Skip to content

Commit

Permalink
Exson: Fixed the DB_escape_string bug for Array in session.inc and de…
Browse files Browse the repository at this point in the history 
…stroy cookie while users log out in Logout.php
  • Loading branch information
@ExsonQu-xun @timschofield
ExsonQu-xun authored and timschofield committed Feb 27, 2018
1 parent ee8e7eb commit 631d6ae
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 2 deletions.
2 changes: 2 additions & 0 deletions Logout.php
View file
Expand Up @@ -9,4 +9,6 @@
// Cleanup
session_unset();
session_destroy();
setcookie('PHPSESSID',"",time()-3600,'/');

?>
2 changes: 1 addition & 1 deletion doc/Change.log
View file
@@ -1,5 +1,5 @@
webERP Change Log

17/02/18 Exson: Fixed the DB_escape_string bug for Array in session.inc and destroy cookie while users log out in Logout.php
16/2/18 Paul Becker (PaulT commit): header.php: Add link to the Dashboard in the AppInfoUserDiv. (Forum contribution: http://www.weberp.org/forum/showthread.php?tid=8100)
16/2/18 PaulT: Remove unused $db parameter from many functions within the /api area.
16/2/18 PaulT: upgrade4.14.1-4.14.2.sql: Add SQL update to support commit 7961.
Expand Down
3 changes: 2 additions & 1 deletion includes/session.php
View file
Expand Up @@ -63,7 +63,8 @@
if(get_magic_quotes_gpc()) {
$PostVariableValue[$PostArrayKey] = stripslashes($value[$PostArrayKey]);
}
$PostVariableValue[$PostArrayKey] = DB_escape_string(htmlspecialchars($PostArrayValue,ENT_QUOTES,'UTF-8'));
$_POST[$PostVariableName][$PostArrayKey] = DB_escape_string(htmlspecialchars($PostArrayValue,ENT_QUOTES,'UTF-8'));

}
}
}
Expand Down

0 comments on commit 631d6ae

Please sign in to comment.