diff options
Diffstat (limited to 'phpBB/includes/session.php')
| -rw-r--r-- | phpBB/includes/session.php | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index e216b3e36a..43d3b1ea2b 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1319,6 +1319,11 @@ class session else if ($check_script_path && rtrim($this->page['root_script_path'], '/') !== '' ) { $ref = substr($ref, strlen($host)); + $server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'); + if ($server_port !== 80 && $server_port !== 443 && stripos($ref , ":$server_port") === 0) + { + $ref = substr($ref, strlen(":$server_port")); + } if (!(stripos(rtrim($ref, '/'), rtrim($this->page['root_script_path'], '/')) === 0)) { return false; |