make it actually extend the session, also improve debug on the image page

2 files changed, 8 insertions, 3 deletions

diff --git a/lib/class/shoutbox.class.php b/lib/class/shoutbox.class.php
index d0c591d3..80da983d 100644
--- a/lib/class/shoutbox.class.php
+++ b/lib/class/shoutbox.class.php
@@ -69,7 +69,7 @@ class shoutBox {
 
 		// If we've already got too many stop here
 		if (count($shouts) > $limit) { 
-			$shouts = array_slice(0,$limit,$shouts); 
+			$shouts = array_slice($shouts,0,$limit); 
 			return $shouts; 
 		} 
 
@@ -213,7 +213,7 @@ class shoutBox {
         public function delete($shout_id) {
 
                 // Delete the shoutbox post
-		
+		$shout_id = Dba::escape($shout_id); 
                 $sql = "DELETE FROM `user_shout` WHERE `id`='$shout_id'";
                 $db_results = Dba::write($sql);
 		
diff --git a/lib/init.php b/lib/init.php
index 7b0361d1..3405a754 100644
--- a/lib/init.php
+++ b/lib/init.php
@@ -200,7 +200,10 @@ if (in_array("http",$results['auth_methods']) AND empty($_COOKIE[$session_name])
 // If we want a session
 if (NO_SESSION != '1' AND Config::get('use_auth')) { 
 	/* Verify Their session */
-	if (!vauth::check_session()) { vauth::logout(session_id()); exit; }
+	if (!vauth::session_exists('interface',$_COOKIE[Config::get('session_name')])) { vauth::logout($_COOKIE[Config::get('session_name')]); exit; } 
+	
+	// This actually is starting the session
+	vauth::check_session();
 
 	/* Create the new user */
 	$GLOBALS['user'] = User::get_from_username($_SESSION['userdata']['username']);
@@ -208,6 +211,8 @@ if (NO_SESSION != '1' AND Config::get('use_auth')) {
 	/* If they user ID doesn't exist deny them */
 	if (!$GLOBALS['user']->id AND !Config::get('demo_mode')) { vauth::logout(session_id()); exit; } 
 
+	vauth::session_extend(session_id()); 
+
 	/* Load preferences and theme */
 	$GLOBALS['user']->update_last_seen();
 }