Permalink
Browse files

empty is already taken care of by preg_match

dont check if cookie session id exists
  • Loading branch information...
haraldpdl committed Feb 19, 2014
1 parent 247ca70 commit 431925a7eea7a1f4c06bdb07a6346c1fc02d94bf
Showing with 4 additions and 3 deletions.
  1. +4 −3 osCommerce/OM/Core/SessionAbstract.php
@@ -79,16 +79,17 @@ public function start() {
session_set_cookie_params(0, ((OSCOM::getRequestType() == 'NONSSL') ? OSCOM::getConfig('http_cookie_path') : OSCOM::getConfig('https_cookie_path')), ((OSCOM::getRequestType() == 'NONSSL') ? OSCOM::getConfig('http_cookie_domain') : OSCOM::getConfig('https_cookie_domain')), (bool)ini_get('session.cookie_secure'), (bool)ini_get('session.cookie_httponly'));
- if ( isset($_GET[$this->_name]) && ((bool)ini_get('session.use_only_cookies') || empty($_GET[$this->_name]) || !(bool)preg_match('/^[a-zA-Z0-9,-]+$/', $_GET[$this->_name]) || !$this->exists($_GET[$this->_name])) ) {
+ if ( isset($_GET[$this->_name]) && ((bool)ini_get('session.use_only_cookies') || !(bool)preg_match('/^[a-zA-Z0-9,-]+$/', $_GET[$this->_name]) || !$this->exists($_GET[$this->_name])) ) {
unset($_GET[$this->_name]);
}
- if ( isset($_POST[$this->_name]) && ((bool)ini_get('session.use_only_cookies') || empty($_POST[$this->_name]) || !(bool)preg_match('/^[a-zA-Z0-9,-]+$/', $_POST[$this->_name]) || !$this->exists($_POST[$this->_name])) ) {
+ if ( isset($_POST[$this->_name]) && ((bool)ini_get('session.use_only_cookies') || !(bool)preg_match('/^[a-zA-Z0-9,-]+$/', $_POST[$this->_name]) || !$this->exists($_POST[$this->_name])) ) {
unset($_POST[$this->_name]);
}
- if ( isset($_COOKIE[$this->_name]) && (empty($_COOKIE[$this->_name]) || !(bool)preg_match('/^[a-zA-Z0-9,-]+$/', $_COOKIE[$this->_name]) || !$this->exists($_COOKIE[$this->_name])) ) {
+ if ( isset($_COOKIE[$this->_name]) && !(bool)preg_match('/^[a-zA-Z0-9,-]+$/', $_COOKIE[$this->_name]) ) {
setcookie($this->_name, '', time()-42000, $this->getCookieParameters('path'), $this->getCookieParameters('domain'));
+ unset($_COOKIE[$this->_name]);
}
if ( session_start() ) {

0 comments on commit 431925a

Please sign in to comment.