Changeset 1003 for branches/branch-1_5/upload.php

Timestamp:

Jan 15, 2006, 1:52:55 PM (18 years ago)

Author:

nikrou

Message:

Improve security of sessions:

• use only cookies to store session id on client side
• use default php session system with database handler to store sessions on server side

File:

• branches/branch-1_5/upload.php (modified) (2 diffs)

branches/branch-1_5/upload.php

@@ -126 +126 @@
   {
     echo '<div style="text-align:center;">'.$lang['upload_forbidden'].'<br />';
-    echo '<a href="'.add_session_id( './category.php' ).'">';
+    echo '<a href="./category.php">';
     echo $lang['thumbnails'].'</a></div>';
     exit();
@@ -300 +300 @@
   'L_MANDATORY' =>  $lang['mandatory'],
         
-  'F_ACTION' => add_session_id( $u_form ),
-
-  'U_RETURN' => add_session_id(PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING'])
+  'F_ACTION' => $u_form,
+
+  'U_RETURN' => PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING']
   ));