-
Bug
-
Resolution: Fixed
-
None
-
3.0.x
-
None
-
PHP Environment:
Database:
I discovered this bug because I use Google banners on my site. GoogleAdsense uses a bot to retrieve and analyze all pages that contain the banners.
Imagine the following scenario:
- Bob logs in but doesn't check 'log me in automatically'
- Bob retrieves the page index.php?sid=f4ad2e010a398c8bc94b91b0dfd5f235 which contains a google banner
- Google notices that it doesn't know that page and spiders the page
- Google doesn't have a valid session (in a cookie or in the URL) so a session_create() is called
- session_create() sees that there is 'sid=f4ad2e010a398c8bc94b91b0dfd5f235' in the URL, sees that this session_id exists in the DB and updates the DB
- The GoogleBot's session is created with Bob's session id (overwriting Bob's session)
- Bob is suddenly logged out
- Bob complains
- I get annoyed
- I file this bug
It seems to be trivial to fix, that is, if there isn't a really good reason to recycle SIDs.
removing this if statement should do the trick:
if (!$this->session_id || !$db->sql_query($sql) || !$db->sql_affectedrows())
|