public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-15 23:15:57 +00:00
Code Issues Releases Wiki Activity

session validation: check for tt-rss version

Browse Source
This commit is contained in:
Andrew Dolgov
2013-04-04 12:55:15 +04:00
parent 9fb91a2043
commit 810205625b
2 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
include/functions.php
View File

@@ -630,6 +630,7 @@
@session_start(); @session_start();
$_SESSION["uid"] = $user_id; $_SESSION["uid"] = $user_id;
$_SESSION["version"] = VERSION;
$result = db_query($link, "SELECT login,access_level,pwd_hash FROM ttrss_users $result = db_query($link, "SELECT login,access_level,pwd_hash FROM ttrss_users
WHERE id = '$user_id'"); WHERE id = '$user_id'");

3
include/sessions.php
View File

@@ -5,6 +5,7 @@
require_once "db.php"; require_once "db.php";
require_once "lib/accept-to-gettext.php"; require_once "lib/accept-to-gettext.php";
require_once "lib/gettext/gettext.inc"; require_once "lib/gettext/gettext.inc";
require_once "version.php";
$session_expire = max(SESSION_COOKIE_LIFETIME, 86400); $session_expire = max(SESSION_COOKIE_LIFETIME, 86400);
$session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME; $session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME;
@@ -38,6 +39,8 @@
if (SINGLE_USER_MODE) return true; if (SINGLE_USER_MODE) return true;
if (!$link) return false; if (!$link) return false;
if (VERSION != $_SESSION["version"]) return false;
$check_ip = $_SESSION['ip_address']; $check_ip = $_SESSION['ip_address'];
switch (SESSION_CHECK_ADDRESS) { switch (SESSION_CHECK_ADDRESS) {