[bug/58025] Search robots are now redirected if they send a SID in th…

…e request Previously search robots could stumble upon a board link somewhere on the web containing a SID they'd follow it and end up indexing that page with the SID in the request URI, this fix prevents that by redirecting them to the same URI just without the SID.
phpbb · Mar 13, 2010 · d07e152 · d07e152
1 parent 60bd1ed
commit d07e152
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 0 deletions.
diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
@@ -103,6 +103,7 @@ <h1>Changelog</h1>
 		<li>[Fix] Allow multibyte keys in request_var(). (Bug #51555)</li>
 		<li>[Fix] Prevent wrong tar archive type detection. (Bug #12531)</li>
 		<li>[Fix] Correct redirection after login to forum not in web root (Bug #58755)</li>
+		<li>[Fix] Redirect search engines that access pages with SIDs in the URL. (Bug #58025)</li>
 		<li>[Feature] Support for Microsoft's Native SQL Server Driver for PHP (Bug #57055 - Patch by Chris Pucci at Microsoft)</li>
 	</ul>
 

diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
@@ -608,6 +608,12 @@ function session_create($user_id = false, $set_admin = false, $persist_login = f
 		}
 		else
 		{
+			// Bot user, if they have a SID in the Request URI we need to get rid of it
+			// otherwise they'll index this page with the SID, duplicate content oh my!
+			if (isset($_GET['sid']))
+			{
+				redirect(build_url(array('sid')));
+			}
 			$this->data['session_last_visit'] = $this->time_now;
 		}