Bug #19867 » bug_10205_v4.diff
| typo3/sysext/cms/tslib/class.tslib_feuserauth.php (Arbeitskopie) | ||
|---|---|---|
|
* @see storeSessionData()
|
||
|
*/
|
||
|
function fetchSessionData() {
|
||
|
// Gets SesData if any
|
||
|
if ($this->id) {
|
||
|
// Gets SesData if any AND if not already selected by session fixation check in ->isExistingSessionRecord()
|
||
|
if ($this->id && !count($this->sesData)) {
|
||
|
$dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'fe_session_data', 'hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, 'fe_session_data'));
|
||
|
if ($sesDataRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres)) {
|
||
|
$this->sesData = unserialize($sesDataRow['content']);
|
||
| ... | ... | |
|
}
|
||
|
}
|
||
|
}
|
||
|
/**
|
||
|
* Determine whether there's an according session record to a given session_id
|
||
|
* in the database. Don't care if session record is still valid or not.
|
||
|
*
|
||
|
* This calls the parent function but additionally tries to look up the session ID in the "fe_session_data" table.
|
||
|
*
|
||
|
* @param integer Claimed Session ID
|
||
|
* @return boolean Returns true if a corresponding session was found in the database
|
||
|
*/
|
||
|
function isExistingSessionRecord($id) {
|
||
|
// Perform check in parent function
|
||
|
$count = parent::isExistingSessionRecord($id);
|
||
|
if ($count == false) {
|
||
|
$dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
|
||
|
'content',
|
||
|
'fe_session_data',
|
||
|
'hash=' . $GLOBALS['TYPO3_DB']->fullQuoteStr($id, 'fe_session_data')
|
||
|
);
|
||
|
if ($dbres !== false) {
|
||
|
if ($sesDataRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres)) {
|
||
|
$count = true;
|
||
|
$this->sesData = unserialize($sesDataRow['content']);
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
return $count;
|
||
|
}
|
||
|
}
|
||