From 4defd8a8306fa8daa25427a37fb6db00bff390c7 Mon Sep 17 00:00:00 2001
From: Henry Sudhof <kellanved@phpbb.com>
Date: Wed, 3 Oct 2007 15:05:54 +0000
Subject: Ok, here comes a big one. Poor updater. Also requires testing.

#i91
#i92
#i93
#i94
#i95
#i96


git-svn-id: file:///svn/phpbb/trunk@8120 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/includes/session.php | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'phpBB/includes/session.php')

diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index cbb70e8601..b2399c74c5 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -641,6 +641,24 @@ class session
 			$this->set_cookie('sid', $this->session_id, $cookie_expire);
 
 			unset($cookie_expire);
+			
+			$sql = 'SELECT COUNT(session_id) AS sessions
+					FROM ' . SESSIONS_TABLE . '
+					WHERE session_user_id = ' . (int) $this->data['user_id'] . ' 
+					AND session_time >= ' . ($this->time_now - $config['form_token_lifetime']);
+			$result = $db->sql_query($sql);
+			$row = $db->sql_fetchrow($result);
+			$db->sql_freeresult($result);
+
+			if ((int) $row['sessions'] <= 1 || empty($this->data['user_form_salt']))
+			{
+				$this->data['user_form_salt'] = unique_id();
+				// Update the form key
+				$sql = 'UPDATE ' . USERS_TABLE . '
+					SET user_form_salt = \'' . $db->sql_escape($this->data['user_form_salt']) . '\'
+					WHERE user_id = ' . (int) $this->data['user_id'];
+				$db->sql_query($sql);
+			}
 		}
 		else
 		{
-- 
cgit v1.2.1