phpBB

Code Changes

File: includes/session.php

  Unmodified   Added   Modified   Removed
Line 120Line 120

$script_path .= (substr($script_path, -1, 1) == '/') ? '' : '/';
$root_script_path .= (substr($root_script_path, -1, 1) == '/') ? '' : '/';


$script_path .= (substr($script_path, -1, 1) == '/') ? '' : '/';
$root_script_path .= (substr($root_script_path, -1, 1) == '/') ? '' : '/';

 

$forum_id = (isset($_REQUEST['f']) && $_REQUEST['f'] > 0 && $_REQUEST['f'] < 16777215) ? (int) $_REQUEST['f'] : 0;


$page_array += array(
'page_name' => $page_name,


$page_array += array(
'page_name' => $page_name,

Line 130Line 132
			'root_script_path'	=> str_replace(' ', '%20', htmlspecialchars($root_script_path)),

'page' => $page,

			'root_script_path'	=> str_replace(' ', '%20', htmlspecialchars($root_script_path)),

'page' => $page,

			'forum'				=> (isset($_REQUEST['f']) && $_REQUEST['f'] > 0) ? (int) $_REQUEST['f'] : 0,

			'forum'				=> $forum_id,

		);

return $page_array;

		);

return $page_array;

Line 322Line 324
			}
}


			}
}


		// Is session_id is set or session_id is set and matches the url param if required
if (!empty($this->session_id) && (!defined('NEED_SID') || (isset($_GET['sid']) && $this->session_id === $_GET['sid'])))








		// if no session id is set, redirect to index.php
if (defined('NEED_SID') && (!isset($_GET['sid']) || $this->session_id !== $_GET['sid']))
{
send_status_line(401, 'Unauthorized');
redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
}

// if session id is set
if (!empty($this->session_id))

		{
$sql = 'SELECT u.*, s.*
FROM ' . SESSIONS_TABLE . ' s, ' . USERS_TABLE . " u

		{
$sql = 'SELECT u.*, s.*
FROM ' . SESSIONS_TABLE . ' s, ' . USERS_TABLE . " u

Line 549Line 558
		$method = 'autologin_' . $method;
if (function_exists($method))
{

		$method = 'autologin_' . $method;
if (function_exists($method))
{

			$this->data = $method();






			$user_data = $method();

if ($user_id === false || (isset($user_data['user_id']) && $user_id == $user_data['user_id']))
{
$this->data = $user_data;
}


if (sizeof($this->data))
{


if (sizeof($this->data))
{

Line 569Line 583
					AND k.user_id = u.user_id
AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'";
$result = $db->sql_query($sql);

					AND k.user_id = u.user_id
AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'";
$result = $db->sql_query($sql);

			$this->data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);




			$user_data = $db->sql_fetchrow($result);

if ($user_id === false || (isset($user_data['user_id']) && $user_id == $user_data['user_id']))
{
$this->data = $user_data;

			$bot = false;
}

			$bot = false;
}

		else if ($user_id !== false && !sizeof($this->data))






$db->sql_freeresult($result);
}

if ($user_id !== false && !sizeof($this->data))

		{
$this->cookie_data['k'] = '';
$this->cookie_data['u'] = $user_id;

		{
$this->cookie_data['k'] = '';
$this->cookie_data['u'] = $user_id;

Line 1030Line 1051

$name_data = rawurlencode($config['cookie_name'] . '_' . $name) . '=' . rawurlencode($cookiedata);
$expire = gmdate('D, d-M-Y H:i:s \\G\\M\\T', $cookietime);


$name_data = rawurlencode($config['cookie_name'] . '_' . $name) . '=' . rawurlencode($cookiedata);
$expire = gmdate('D, d-M-Y H:i:s \\G\\M\\T', $cookietime);

		$domain = (!$config['cookie_domain'] || $config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1') ? '' : '; domain=' . $config['cookie_domain'];

		$domain = (!$config['cookie_domain'] || $config['cookie_domain'] == '127.0.0.1' || strpos($config['cookie_domain'], '.') === false) ? '' : '; domain=' . $config['cookie_domain'];


header('Set-Cookie: ' . $name_data . (($cookietime) ? '; expires=' . $expire : '') . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . '; HttpOnly', false);
}


header('Set-Cookie: ' . $name_data . (($cookietime) ? '; expires=' . $expire : '') . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . '; HttpOnly', false);
}

