diff options
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/includes/sessions.php | 26 |
1 files changed, 2 insertions, 24 deletions
diff --git a/phpBB/includes/sessions.php b/phpBB/includes/sessions.php index ba18c3c9fb..caeb690e8a 100644 --- a/phpBB/includes/sessions.php +++ b/phpBB/includes/sessions.php @@ -52,8 +52,8 @@ function session_begin($user_id, $user_ip, $page_id, $session_length, $login = 0 // $sql = "SELECT ban_ip, ban_userid FROM ".BANLIST_TABLE." - WHERE (ban_ip = '$user_ip' OR ban_userid = $user_id) - AND (ban_start < $current_time AND ban_end > $current_time )"; + WHERE ban_ip = '$user_ip' + OR ban_userid = $user_id"; $result = $db->sql_query($sql); if (!$result) { @@ -248,28 +248,6 @@ function session_pagestart($user_ip, $thispage_id, $session_length) if(isset($userdata['user_id'])) { - // - // Initial ban check against IP and userid - // Is this really needed in this form? - // The new auth system will probably take care - // of all this on a fair 'fairier' level - // -/* $sql = "SELECT ban_ip, ban_userid - FROM ".BANLIST_TABLE." - WHERE (ban_ip = '$user_ip' OR ban_userid = '".$userdata['user_id']."') - AND (ban_start < $current_time AND ban_end > $current_time )"; - $ban_result = $db->sql_query($sql); - if (!$ban_result) - { - error_die(SQL_QUERY, "Couldn't obtain ban information.", __LINE__, __FILE__); - } - $ban_info = $db->sql_fetchrow($ban_result); - - if($ban_info['ban_ip'] || $ban_info['ban_userid']) - { - error_die(BANNED); - } -*/ $SID = ($sessionmethod == SESSION_METHOD_GET) ? "sid=".$sessiondata['sessionid'] : ""; // |