summaryrefslogtreecommitdiffstats
path: root/inc/session.inc.php
diff options
context:
space:
mode:
Diffstat (limited to 'inc/session.inc.php')
-rw-r--r--inc/session.inc.php12
1 files changed, 7 insertions, 5 deletions
diff --git a/inc/session.inc.php b/inc/session.inc.php
index 891a465..93c33e5 100644
--- a/inc/session.inc.php
+++ b/inc/session.inc.php
@@ -9,7 +9,8 @@ class Session
private static function generateSessionId()
{
- if (self::$sid !== false) Util::traceError('Error: Asked to generate session id when already set.');
+ if (self::$sid !== false)
+ Util::traceError('Error: Asked to generate session id when already set.');
self::$sid = sha1(
mt_rand(0, 65535)
. $_SERVER['REMOTE_ADDR']
@@ -47,9 +48,9 @@ class Session
public static function setUid($value)
{
- if (!is_numeric($value) || $value < 1)
+ if (strlen($value) < 5)
Util::traceError('Invalid user id: ' . $value);
- self::set('uid', (int)$value);
+ self::set('uid', $value);
}
public static function get($key)
@@ -72,7 +73,7 @@ class Session
private static function loadSessionId()
{
if (self::$sid !== false)
- die('Error: Asked to load session id when already set.');
+ Util::traceError('Error: Asked to load session id when already set.');
if (empty($_COOKIE['sid']))
return false;
$id = preg_replace('/[^a-zA-Z0-9]/', '', $_COOKIE['sid']);
@@ -112,8 +113,9 @@ class Session
if (self::$sid === false || self::$data !== false)
Util::traceError('Tried to readSessionData on an active session!');
$data = Database::queryFirst('SELECT dateline, data FROM websession WHERE sid = :sid LIMIT 1', array('sid' => self::$sid));
- if ($data === false)
+ if ($data === false) {
return false;
+ }
if ($data['dateline'] + CONFIG_SESSION_TIMEOUT < time()) {
self::delete();
return false;
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-04-25 19:30:30 +0200