Skip to content
This repository has been archived by the owner. It is now read-only.
Permalink
Browse files

Fixed vunerability when user had a small chance have a SessionID same…

… with an another user
  • Loading branch information
CodersGit committed Feb 3, 2018
1 parent 190591b commit dc565a7fc0df2a704773da3818fbca8f374b2d87
Showing with 1 addition and 1 deletion.
  1. +1 −1 pages/login.php
@@ -44,7 +44,7 @@
'date'=>time()
)
);
$sessionID = Base::randString(128);
$sessionID = $player->steamid . "_". Base::randString(100);
$db->execute("DELETE FROM `sessions` WHERE `session_date` < NOW() - INTERVAL 1 MONTH ");
$db->execute("INSERT INTO `players` (`SID`, `group`, `status`) VALUES ('" . $db->safe(Base::ToSteamID($player->steamid)) . "', 'user', '$status')");
$db->execute("INSERT INTO `sessions` (`session_id`, `session_steamid`, `session_date`) VALUES ('$sessionID', '" . $db->safe(Base::ToSteamID($player->steamid)) . "', NOW())");

0 comments on commit dc565a7

Please sign in to comment.
You can’t perform that action at this time.