Line 1507Line 1528

// Able to add new options (up to id 31)
var $keyoptions = array('viewimg' => 0, 'viewflash' => 1, 'viewsmilies' => 2, 'viewsigs' => 3, 'viewavatars' => 4, 'viewcensors' => 5, 'attachsig' => 6, 'bbcode' => 8, 'smilies' => 9, 'popuppm' => 10, 'sig_bbcode' => 15, 'sig_smilies' => 16, 'sig_links' => 17);


// Able to add new options (up to id 31)
var $keyoptions = array('viewimg' => 0, 'viewflash' => 1, 'viewsmilies' => 2, 'viewsigs' => 3, 'viewavatars' => 4, 'viewcensors' => 5, 'attachsig' => 6, 'bbcode' => 8, 'smilies' => 9, 'popuppm' => 10, 'sig_bbcode' => 15, 'sig_smilies' => 16, 'sig_links' => 17);

	var $keyvalues = array();

 

/**
* Constructor to set the lang path


/**
* Constructor to set the lang path

Line 1655Line 1675

if (!$this->theme)
{


if (!$this->theme)
{

			trigger_error('Could not get style data', E_USER_ERROR);

			trigger_error('NO_STYLE_DATA', E_USER_ERROR);

		}

// Now parse the cfg file and cache it

		}

// Now parse the cfg file and cache it

Line 2150Line 2170
				'is_short'		=> strpos($format, '|'),
'format_short' => substr($format, 0, strpos($format, '|')) . '||' . substr(strrchr($format, '|'), 1),
'format_long' => str_replace('|', '', $format),

				'is_short'		=> strpos($format, '|'),
'format_short' => substr($format, 0, strpos($format, '|')) . '||' . substr(strrchr($format, '|'), 1),
'format_long' => str_replace('|', '', $format),

				'lang'			=> $this->lang['datetime'],


				// Filter out values that are not strings (e.g. arrays) for strtr().
'lang' => array_filter($this->lang['datetime'], 'is_string'),

			);

// Short representation of month in format? Some languages use different terms for the long and short format of May

			);

// Short representation of month in format? Some languages use different terms for the long and short format of May

Line 2337Line 2358
	}

/**

	}

/**

	* Get option bit field from user options





	* Get option bit field from user options.
*
* @param int $key option key, as defined in $keyoptions property.
* @param int $data bit field value to use, or false to use $this->data['user_options']
* @return bool true if the option is set in the bit field, false otherwise

	*/
function optionget($key, $data = false)
{

	*/
function optionget($key, $data = false)
{

		if (!isset($this->keyvalues[$key]))
{
$var = ($data) ? $data : $this->data['user_options'];
$this->keyvalues[$key] = ($var & 1 << $this->keyoptions[$key]) ? true : false;
}

return $this->keyvalues[$key];

		$var = ($data !== false) ? $data : $this->data['user_options'];
return phpbb_optionget($this->keyoptions[$key], $var);






	}

/**

	}

/**

	* Set option bit field for user options










	* Set option bit field for user options.
*
* @param int $key Option key, as defined in $keyoptions property.
* @param bool $value True to set the option, false to clear the option.
* @param int $data Current bit field value, or false to use $this->data['user_options']
* @return int|bool If $data is false, the bit field is modified and
* written back to $this->data['user_options'], and
* return value is true if the bit field changed and
* false otherwise. If $data is not false, the new
* bitfield value is returned.

	*/
function optionset($key, $value, $data = false)
{

	*/
function optionset($key, $value, $data = false)
{

		$var = ($data) ? $data : $this->data['user_options'];

		$var = ($data !== false) ? $data : $this->data['user_options'];





		if ($value && !($var & 1 << $this->keyoptions[$key]))



		$new_var = phpbb_optionset($this->keyoptions[$key], $value, $var);

if ($data === false)

		{

		{

			$var += 1 << $this->keyoptions[$key];
}
else if (!$value && ($var & 1 << $this->keyoptions[$key]))

			if ($new_var != $var)



		{

		{

			$var -= 1 << $this->keyoptions[$key];


				$this->data['user_options'] = $new_var;
return true;

		}
else
{

		}
else
{

			return ($data) ? $var : false;

				return false;

		}

		}


if (!$data)
{
$this->data['user_options'] = $var;
return true;

 
		}
else
{

		}
else
{

			return $var;

			return $new_var;

		}
}


		}
}