Security improvements

This commit is contained in:
Michael 2019-09-25 06:46:28 +00:00
parent 6a376c29d8
commit 1a1745c9fa

View File

@ -413,7 +413,7 @@ function public_contact()
* *
* @return int|bool visitor_id or false * @return int|bool visitor_id or false
*/ */
function remote_user($uid = 0) function remote_user($uid = null)
{ {
// You cannot be both local and remote. // You cannot be both local and remote.
// Unncommented by rabuzarus because remote authentication to local // Unncommented by rabuzarus because remote authentication to local
@ -426,15 +426,15 @@ function remote_user($uid = 0)
return false; return false;
} }
if (!empty($uid) && !empty($_SESSION['remote'])) { if (!is_null($uid) && !empty($_SESSION['remote'])) {
/// @todo replace it with this:
// if (!empty($_SESSION['remote'][$uid])) ...
foreach ($_SESSION['remote'] as $visitor) { foreach ($_SESSION['remote'] as $visitor) {
if ($visitor['uid'] == $uid) { if ($visitor['uid'] == $uid) {
return $visitor['cid']; return $visitor['cid'];
} }
} }
} } elseif (is_null($uid) && !empty($_SESSION['visitor_id'])) {
if (!empty($_SESSION['visitor_id'])) {
return intval($_SESSION['visitor_id']); return intval($_SESSION['visitor_id']);
} }