diff options
author | Ineiev <ineiev@gnu.org> | 2024-09-26 09:20:23 +0000 |
---|---|---|
committer | Ineiev <ineiev@gnu.org> | 2024-10-05 16:20:08 +0000 |
commit | 34c867a77253555b792f04850e6fdcb3bc7a1b89 (patch) | |
tree | f76580dc34a3f625b744fbcf8e04ea03060bf3e2 | |
parent | 8ccc587ebb05c6c8a10f2eabb0aeffd05a30fbea (diff) | |
download | savane-i18n.tar.gz |
drop support for old session hash formati18n
-rw-r--r-- | frontend/php/include/session.php | 8 |
1 files changed, 2 insertions, 6 deletions
diff --git a/frontend/php/include/session.php b/frontend/php/include/session.php index 4edcc24f..950ef00e 100644 --- a/frontend/php/include/session.php +++ b/frontend/php/include/session.php @@ -261,12 +261,10 @@ function session_fetch_data ($uid, $hash) { list ($clean_hash, $param) = session_hash_parts ($hash); if (empty ($param)) - $param = $hash; - else - $param .= '%'; + return null; $res = db_execute ( 'SELECT * FROM session WHERE user_id = ? AND session_hash LIKE ?', - [$uid, $param] + [$uid, "$param%"] ); while ($row = db_fetch_array ($res)) if (session_valid_hash ($row['session_hash'], $clean_hash)) @@ -388,8 +386,6 @@ function session_count ($uid) function session_valid_hash ($stored_hash, $hash) { list ($clean_hash, $ticket) = session_hash_parts ($stored_hash); - if (empty ($ticket)) - return $hash === $stored_hash; return account_validpw ($clean_hash, $hash); } |