diff options
author | justauser <[email protected]> | 2013-07-07 13:54:10 -0400 |
---|---|---|
committer | justauser <[email protected]> | 2013-07-07 13:54:10 -0400 |
commit | e4e9ac1fc288d6715f6419cd4c8a44386362ecf0 (patch) | |
tree | c92f9b0f8790866881cd0fbe230ee0d35dfb09b2 /include | |
parent | 47fecba235400e0d7a5a7c54c9ff201c0840deec (diff) | |
parent | 1016a4ef38aba68bc6106015b10d6d3970b72d5e (diff) |
Merge branch 'master' of http://github.com/gothfox/Tiny-Tiny-RSS
updating from github]
Diffstat (limited to 'include')
-rw-r--r-- | include/functions.php | 3 | ||||
-rw-r--r-- | include/sessions.php | 18 |
2 files changed, 18 insertions, 3 deletions
diff --git a/include/functions.php b/include/functions.php index 397605c5a..cf35d6fa2 100644 --- a/include/functions.php +++ b/include/functions.php @@ -3788,7 +3788,7 @@ * @return string Absolute URL */ function rewrite_relative_url($url, $rel_url) { - if (strpos($rel_url, "magnet:") === 0) { + if (strpos($rel_url, ":") !== false) { return $rel_url; } else if (strpos($rel_url, "://") !== false) { return $rel_url; @@ -3958,6 +3958,7 @@ $reg_qpart = "REGEXP"; foreach ($filter["rules"] AS $rule) { + $rule['reg_exp'] = str_replace('/', '\/', $rule["reg_exp"]); $regexp_valid = preg_match('/' . $rule['reg_exp'] . '/', $rule['reg_exp']) !== FALSE; diff --git a/include/sessions.php b/include/sessions.php index 423ef0eda..66214afe7 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -62,11 +62,17 @@ return false; } - if ($_SESSION["ref_schema_version"] != session_get_schema_version(true)) + if ($_SESSION["ref_schema_version"] != session_get_schema_version(true)) { + $_SESSION["login_error_msg"] = + __("Session failed to validate (schema version changed)"); return false; + } - if (sha1($_SERVER['HTTP_USER_AGENT']) != $_SESSION["user_agent"]) + if (sha1($_SERVER['HTTP_USER_AGENT']) != $_SESSION["user_agent"]) { + $_SESSION["login_error_msg"] = + __("Session failed to validate (user agent changed)"); return false; + } if ($_SESSION["uid"]) { $result = Db::get()->query( @@ -74,11 +80,19 @@ // user not found if (Db::get()->num_rows($result) == 0) { + + $_SESSION["login_error_msg"] = + __("Session failed to validate (user not found)"); + return false; } else { $pwd_hash = Db::get()->fetch_result($result, 0, "pwd_hash"); if ($pwd_hash != $_SESSION["pwd_hash"]) { + + $_SESSION["login_error_msg"] = + __("Session failed to validate (password changed)"); + return false; } } |