* Fix the vulnerability that induces users to click on links with sessionID to bypass authentication.

This commit is contained in:
liugang
2024-05-13 16:56:38 +08:00
parent 6c59cb6c4d
commit 3be3a632f8
3 changed files with 6 additions and 1 deletions

View File

@@ -762,6 +762,10 @@ class baseHelper
register_shutdown_function('session_write_close');
}
session_start();
global $app;
if(isset($_SESSION['user'])) $app->user = $_SESSION['user'];
if(!isset($_SESSION['user'])) unset($app->user);
}
/**

View File

@@ -132,7 +132,6 @@ class file extends control
*/
public function download($fileID, $mouse = '')
{
if(session_id() != $this->app->sessionID) helper::restartSession($this->app->sessionID);
$file = $this->file->getById($fileID);
if(empty($file))
{

View File

@@ -74,4 +74,6 @@ if(!$app->setParams()) return;
$common->checkPriv();
$common->checkIframe();
if(session_id() != $app->sessionID) helper::restartSession($app->sessionID);
echo $app->outputPage();