archive/piwigo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

bug 451 fixed: in auto_login function slashes must be remove

Browse source 
before unserializing data contains in remember cookie


git-svn-id: http://piwigo.org/svn/trunk@1526 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
nikrou 2006-08-07 13:39:19 +00:00
commit 5ae82cf8d4
1 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
include/functions_user.inc.php
View file

@ -593,7 +593,9 @@ UPDATE '.USERS_TABLE.'
function auto_login() {
global $conf;
$cookie = unserialize(pwg_stripslashes($_COOKIE[$conf['remember_me_name']]));
// must remove slash added in include/common.inc.php
$cookie = unserialize(stripslashes($_COOKIE[$conf['remember_me_name']]));
$query = '
SELECT auto_login_key
FROM '.USERS_TABLE.'
@ -603,6 +605,7 @@ SELECT auto_login_key
$auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
if ($auto_login_key == $cookie['key'])
{
error_log("ici\n", 3, '/tmp/cookie');
log_user($cookie['id'], false);
redirect(make_index_url());
}