aboutsummaryrefslogtreecommitdiffstats
path: root/admin/picture_modify.php
diff options
context:
space:
mode:
authornikrou <nikrou@piwigo.org>2006-01-15 12:52:55 +0000
committernikrou <nikrou@piwigo.org>2006-01-15 12:52:55 +0000
commit9d6404ad36375079e815979bd4bf476a5195df5e (patch)
tree4e4724a9f86cdc91d31419ac5b2a2489b858a70b /admin/picture_modify.php
parent6d45ca83efc0f28bb00ecab1a9b4964279cc26b5 (diff)
Improve security of sessions:
- use only cookies to store session id on client side - use default php session system with database handler to store sessions on server side git-svn-id: http://piwigo.org/svn/branches/branch-1_5@1003 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'admin/picture_modify.php')
-rw-r--r--admin/picture_modify.php6
1 files changed, 1 insertions, 5 deletions
diff --git a/admin/picture_modify.php b/admin/picture_modify.php
index a8fa2b953..097857ec5 100644
--- a/admin/picture_modify.php
+++ b/admin/picture_modify.php
@@ -195,12 +195,10 @@ $template->set_filenames(
$template->assign_vars(
array(
'U_SYNC' =>
- add_session_id(
PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
'&amp;image_id='.$_GET['image_id'].
(isset($_GET['cat_id']) ? '&amp;cat_id='.$_GET['cat_id'] : '').
- '&amp;sync_metadata=1'
- ),
+ '&amp;sync_metadata=1',
'PATH'=>$row['path'],
@@ -230,10 +228,8 @@ $template->assign_vars(
stripslashes($_POST['description']) : @$row['comment'],
'F_ACTION' =>
- add_session_id(
PHPWG_ROOT_PATH.'admin.php'
.get_query_string_diff(array('sync_metadata'))
- )
)
);