb70e8601..b2399c74c5 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -641,6 +641,24 @@ class session
$this->set_cookie('sid', $this->session_id, $cookie_expire);
unset($cookie_expire);
+
+ $sql = 'SELECT COUNT(session_id) AS sessions
+ FROM ' . SESSIONS_TABLE . '
+ WHERE session_user_id = ' . (int) $this->data['user_id'] . '
+ AND session_time >= ' . ($this->time_now - $config['form_token_lifetime']);
+ $result = $db->sql_query($sql);
+ $row = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
+
+ if ((int) $row['sessions'] <= 1 || empty($this->data['user_form_salt']))
+ {
+ $this->data['user_form_salt'] = unique_id();
+ // Update the form key
+ $sql = 'UPDATE ' . USERS_TABLE . '
+ SET user_form_salt = \'' . $db->sql_escape($this->data['user_form_salt']) . '\'
+ WHERE user_id = ' . (int) $this->data['user_id'];
+ $db->sql_query($sql);
+ }
}
else
{
generated by cgit v1.2.1 (git 2.21.0) at 2025-08-10 11:07:42 +0000