mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-10 18:54:08 +02:00
Code Issues Releases Wiki Activity

Random bugfixes, (hopefully) improved admin panel security.

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@2954 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Ludovic Arnaud
2002-10-17 02:50:50 +00:00
parent fafd167dde
commit 80864fa7ee
6 changed files with 40 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
phpBB/includes/page_header.php
View File

@@ -264,8 +264,8 @@ else
//
// Generate HTML required for Mozilla Navigation bar
//
/*
$nav_links_html = '';
/*
$nav_link_proto = '<link rel="%s" href="%s" title="%s" />' . "\n";
foreach ( $nav_links as $nav_item => $nav_array )
{
@@ -295,7 +295,7 @@ $template->assign_vars(array(
'CURRENT_TIME' => sprintf($lang['Current_time'], $user->format_date(time())),
'TOTAL_USERS_ONLINE' => $l_online_users,
'LOGGED_IN_USER_LIST' => $online_userlist,
'RECORD_USERS' => sprintf($lang['Record_online_users'], $board_config['record_online_users'], $user->format_date($$board_config['record_online_date'])),
'RECORD_USERS' => sprintf($lang['Record_online_users'], $board_config['record_online_users'], $user->format_date($board_config['record_online_date'])),
'PRIVATE_MESSAGE_INFO' => $l_privmsgs_text,
'PRIVATE_MESSAGE_INFO_UNREAD' => $l_privmsgs_text_unread,
'PRIVATE_MESSAGE_NEW_FLAG' => $s_privmsg_new,

2
phpBB/includes/page_tail.php
View File

@@ -51,7 +51,7 @@ if (defined('DEBUG'))
$template->assign_vars(array(
'PHPBB_VERSION' => $board_config['version'],
'ADMIN_LINK' => ( $auth->acl_get('a_') ) ? '<a href="' . "admin/index.$phpEx$SID" . '">' . $lang['Admin_panel'] . '</a><br /><br />' : '',
'ADMIN_LINK' => ( $auth->acl_get('a_') ) ? '<a href="' . "admin/index.$phpEx?sid=" . $userdata['session_id'] . '">' . $lang['Admin_panel'] . '</a><br /><br />' : '',
'DEBUG_OUTPUT' => (defined('DEBUG')) ? $debug_output : ''
));

27
phpBB/includes/session.php
View File

@@ -40,7 +40,7 @@ class session {
{
$sessiondata = ( isset($_COOKIE[$board_config['cookie_name'] . '_data']) ) ? unserialize(stripslashes($_COOKIE[$board_config['cookie_name'] . '_data'])) : '';
$this->session_id = ( isset($_COOKIE[$board_config['cookie_name'] . '_sid']) ) ? $_COOKIE[$board_config['cookie_name'] . '_sid'] : '';
$SID = '?sid=';
$SID = (defined('IN_ADMIN')) ? '?sid=' . $this->session_id : '?sid=';
}
else
{
@@ -114,18 +114,21 @@ class session {
$sessiondata = array();
$current_time = time();
// Limit sessions in 1 minute period
$sql = "SELECT COUNT(*) AS sessions
FROM " . SESSIONS_TABLE . "
WHERE session_time >= " . ( $current_time - 60 );
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ( intval($board_config['active_sessions']) && intval($row['sessions']) > intval($board_config['active_sessions']) )
if ( intval($board_config['active_sessions']) )
{
message_die(MESSAGE, 'Board_unavailable');
// Limit sessions in 1 minute period
$sql = "SELECT COUNT(*) AS sessions
FROM " . SESSIONS_TABLE . "
WHERE session_time >= " . ( $current_time - 60 );
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ( intval($row['sessions']) > intval($board_config['active_sessions']) )
{
message_die(MESSAGE, 'Board_unavailable');
}
}
// Garbage collection ... remove old sessions updating user information