diff options
| author | Nils Adermann <naderman@naderman.de> | 2007-02-25 22:09:53 +0000 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2007-02-25 22:09:53 +0000 |
| commit | b66e0fcd34d3209ca86059d1737125699a726a7d (patch) | |
| tree | 96f2a08d958122e7f0c4780c718694646ac4e846 /phpBB/includes/session.php | |
| parent | 424a520d0e3d8f668b70c632a8d787f004d8098b (diff) | |
| download | forums-b66e0fcd34d3209ca86059d1737125699a726a7d.tar forums-b66e0fcd34d3209ca86059d1737125699a726a7d.tar.gz forums-b66e0fcd34d3209ca86059d1737125699a726a7d.tar.bz2 forums-b66e0fcd34d3209ca86059d1737125699a726a7d.tar.xz forums-b66e0fcd34d3209ca86059d1737125699a726a7d.zip | |
- fix htmlspecialchars handling in search (search backends get specialchared input, and should return specialchared output), current backends strip entities anyway [includes Bug #8156]
- allow cancelling search index creation/removal
- custom CSS class name input too short [Bug #8328]
- give an error message if a password wasn't convertable (special characters in non-standard encoding)
- moved still_on_time to functions.php, used by acp_search and converter, might be useful for MODs (or complex cron scripts)
- do not allow empty passwords on login
- add sids to local URLs in posts (this was a really terrible bug to fix ;-)) [Bug #7892]
- ignore invalid HTTP_X_FORWARDED_FOR headers (just use REMOTE_ADDR if invalid) [Bug #8314]
- changed forum listing code on search page and acp_attachments [Bug #6658]
- search indexing uses still_on_time(), smaller batch size (1000) and meta_refresh() instead of redirect(), this should solve a few problems [Bugs #8034, #8270]
- made password requirement language strings clearer
- ALPHA is not meant to be alphanumric [Bug #7764]
- display bug in firefox on linux making the pagination wrap on search results page (caused by )
git-svn-id: file:///svn/phpbb/trunk@7076 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/session.php')
| -rw-r--r-- | phpBB/includes/session.php | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 0a9084eb6d..351d284c62 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -168,14 +168,9 @@ class session // check IPv4 first, the IPv6 is hopefully only going to be used very seldomly if (!empty($ip) && !preg_match($ipv4, $ip) && !preg_match($ipv6, $ip)) { - if (!defined('DEBUG_EXTRA')) - { - trigger_error('Hacking attempt!'); - } - else - { - trigger_error('Invalid HTTP_X_FORWARDED_FOR header detected: ' . htmlspecialchars($this->forwarded_for)); - } + // contains invalid data, don't use the forwarded for header + $this->forwarded_for = ''; + break; } } } |