diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2008-01-13 05:59:13 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2008-01-13 05:59:13 +0000 |
| commit | cba4a991c0f554c2b5e3dec7e882476ff73760bb (patch) | |
| tree | 1c1ce94578b23e8ef4e8350b525c61441bc78a65 /lib/class/vauth.class.php | |
| parent | 40a6aaea253631c6e54cd28bc957ada5d12e6e39 (diff) | |
| download | ampache-cba4a991c0f554c2b5e3dec7e882476ff73760bb.tar.gz ampache-cba4a991c0f554c2b5e3dec7e882476ff73760bb.tar.bz2 ampache-cba4a991c0f554c2b5e3dec7e882476ff73760bb.zip | |
minor tweaks to session insertion to prevent crazy people with http agent strings over 255 from breaking the query, also fixed missing truncate
Diffstat (limited to 'lib/class/vauth.class.php')
| -rw-r--r-- | lib/class/vauth.class.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/class/vauth.class.php b/lib/class/vauth.class.php index 761e5a65..a7d2dc91 100644 --- a/lib/class/vauth.class.php +++ b/lib/class/vauth.class.php @@ -264,10 +264,10 @@ class vauth { } // end switch on data type $username = Dba::escape($data['username']); - $ip = Dba::escape(ip2int($_SERVER['REMOTE_ADDR'])); + $ip = $_SERVER['REMOTE_ADDR'] ? Dba::escape(ip2int($_SERVER['REMOTE_ADDR'])) : '0'; $type = Dba::escape($data['type']); $value = Dba::escape($data['value']); - $agent = Dba::escape($_SERVER['HTTP_USER_AGENT']); + $agent = Dba::escape(substr($_SERVER['HTTP_USER_AGENT'],0,254)); $expire = Dba::escape(time() + Config::get('session_length')); /* We can't have null things here people */ |