From 4ca00cba39a0169bd521cbe7e9bd24d3bf3c1cd2 Mon Sep 17 00:00:00 2001
From: Meik Sievertsen <acydburn@phpbb.com>
Date: Wed, 25 Jul 2007 16:06:11 +0000
Subject: please have a second look at the change within session.php - we had a
 few "doubled" keys within the db...

git-svn-id: file:///svn/phpbb/trunk@7946 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/includes/session.php | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

(limited to 'phpBB/includes/session.php')

diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index b8b8564496..0ef71e63d4 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -311,7 +311,7 @@ class session
 				else
 				{
 					// Added logging temporarly to help debug bugs...
-					if (defined('DEBUG_EXTRA'))
+					if (defined('DEBUG_EXTRA') && $this->data['user_id'] != ANONYMOUS)
 					{
 						add_log('critical', 'LOG_IP_BROWSER_FORWARDED_CHECK', $u_ip, $s_ip, $u_browser, $s_browser, htmlspecialchars($u_forwarded_for), htmlspecialchars($s_forwarded_for));
 					}
@@ -1121,6 +1121,12 @@ class session
 
 		if ($key)
 		{
+			// removing "stale" keys
+			$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . '
+				WHERE user_id = ' . (int) $user_id . "
+					AND key_id <> '" . $db->sql_escape(md5($key)) . "'";
+			$db->sql_query($sql);
+
 			$sql = 'UPDATE ' . SESSIONS_KEYS_TABLE . '
 				SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
 				WHERE user_id = ' . (int) $user_id . "
@@ -1128,6 +1134,11 @@ class session
 		}
 		else
 		{
+			// Before inserting, we will remove all previous keys. ;)
+			$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . '
+				WHERE user_id = ' . (int) $user_id;
+			$db->sql_query($sql);
+
 			$sql = 'INSERT INTO ' . SESSIONS_KEYS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
 		}
 		$db->sql_query($sql);
-- 
cgit v1.2.1