mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-07 16:15:22 +02:00
Code Issues Releases Wiki Activity

escape browser and page info

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@4318 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2003-07-23 15:39:38 +00:00
parent 0f265c3712
commit 8ee1433d16
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
phpBB/includes/session.php
View File

@ -71,7 +71,7 @@ class session
} }
// Load limit check (if applicable) // Load limit check (if applicable)
if (doubleval($config['limit_load']) && file_exists('/proc/loadavg')) if (doubleval($config['limit_load']) && @file_exists('/proc/loadavg'))
{ {
if ($load = @file('/proc/loadavg')) if ($load = @file('/proc/loadavg'))
{ {
@ -257,7 +257,7 @@ class session
$db->sql_return_on_error(true); $db->sql_return_on_error(true);
$sql = 'UPDATE ' . SESSIONS_TABLE . " $sql = 'UPDATE ' . SESSIONS_TABLE . "
SET session_user_id = $user_id, session_last_visit = " . $this->data['session_last_visit'] . ", session_start = $current_time, session_time = $current_time, session_browser = '$this->browser', session_page = '$this->page', session_allow_viewonline = $viewonline SET session_user_id = $user_id, session_last_visit = " . $this->data['session_last_visit'] . ", session_start = $current_time, session_time = $current_time, session_browser = '" . $db->sql_escape($this->browser) . "', session_page = '" . $db->sql_escape($this->page) . "', session_allow_viewonline = $viewonline
WHERE session_id = '" . $this->session_id . "'"; WHERE session_id = '" . $this->session_id . "'";
if ($this->session_id == '' || !$db->sql_query($sql) || !$db->sql_affectedrows()) if ($this->session_id == '' || !$db->sql_query($sql) || !$db->sql_affectedrows())
{ {
@ -266,7 +266,7 @@ class session
$sql = 'INSERT INTO ' . SESSIONS_TABLE . " $sql = 'INSERT INTO ' . SESSIONS_TABLE . "
(session_id, session_user_id, session_last_visit, session_start, session_time, session_ip, session_browser, session_page, session_allow_viewonline) (session_id, session_user_id, session_last_visit, session_start, session_time, session_ip, session_browser, session_page, session_allow_viewonline)
VALUES ('" . $this->session_id . "', $user_id, " . $this->data['session_last_visit'] . ", $current_time, $current_time, '$this->ip', '$this->browser', '$this->page', $viewonline)"; VALUES ('" . $this->session_id . "', $user_id, " . $this->data['session_last_visit'] . ", $current_time, $current_time, '$this->ip', '" . $db->sql_escape($this->browser) . "', '" . $db->sql_escape($this->page) . "', $viewonline)";
$db->sql_query($sql); $db->sql_query($sql);
} }
$db->sql_return_on_error(false); $db->sql_return_on_error(false);