diff options
| author | Graham Eames <grahamje@users.sourceforge.net> | 2006-03-18 22:05:08 +0000 |
|---|---|---|
| committer | Graham Eames <grahamje@users.sourceforge.net> | 2006-03-18 22:05:08 +0000 |
| commit | 9d5b427032d342a711b9325300aba90723c10c2f (patch) | |
| tree | 660c334457a092a457cfd08656d624831ff4df27 /phpBB/includes/session.php | |
| parent | af2036427ac9cd4d42d224fe5e10fa5a8c0e29d5 (diff) | |
| download | forums-9d5b427032d342a711b9325300aba90723c10c2f.tar forums-9d5b427032d342a711b9325300aba90723c10c2f.tar.gz forums-9d5b427032d342a711b9325300aba90723c10c2f.tar.bz2 forums-9d5b427032d342a711b9325300aba90723c10c2f.tar.xz forums-9d5b427032d342a711b9325300aba90723c10c2f.zip | |
Cross-port a patch from 2.0.20 into the 3.0 branch
git-svn-id: file:///svn/phpbb/trunk@5660 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/session.php')
| -rw-r--r-- | phpBB/includes/session.php | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index b885d81b31..f12332b4db 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -763,6 +763,29 @@ class session return false; } + + /** + * Reset all login keys for the specified user + * + * This method removes all current login keys for a specified (or the current) + * user. It will be called on password change to render old keys unusable + */ + function reset_login_keys($user_id = false) + { + global $config, $db; + + $user_id = ($user_id === false) ? $this->data['user_id'] : $user_id; + + $sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . ' WHERE user_id = ' . (int) $user_id; + $db->sql_query($sql); + + // We're changing the password of the current user and they have a key + // Lets regenerate it to be safe + if ($user_id === $this->data['user_id'] && $this->cookie_data['k']) + { + $this->set_login_key($user_id); + } + } } |