From 3b15fe0a5bc2c5bf5fcd5a08921ad3026791d4da Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Wed, 19 Jan 2011 03:08:27 +0100 Subject: [PATCH] [ticket/9912] Fix error in logic. Do not strip SID when user is not a bot. This also moves the code up to the point where we know that the user is a bot. Regression from d07e152ea7e820c5a0e47aeb8004fa0b5621a314 PHPBB3-9912 --- phpBB/includes/session.php | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 1dc854caf2..d803f8d799 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -583,6 +583,13 @@ class session $bot = false; } + // Bot user, if they have a SID in the Request URI we need to get rid of it + // otherwise they'll index this page with the SID, duplicate content oh my! + if ($bot && isset($_GET['sid'])) + { + redirect(build_url(array('sid'))); + } + // If no data was returned one or more of the following occurred: // Key didn't match one in the DB // User does not exist @@ -619,12 +626,6 @@ class session } else { - // Bot user, if they have a SID in the Request URI we need to get rid of it - // otherwise they'll index this page with the SID, duplicate content oh my! - if (isset($_GET['sid'])) - { - redirect(build_url(array('sid'))); - } $this->data['session_last_visit'] = $this->time_now; }