* Fix the vulnerability that induces users to click on links with sessionID to bypass authentication.
This commit is contained in:
@@ -762,6 +762,10 @@ class baseHelper
|
||||
register_shutdown_function('session_write_close');
|
||||
}
|
||||
session_start();
|
||||
|
||||
global $app;
|
||||
if(isset($_SESSION['user'])) $app->user = $_SESSION['user'];
|
||||
if(!isset($_SESSION['user'])) unset($app->user);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -132,7 +132,6 @@ class file extends control
|
||||
*/
|
||||
public function download($fileID, $mouse = '')
|
||||
{
|
||||
if(session_id() != $this->app->sessionID) helper::restartSession($this->app->sessionID);
|
||||
$file = $this->file->getById($fileID);
|
||||
if(empty($file))
|
||||
{
|
||||
|
||||
@@ -74,4 +74,6 @@ if(!$app->setParams()) return;
|
||||
$common->checkPriv();
|
||||
$common->checkIframe();
|
||||
|
||||
if(session_id() != $app->sessionID) helper::restartSession($app->sessionID);
|
||||
|
||||
echo $app->outputPage();
|
||||
|
||||
Reference in New Issue
Block a user