mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 14:00:31 +02:00
Code Issues Releases Wiki Activity

[ticket/16825] Do not use session ID from URL if force_sid is not enabled

Browse Source 
PHPBB3-16825
This commit is contained in:
Marc Alexander
2021-07-26 21:03:14 +02:00
parent 9eb21f28fc
commit 03ec6ce0a9
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
phpBB/phpbb/session.php
View File

@@ -275,7 +275,7 @@ class session
$SID = '?sid='; $SID = '?sid=';
$_SID = ''; $_SID = '';
if (empty($this->session_id)) if (empty($this->session_id) && $phpbb_container->getParameter('session.force_sid'))
{ {
$this->session_id = $_SID = $request->variable('sid', ''); $this->session_id = $_SID = $request->variable('sid', '');
$SID = '?sid=' . $this->session_id; $SID = '?sid=' . $this->session_id;
@@ -284,7 +284,7 @@ class session
} }
else else
{ {
$this->session_id = $_SID = $request->variable('sid', ''); $this->session_id = $_SID = $phpbb_container->getParameter('session.force_sid') ? $request->variable('sid', '') : '';
$SID = '?sid=' . $this->session_id; $SID = '?sid=' . $this->session_id;
} }