Fixed security bug, moved setting of $sid to before include statement…

… to stop use of bad $sid's before it is checked/converted to "int" type. git-svn-id: file:///Users/Shitiz/Downloads/lssvn/trunk/unstable@754 b72ed6b6-b9f8-46b5-92b4-906544132732
LimeSurvey · Oct 28, 2003 · 632c4fa · 632c4fa
1 parent 551689d
commit 632c4fa
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/index.php b/index.php
@@ -38,7 +38,7 @@
 session_start();
 
 if (!isset($sid)) {$sid=returnglobal('sid');}
-settype($sid, "integer");
+if (phpversion() >= '4.2.0') {settype($sid, "int");} else {settype($sid, "integer");}
 
 include("./admin/config.php");