diff options
| author | Ludovic Arnaud <ludovic_arnaud@users.sourceforge.net> | 2002-10-17 02:50:50 +0000 |
|---|---|---|
| committer | Ludovic Arnaud <ludovic_arnaud@users.sourceforge.net> | 2002-10-17 02:50:50 +0000 |
| commit | 80864fa7ee6e1d7e76a1f490d186fb9a7f5b1162 (patch) | |
| tree | a01b78d812ef3a2931dd3ef8ea76ccddfa0a263b /phpBB/includes/session.php | |
| parent | fafd167dde6726df46cd3cd9523ec6ad8af22b13 (diff) | |
| download | forums-80864fa7ee6e1d7e76a1f490d186fb9a7f5b1162.tar forums-80864fa7ee6e1d7e76a1f490d186fb9a7f5b1162.tar.gz forums-80864fa7ee6e1d7e76a1f490d186fb9a7f5b1162.tar.bz2 forums-80864fa7ee6e1d7e76a1f490d186fb9a7f5b1162.tar.xz forums-80864fa7ee6e1d7e76a1f490d186fb9a7f5b1162.zip | |
Random bugfixes, (hopefully) improved admin panel security.
git-svn-id: file:///svn/phpbb/trunk@2954 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/session.php')
| -rw-r--r-- | phpBB/includes/session.php | 25 |
1 files changed, 14 insertions, 11 deletions
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 0712b4b902..9e8ea85e4c 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -40,7 +40,7 @@ class session { { $sessiondata = ( isset($_COOKIE[$board_config['cookie_name'] . '_data']) ) ? unserialize(stripslashes($_COOKIE[$board_config['cookie_name'] . '_data'])) : ''; $this->session_id = ( isset($_COOKIE[$board_config['cookie_name'] . '_sid']) ) ? $_COOKIE[$board_config['cookie_name'] . '_sid'] : ''; - $SID = '?sid='; + $SID = (defined('IN_ADMIN')) ? '?sid=' . $this->session_id : '?sid='; } else { @@ -114,18 +114,21 @@ class session { $sessiondata = array(); $current_time = time(); - // Limit sessions in 1 minute period - $sql = "SELECT COUNT(*) AS sessions - FROM " . SESSIONS_TABLE . " - WHERE session_time >= " . ( $current_time - 60 ); - $result = $db->sql_query($sql); + if ( intval($board_config['active_sessions']) ) + { + // Limit sessions in 1 minute period + $sql = "SELECT COUNT(*) AS sessions + FROM " . SESSIONS_TABLE . " + WHERE session_time >= " . ( $current_time - 60 ); + $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); - if ( intval($board_config['active_sessions']) && intval($row['sessions']) > intval($board_config['active_sessions']) ) - { - message_die(MESSAGE, 'Board_unavailable'); + if ( intval($row['sessions']) > intval($board_config['active_sessions']) ) + { + message_die(MESSAGE, 'Board_unavailable'); + } } // Garbage collection ... remove old sessions updating user information |