summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorCallan Barrett <wizzomafizzo@gmail.com>2008-01-03 22:26:47 +0100
committerDan McGee <dan@archlinux.org>2008-01-20 07:21:19 +0100
commitbf5c28cf2260df822efa72095af69cc119170a3e (patch)
tree0129893886742cc6bca2f4b11ce9eb57e23f640e
parent0e4b25211bc2d9629f0f848ea25a4c2fbcbfe339 (diff)
downloadaur-bf5c28cf2260df822efa72095af69cc119170a3e.tar.gz
aur-bf5c28cf2260df822efa72095af69cc119170a3e.tar.xz
Fix bug with botched AURSID values
In the check_sid function in aur.inc the condition for expiring the cookie and redirecting to hacker.php could never be met and instead the user would be given blank login instead of being considered logged out, now fixed. This also means we no longer need either hacker.php or timeout.php at all. Also, this bug seems to be present in the AUR version running on aur.archlinux.org. Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
-rw-r--r--web/lib/aur.inc8
-rw-r--r--web/template/header.php8
2 files changed, 7 insertions, 9 deletions
diff --git a/web/lib/aur.inc b/web/lib/aur.inc
index 47156487..02580604 100644
--- a/web/lib/aur.inc
+++ b/web/lib/aur.inc
@@ -78,7 +78,7 @@ function check_sid() {
$q = "SELECT LastUpdateTS, UNIX_TIMESTAMP() FROM Sessions ";
$q.= "WHERE SessionID = '" . mysql_real_escape_string($_COOKIE["AURSID"]) . "'";
$result = db_query($q, $dbh);
- if (!$result) {
+ if (mysql_num_rows($result) == 0) {
# Invalid SessionID - hacker alert!
#
$failed = 1;
@@ -91,12 +91,10 @@ function check_sid() {
}
if ($failed == 1) {
# clear out the hacker's cookie, and send them to a naughty page
+ # why do you have to be so harsh on these people!?
#
setcookie("AURSID", "", time() - (60*60*24*30), "/");
- # I think it's probably safe to do the same as below with this
- # but not really vital at this point
- header("Location: /hacker.php");
-
+ unset($_COOKIE['AURSID']);
} elseif ($failed == 2) {
# visitor's session id either doesn't exist, or the timeout
# was reached and they must login again, send them back to
diff --git a/web/template/header.php b/web/template/header.php
index 5230dc56..440cb24b 100644
--- a/web/template/header.php
+++ b/web/template/header.php
@@ -68,7 +68,10 @@ foreach ($SUPPORTED_LANGS as $lang => $lang_name) {
<br />
<div style="text-align: right; padding-right: 10px">
<?php
-if (!isset($_COOKIE["AURSID"])) {
+if (isset($_COOKIE["AURSID"])) {
+ print __("Logged-in as: %h%s%h",
+ array("<b>", username_from_sid($_COOKIE["AURSID"]), "</b>"));
+} else {
if ($login_error) {
print "<span class='error'>" . $login_error . "</span><br />\n";
}
@@ -81,9 +84,6 @@ if (!isset($_COOKIE["AURSID"])) {
<input type='submit' class='button' value='<?php print __("Login"); ?>'>
</form>
<?php
-} else {
- print __("Logged-in as: %h%s%h",
- array("<b>", username_from_sid($_COOKIE["AURSID"]), "</b>"));
}
?>
</div>