FUDforum: Bug Reports » INSERTions into ses table for unknown users

Home » FUDforum Development » Bug Reports » INSERTions into ses table for unknown users (Fantom sessions?)

Show: Today's Messages :: Polls :: Message Navigator

Re: INSERTions into ses table for unknown users [message #168064 is a reply to message #168063]

Wed, 09 January 2013 02:14

San ???????
Messages: 4
Registered: January 2013

Karma:

Junior Member

I applied following quick&dirty hack to prevent my site from that kind of attacks:

306c306
<       do {
---
>       /* do { */
307a308
>               $id = $uid;
309c310
<       } while (!($id = db_li("INSERT INTO 2frmdb_ses (ses_id, time_sec, sys_id, user_id) VALUES ('".$ses_id."', ".__request_timestamp__.", '".ses_make_sysid()."', ".$uid.')', $ef, 1)));
---
>       /* } while (!($id = db_li("INSERT INTO 2frmdb_ses (ses_id, time_sec, sys_id, user_id) VALUES ('".$ses_id."', ".__request_timestamp__.", '".ses_make_sysid()."', ".$uid.')', $ef, 1))); */

The problem is that ses_anon_make() declared in more than one place. Strange code organization, yes...

Report message to a moderator

[Message index]

		INSERTions into ses table for unknown users By: San ??????? on Tue, 08 January 2013 17:00
		Re: INSERTions into ses table for unknown users By: Marticus on Tue, 08 January 2013 18:08
		Re: INSERTions into ses table for unknown users By: San ??????? on Tue, 08 January 2013 20:59
		Re: INSERTions into ses table for unknown users By: San ??????? on Wed, 09 January 2013 01:33
		Re: INSERTions into ses table for unknown users By: San ??????? on Wed, 09 January 2013 02:14
		Re: INSERTions into ses table for unknown users By: NeXuS on Tue, 15 January 2013 15:00
		Re: INSERTions into ses table for unknown users By: NeXuS on Tue, 15 January 2013 15:26
		Re: INSERTions into ses table for unknown users By: NeXuS on Tue, 15 January 2013 17:19

Previous Topic:	CKEditor conflicts with default formatting tools
Next Topic:	Censorship bug

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Fri May 10 05:19:07 GMT 2024

Total time taken to generate the page: 0.03311 seconds