PhpDig.net

Go Back   PhpDig.net > PhpDig Forums > Bug Tracker

Reply
 
Thread Tools
Old 11-23-2004, 05:52 AM   #1
Edomondo
Orange Mole
 
Edomondo's Avatar
 
Join Date: Jan 2004
Location: In outer space
Posts: 37
Bug with PHPDIG_SESSID_VAR?

It seems that the session ID remover have a small bug.

With the original configuration:
define('PHPDIG_SESSID_VAR','PHPSESSID,s');
every variable passed in the URL ending with one value of PHPDIG_SESSID_VAR are disregarded.

I add a problem with index.php?series=001 turned into index.php?serie.

Where is the function that uses PHPDIG_SESSID_VAR?
Edomondo is offline   Reply With Quote
Old 11-30-2004, 08:56 AM   #2
indeh
Green Mole
 
Join Date: Oct 2004
Posts: 3
Exclamation

I can confirm this bug. The function is phpdigSessionRemoveIt in robot_functions.php (line 1776):

PHP Code:
function phpdigSessionRemoveIt($what,$eval) {
    
$what trim($what);
    
$eval ereg_replace($what.'=[a-zA-Z0-9.,;=/-]*','',$eval);
    
$eval str_replace("&&","&",$eval);
    
$eval str_replace("?&","?",$eval);
    
$eval eregi_replace("&$","",$eval);
    
$eval str_replace("&&","&",$eval);
    
$eval eregi_replace("[?][&]","?",$eval);
    
$eval eregi_replace("&$","",$eval);
    
$eval ereg_replace("[?]$","",$eval); // remove trailing question mark
    
return $eval;

My regex skills are kind of rusty at the moment, but shouldn't the second line of the function be something more like:

PHP Code:
    $eval ereg_replace('([?&])'.$what.'=[a-zA-Z0-9.,;=/-]*','\\1',$eval); 
indeh is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Do i need help or is it a bug? se7en Troubleshooting 2 03-16-2006 06:23 AM
IE bug? FaberFedor Troubleshooting 6 01-30-2005 03:39 PM
Looks Like A Small Bug In 1.8.1 vinyl-junkie Troubleshooting 6 07-07-2004 08:04 PM
Not really a bug cybercox Mod Requests 0 04-04-2004 06:03 AM
bug... shadow00 Troubleshooting 2 12-16-2003 12:01 PM


All times are GMT -8. The time now is 12:30 PM.


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright © 2001 - 2005, ThinkDing LLC. All Rights Reserved.