Permalink
Browse files

Allow uppercase letters, '-' and ',' in session ID

ref: http://www.php.net/manual/en/function.session-id.php
"The , (comma) and - (minus) characters are allowed in the file session handler."
  • Loading branch information...
1 parent 3b37d8c commit d2971121e90ae5a671626938f4dd94bb726a58f8 @drench drench committed Apr 29, 2012
Showing with 1 addition and 1 deletion.
  1. +1 −1 include/functions.php
View
@@ -53,7 +53,7 @@ function forum_session_start() {
else if (isset($_GET['PHPSESSID']))
$forum_session_id = $_GET['PHPSESSID'];
- if (empty($forum_session_id) || !preg_match('/^[a-z0-9]{16,32}$/', $forum_session_id))
+ if (empty($forum_session_id) || !preg_match('/^[a-z0-9\-,]{16,32}$/i', $forum_session_id))
{
// Create new session id
$forum_session_id = random_key(32, FALSE, TRUE);

0 comments on commit d297112

Please sign in to comment.