[Fix] Don't send activation email when user tries to change email without permission (fix by nrohler). (Bug #56335)

Authorised by: naderman


git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10443 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/includes/session.php

@@ -1361,7 +1361,7 @@ class session
 			WHERE user_id = ' . (int) $user_id;
 		$db->sql_query($sql);
 
-		// Update last visit info first before deleting sessions
+		// If the user is logged in, update last visit info first before deleting sessions
 		$sql = 'SELECT session_time, session_page
 			FROM ' . SESSIONS_TABLE . '
 			WHERE session_user_id = ' . (int) $user_id . '
@@ -1370,10 +1370,13 @@ class session
 		$row = $db->sql_fetchrow($result);
 		$db->sql_freeresult($result);
 
-		$sql = 'UPDATE ' . USERS_TABLE . '
-			SET user_lastvisit = ' . (int) $row['session_time'] . ", user_lastpage = '" . $db->sql_escape($row['session_page']) . "'
-			WHERE user_id = " . (int) $user_id;
-		$db->sql_query($sql);
+		if ($row)
+		{
+			$sql = 'UPDATE ' . USERS_TABLE . '
+				SET user_lastvisit = ' . (int) $row['session_time'] . ", user_lastpage = '" . $db->sql_escape($row['session_page']) . "'
+				WHERE user_id = " . (int) $user_id;
+			$db->sql_query($sql);
+		}
 
 		// Let's also clear any current sessions for the specified user_id
 		// If it's the current user then we'll leave this session intact