diff options
author | nikrou <nikrou@piwigo.org> | 2006-08-07 13:39:19 +0000 |
---|---|---|
committer | nikrou <nikrou@piwigo.org> | 2006-08-07 13:39:19 +0000 |
commit | 5ae82cf8d4a092e975dc8b92b9f9d57c3d38afb9 (patch) | |
tree | 3ee499b8e16f621cfc72ebac973291b9195db4e0 /include | |
parent | e730b6fb27bde8bec16a1651c1120adc191efdf5 (diff) |
bug 451 fixed: in auto_login function slashes must be remove
before unserializing data contains in remember cookie
git-svn-id: http://piwigo.org/svn/trunk@1526 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include')
-rw-r--r-- | include/functions_user.inc.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index 28f81e7a4..d3a2b75f3 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -593,7 +593,9 @@ UPDATE '.USERS_TABLE.' function auto_login() { global $conf; - $cookie = unserialize(pwg_stripslashes($_COOKIE[$conf['remember_me_name']])); + // must remove slash added in include/common.inc.php + $cookie = unserialize(stripslashes($_COOKIE[$conf['remember_me_name']])); + $query = ' SELECT auto_login_key FROM '.USERS_TABLE.' @@ -603,6 +605,7 @@ SELECT auto_login_key $auto_login_key = current(mysql_fetch_assoc(pwg_query($query))); if ($auto_login_key == $cookie['key']) { + error_log("ici\n", 3, '/tmp/cookie'); log_user($cookie['id'], false); redirect(make_index_url()); } |