From 9c16714d85dbe7d5dd744ff38894436b04c1761c Mon Sep 17 00:00:00 2001
From: "Paul S. Owen" <psotfx@users.sourceforge.net>
Date: Sun, 29 Apr 2001 21:20:19 +0000
Subject: Added stripslashes to unserialize ... not a good idea to change
 php.ini updating code

git-svn-id: file:///svn/phpbb/trunk@218 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/includes/sessions.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'phpBB')

diff --git a/phpBB/includes/sessions.php b/phpBB/includes/sessions.php
index 92cc7459e1..ca7a97ba2b 100644
--- a/phpBB/includes/sessions.php
+++ b/phpBB/includes/sessions.php
@@ -34,7 +34,7 @@ function session_begin($user_id, $user_ip, $page_id, $session_length, $login = F
 	global $cookiename, $cookiedomain, $cookiepath, $cookiesecure, $cookielife;
 	global $HTTP_COOKIE_VARS;
 
-	$cookiedata = unserialize($HTTP_COOKIE_VARS[$cookiename]);
+	$cookiedata = unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename]));
 	$current_time = time();
 	$expiry_time = $current_time - $session_length;
 	$int_ip = encode_ip($user_ip);
@@ -148,7 +148,7 @@ function session_pagestart($user_ip, $thispage_id, $session_length)
 	global $cookiename, $cookiedomain, $cookiepath, $cookiesecure, $cookielife;
 	global $HTTP_COOKIE_VARS;
 
-	$cookiedata = unserialize($HTTP_COOKIE_VARS[$cookiename]);
+	$cookiedata = unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename]));
 	$current_time = time();
 	$int_ip = encode_ip($user_ip);
 	unset($userdata);
@@ -336,7 +336,7 @@ function session_end($session_id, $user_id)
 	global $cookiename, $cookiedomain, $cookiepath, $cookiesecure, $cookielife;
 	global $HTTP_COOKIE_VARS;
 
-	$cookiedata = unserialize($HTTP_COOKIE_VARS[$cookiename]);
+	$cookiedata = unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename]));
 	$current_time = time();
 
 	$sql = "UPDATE  ".SESSIONS_TABLE."
-- 
cgit v1.2.1