Commit: 638a3fb1819c1b85690f07507a911aede9fe0be2 Author: Kalle Sommer Nielsen <[email protected]> Tue, 25 Jul 2017 19:34:34 +0200 Parents: bd1cc0b9c63fd3ba4bca0e29a572a7bca1307553 Branches: master
Link: http://git.php.net/?p=web/bugs.git;a=commitdiff;h=638a3fb1819c1b85690f07507a911aede9fe0be2 Log: Hopefully last round of fixes for missing session_start() calls, also fixes a poor call to redirect() in login.php Changed paths: M www/bugs-getting-valgrind-log.php M www/error.php M www/fix.php M www/gh-pull-add.php M www/how-to-report.php M www/login.php M www/logout.php M www/patch-display.php M www/rpc.php Diff: diff --git a/www/bugs-getting-valgrind-log.php b/www/bugs-getting-valgrind-log.php index 2ff0b9f..1a5c821 100644 --- a/www/bugs-getting-valgrind-log.php +++ b/www/bugs-getting-valgrind-log.php @@ -1,4 +1,7 @@ <?php + +session_start(); + require_once '../include/prepend.php'; // Authenticate diff --git a/www/error.php b/www/error.php index ac46e81..3d70303 100644 --- a/www/error.php +++ b/www/error.php @@ -1,5 +1,7 @@ <?php +session_start(); + /* The bug system error page */ // Obtain common includes diff --git a/www/fix.php b/www/fix.php index 62947ca..eae3720 100644 --- a/www/fix.php +++ b/www/fix.php @@ -1,4 +1,7 @@ <?php + +session_start(); + /* Admin interface for closing bug reports via direct link */ // Obtain common includes diff --git a/www/gh-pull-add.php b/www/gh-pull-add.php index e90a33a..f9babd0 100644 --- a/www/gh-pull-add.php +++ b/www/gh-pull-add.php @@ -32,7 +32,6 @@ if (!($buginfo = bugs_get_bug($bug_id))) { $package_name = $buginfo['package_name']; // Authenticate -bugs_authenticate($user, $pw, $logged_in, $user_flags); $is_trusted_developer = ($user_flags & BUGS_TRUSTED_DEV); // captcha is not necessary if the user is logged in diff --git a/www/how-to-report.php b/www/how-to-report.php index 8deac70..50105c8 100644 --- a/www/how-to-report.php +++ b/www/how-to-report.php @@ -1,4 +1,7 @@ <?php + +session_start(); + require_once '../include/prepend.php'; // Authenticate diff --git a/www/login.php b/www/login.php index ee0f0f8..5c15530 100644 --- a/www/login.php +++ b/www/login.php @@ -5,7 +5,7 @@ session_start(); require_once '../include/prepend.php'; if (!empty($_SESSION['user'])) { - redirect('location: index.php'); + redirect('index.php'); } response_header('Login'); diff --git a/www/logout.php b/www/logout.php index 8cd6b04..ce542a1 100644 --- a/www/logout.php +++ b/www/logout.php @@ -4,6 +4,10 @@ session_start(); require_once '../include/prepend.php'; +if (!isset($_SESSION['user']) || empty($_SESSION['user'])) { + redirect('index.php'); +} + unset($_SESSION['user']); session_destroy(); diff --git a/www/patch-display.php b/www/patch-display.php index 5c05942..1fed782 100644 --- a/www/patch-display.php +++ b/www/patch-display.php @@ -2,12 +2,12 @@ session_start(); -// Authenticate -bugs_authenticate($user, $pw, $logged_in, $user_flags); - // Obtain common includes require_once '../include/prepend.php'; +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + if (!isset($_GET['bug_id']) && !isset($_GET['bug'])) { response_header('Error :: no bug selected'); display_bug_error('No patch selected to view'); diff --git a/www/rpc.php b/www/rpc.php index df891bc..4a00a7c 100644 --- a/www/rpc.php +++ b/www/rpc.php @@ -2,7 +2,7 @@ session_start(); -$bug_id = (int) $_REQUEST['id']; +$bug_id = (isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : 0); if (!$bug_id) { echo json_encode(array('result' => array('error' => 'Missing bug id'))); -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
