Ok, here comes a big one. Poor updater. Also requires testing.

#i91 #i92 #i93 #i94 #i95 #i96 git-svn-id: file:///svn/phpbb/trunk@8120 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-07-31 05:50:42 +02:00 · 2007-10-03 15:05:54 +00:00
parent 87e2e62c34
commit 4defd8a830
167 changed files with 998 additions and 399 deletions
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -641,6 +641,24 @@ class session
 			$this->set_cookie('sid', $this->session_id, $cookie_expire);

 			unset($cookie_expire);
+			
+			$sql = 'SELECT COUNT(session_id) AS sessions
+					FROM ' . SESSIONS_TABLE . '
+					WHERE session_user_id = ' . (int) $this->data['user_id'] . ' 
+					AND session_time >= ' . ($this->time_now - $config['form_token_lifetime']);
+			$result = $db->sql_query($sql);
+			$row = $db->sql_fetchrow($result);
+			$db->sql_freeresult($result);
+
+			if ((int) $row['sessions'] <= 1 || empty($this->data['user_form_salt']))
+			{
+				$this->data['user_form_salt'] = unique_id();
+				// Update the form key
+				$sql = 'UPDATE ' . USERS_TABLE . '
+					SET user_form_salt = \'' . $db->sql_escape($this->data['user_form_salt']) . '\'
+					WHERE user_id = ' . (int) $this->data['user_id'];
+				$db->sql_query($sql);
+			}
 		}
 		else
 		{