aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/session.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/session.php')
-rw-r--r--phpBB/includes/session.php19
1 files changed, 11 insertions, 8 deletions
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index 38107d80db..3b1e43e052 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -463,8 +463,10 @@ class session
$db->sql_return_on_error(true);
- $sql = 'UPDATE ' . SESSIONS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
- WHERE session_id = '" . $db->sql_escape($this->session_id) . "'";
+ $sql = 'DELETE
+ FROM ' . SESSIONS_TABLE . '
+ WHERE session_id = \'' . $db->sql_escape($this->session_id) . '\'
+ AND session_user_id = ' . ANONYMOUS;
if (!$this->session_id || !$db->sql_query($sql) || !$db->sql_affectedrows())
{
@@ -483,15 +485,16 @@ class session
trigger_error('BOARD_UNAVAILABLE');
}
}
+ }
- $this->session_id = $this->data['session_id'] = md5(unique_id());
+ $this->session_id = $this->data['session_id'] = md5(unique_id());
- $sql_ary['session_id'] = (string) $this->session_id;
- $sql_ary['session_page'] = (string) substr($this->page['page'], 0, 199);
+ $sql_ary['session_id'] = (string) $this->session_id;
+ $sql_ary['session_page'] = (string) substr($this->page['page'], 0, 199);
+
+ $sql = 'INSERT INTO ' . SESSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
+ $db->sql_query($sql);
- $sql = 'INSERT INTO ' . SESSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
- $db->sql_query($sql);
- }
$db->sql_return_on_error(false);
// Regenerate autologin/persistent login key
generated by cgit v1.2.1 (git 2.21.0) at 2026-01-02 14:24:52 +0000