Go Back > PhpDig Forums > Bug Tracker

Thread Tools
Old 11-23-2004, 06:52 AM   #1
Orange Mole
Edomondo's Avatar
Join Date: Jan 2004
Location: In outer space
Posts: 37

It seems that the session ID remover have a small bug.

With the original configuration:
every variable passed in the URL ending with one value of PHPDIG_SESSID_VAR are disregarded.

I add a problem with index.php?series=001 turned into index.php?serie.

Where is the function that uses PHPDIG_SESSID_VAR?
Edomondo is offline   Reply With Quote
Old 11-30-2004, 09:56 AM   #2
Green Mole
Join Date: Oct 2004
Posts: 3

I can confirm this bug. The function is phpdigSessionRemoveIt in robot_functions.php (line 1776):

PHP Code:
function phpdigSessionRemoveIt($what,$eval) {
$what trim($what);
$eval ereg_replace($what.'=[a-zA-Z0-9.,;=/-]*','',$eval);
$eval str_replace("&&","&",$eval);
$eval str_replace("?&","?",$eval);
$eval eregi_replace("&$","",$eval);
$eval str_replace("&&","&",$eval);
$eval eregi_replace("[?][&]","?",$eval);
$eval eregi_replace("&$","",$eval);
$eval ereg_replace("[?]$","",$eval); // remove trailing question mark
return $eval;

My regex skills are kind of rusty at the moment, but shouldn't the second line of the function be something more like:

PHP Code:
    $eval ereg_replace('([?&])'.$what.'=[a-zA-Z0-9.,;=/-]*','\\1',$eval); 
indeh is offline   Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Do i need help or is it a bug? se7en Troubleshooting 2 03-16-2006 07:23 AM
IE bug? FaberFedor Troubleshooting 6 01-30-2005 04:39 PM
Looks Like A Small Bug In 1.8.1 vinyl-junkie Troubleshooting 6 07-07-2004 09:04 PM
Not really a bug cybercox Mod Requests 0 04-04-2004 07:03 AM
bug... shadow00 Troubleshooting 2 12-16-2003 01:01 PM

All times are GMT -8. The time now is 04:17 PM.

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Copyright © 2001 - 2005, ThinkDing LLC. All Rights Reserved.