mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-05 16:27:38 +02:00
Code Issues Releases Wiki Activity

Prevent cookies from other applications interfering with our forms

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@6423 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Graham Eames
2006-10-01 11:10:15 +00:00
parent bc15445b58
commit c42b75d1bc
2 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
phpBB/includes/session.php
View File

@@ -151,9 +151,9 @@ class session
// Switch to request_var ... can this cause issues, can a _GET/_POST param
// be used to poison this? Not sure that it makes any difference in terms of
// the end result, be it a cookie or param.
$this->cookie_data['u'] = request_var($config['cookie_name'] . '_u', 0);
$this->cookie_data['k'] = request_var($config['cookie_name'] . '_k', '');
$this->session_id = request_var($config['cookie_name'] . '_sid', '');
$this->cookie_data['u'] = request_var($config['cookie_name'] . '_u', 0, false, true);
$this->cookie_data['k'] = request_var($config['cookie_name'] . '_k', '', false, true);
$this->session_id = request_var($config['cookie_name'] . '_sid', '', false, true);
$SID = (defined('NEED_SID')) ? '?sid=' . $this->session_id : '?sid=';
$_SID = (defined('NEED_SID')) ? $this->session_id : '';