Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Committing skodak's fixes for sc#40 and #42

  • Loading branch information...
commit 9a4a7d0040c99358a33118f8f091734112b7385c 1 parent c3155c0
mjollnir_ authored

Showing 1 changed file with 19 additions and 1 deletion. Show diff stats Hide diff stats

  1. +19 1 lib/setup.php
20 lib/setup.php
@@ -175,6 +175,16 @@
175 175 $_POST[$key] = $var;
176 176 }
177 177 }
  178 + foreach ($_COOKIE as $key => $var) {
  179 + if (!is_array($var)) {
  180 + $_COOKIE[$key] = addslashes($var);
  181 + } else {
  182 + foreach ($var as $arrkey => $arrvar) {
  183 + $var[$arrkey] = addslashes($arrvar);
  184 + }
  185 + $_COOKIE[$key] = $var;
  186 + }
  187 + }
178 188 }
179 189
180 190
@@ -196,7 +206,11 @@
196 206 /// Load up global environment variables
197 207
198 208 class object {};
199   -
  209 +
  210 + unset(${'MoodleSession'.$CFG->sessioncookie});
  211 + unset($_GET['MoodleSession'.$CFG->sessioncookie]);
  212 + unset($_POST['MoodleSession'.$CFG->sessioncookie]);
  213 +
200 214 if (!isset($nomoodlecookie)) {
201 215 session_name('MoodleSession'.$CFG->sessioncookie);
202 216 @session_start();
@@ -210,6 +224,10 @@ class object {};
210 224 $SESSION = &$_SESSION['SESSION']; // Makes them easier to reference
211 225 $USER = &$_SESSION['USER'];
212 226 }
  227 + else {
  228 + $SESSION = NULL;
  229 + $USER = NULL;
  230 + }
213 231
214 232 if (defined('FULLME')) { // Usually in command-line scripts like admin/cron.php
215 233 $FULLME = FULLME;

0 comments on commit 9a4a7d0

Please sign in to comment.
Something went wrong with that request. Please try again.