Changeset 608 for branches/1.1dev/lib
- Timestamp:
- Jul 13, 2017 1:50:49 PM (7 years ago)
- Location:
- branches/1.1dev/lib
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/1.1dev/lib/App.inc.php
r604 r608 198 198 199 199 if (isset($url) && is_string($url)) { 200 // Delete any boomerang request keys in the query string .201 $url = preg_replace( '/boomerang=[\w]+/', '', $url);202 203 if (is _array($_SESSION['_boomerang']['url']) && !empty($_SESSION['_boomerang']['url'])) {200 // Delete any boomerang request keys in the query string (along with any trailing delimiters after the deletion). 201 $url = preg_replace(array('/([&?])boomerang=[^&?]+[&?]?/', '/[&?]$/'), array('$1', ''), $url); 202 203 if (isset($_SESSION['_boomerang']['url']) && is_array($_SESSION['_boomerang']['url']) && !empty($_SESSION['_boomerang']['url'])) { 204 204 // If the URL currently exists in the boomerang array, delete. 205 205 while ($existing_key = array_search($url, $_SESSION['_boomerang']['url'])) { -
branches/1.1dev/lib/AuthSQL.inc.php
r585 r608 234 234 'last_access_datetime' => date('Y-m-d H:i:s'), 235 235 'remote_ip' => getRemoteAddr(), 236 'abuse_warning_level' => $user_data['abuse_warning_level'],236 'abuse_warning_level' => isset($user_data['abuse_warning_level']) ? $user_data['abuse_warning_level'] : 0, 237 237 'login_abuse_exempt' => isset($user_data['login_abuse_exempt']) ? !empty($user_data['login_abuse_exempt']) : in_array(strtolower($username), $this->_params['login_abuse_exempt_usernames']), 238 238 'match_remote_ip_exempt'=> isset($user_data['match_remote_ip_exempt']) ? !empty($user_data['match_remote_ip_exempt']) : in_array(strtolower($username), $this->_params['match_remote_ip_exempt_usernames']), … … 375 375 // Do we match the user's remote IP at all? Yes, if set in config and not disabled for specific user. 376 376 if ($this->getFeature('match_remote_ip') && !$this->getVal('match_remote_ip_exempt')) { 377 $remote_ip_is_matched = ( $_SESSION[$this->_auth_name]['remote_ip'] == getRemoteAddr() || $user_in_trusted_network);377 $remote_ip_is_matched = (isset($_SESSION[$this->_auth_name]['remote_ip']) && $_SESSION[$this->_auth_name]['remote_ip'] == getRemoteAddr() || $user_in_trusted_network); 378 378 } else { 379 379 logMsg(sprintf('%s%s exempt from remote_ip match.',
Note: See TracChangeset
for help on using the changeset viewer.