diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-07-25 15:18:00 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-07-25 15:18:00 +0000 |
| commit | 42f2152a9f69c75427afa394a3b95c1c9c556982 (patch) | |
| tree | 891b33e6f6f0b6f92f8ef6f3d33329bc658dc424 /phpBB/includes | |
| parent | d4483e3375625767e0a3f056e1f259102bcfb002 (diff) | |
| download | forums-42f2152a9f69c75427afa394a3b95c1c9c556982.tar forums-42f2152a9f69c75427afa394a3b95c1c9c556982.tar.gz forums-42f2152a9f69c75427afa394a3b95c1c9c556982.tar.bz2 forums-42f2152a9f69c75427afa394a3b95c1c9c556982.tar.xz forums-42f2152a9f69c75427afa394a3b95c1c9c556982.zip | |
Various changes + Ashe's security fix
git-svn-id: file:///svn/phpbb/trunk@2741 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/session.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index fc173e1127..e8ac3b619f 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -111,11 +111,11 @@ class session { { $this->gc($current_time); } - - setcookie($board_config['cookie_name'] . '_data', serialize($sessiondata), $current_time + 31536000, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); - setcookie($board_config['cookie_name'] . '_sid', $session_id, 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); } + setcookie($board_config['cookie_name'] . '_data', serialize($sessiondata), $current_time + 31536000, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); + setcookie($board_config['cookie_name'] . '_sid', $session_id, 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); + return $this->userdata; } } @@ -126,7 +126,7 @@ class session { // using the cookie user_id if available to pull basic user prefs. // $autologin = ( isset($sessiondata['autologinid']) ) ? $sessiondata['autologinid'] : ''; - $user_id = ( isset($sessiondata['userid']) ) ? $sessiondata['userid'] : ANONYMOUS; + $user_id = ( isset($sessiondata['userid']) ) ? intval($sessiondata['userid']) : ANONYMOUS; $this->userdata = $this->create($session_id, $user_id, $autologin, $this_page, $session_browser); |