aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--phpBB/includes/functions.php5
-rw-r--r--phpBB/includes/session.php8
2 files changed, 8 insertions, 5 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 477a7f7ac3..75174dadee 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -138,11 +138,12 @@ function gen_rand_string($num_chars)
/**
* Return unique id
+* @param $extra additional entropy for call to mt_srand
*/
-function unique_id()
+function unique_id($extra = 0)
{
list($sec, $usec) = explode(' ', microtime());
- mt_srand((float) $sec + ((float) $usec * 100000));
+ mt_srand((float) $extra + (float) $sec + ((float) $usec * 100000));
return uniqid(mt_rand(), true);
}
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index e2141dde59..467d8ce581 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -205,7 +205,7 @@ class session
WHERE u.user_id = ' . (int) $this->cookie_data['u'] . '
AND u.user_type <> ' . USER_INACTIVE . "
AND k.user_id = u.user_id
- AND k.key_id = '" . $db->sql_escape($this->cookie_data['k']) . "'";
+ AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'";
$result = $db->sql_query($sql);
$this->data = $db->sql_fetchrow($result);
@@ -657,8 +657,9 @@ class session
$user_ip = ($user_ip === false) ? $this->ip : $user_ip;
$key = ($key === false) ? ((!empty($this->cookie_data['k'])) ? $this->cookie_data['k'] : false) : $key;
+ $key_id = unique_id(hexdec(substr($this->session_id, 0, 8)));
$sql_ary = array(
- 'key_id' => (string) md5(unique_id()),
+ 'key_id' => (string) md5($key_id),
'last_ip' => (string) $this->ip,
'last_login' => (int) time()
);
@@ -672,8 +673,9 @@ class session
$sql = ($key) ? 'UPDATE ' . SESSIONS_KEYS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . (int) $user_id . ' AND key_id = "' . $db->sql_escape($key) . '"' : 'INSERT INTO ' . SESSIONS_KEYS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
$db->sql_query($sql);
- $this->cookie_data['k'] = $sql_ary['key_id'];
+ $this->cookie_data['k'] = $key_id;
unset($sql_ary);
+ unset($key_id)
return false;
}
generated by cgit v1.2.1 (git 2.21.0) at 2025-08-10 05:07:08 +0000