| File: |
htdocs/class/xoopssecurity.php |
| Role: |
Class source |
| Content type: |
text/plain |
| Description: |
Class source |
| Class: |
Xoops 2.5
Modular content management publication system |
| Author: |
By Michael Beck |
| Last change: |
Merge pull request #1586 from mambax7/feature/Cannot_use_bool_as_array
fix for Cannot use bool as array
copyright update
PR#1511 introduced a new bug: when calling: ```$GLOBALS['xoopsSecurity']->check()```
it was returning error: 'No valid token found' because by calling session_write_close() in createToken(), the session is closed prematurely. When the script continues execution (e.g., during token validation), the session is no longer active, and attempts to access or modify $_SESSION fail or start a new session, resulting in the token not being found.
Commenting out session_write_close() keeps the session open, so $_SESSION remains accessible, and validateToken() should find the token without needing to restart the session.
As a safeguard, I've added:
```php
if (session_status() !== PHP_SESSION_ACTIVE) {
session_start();
}
```
Fix problem with admin save preference
Null coalescing operator
PER-CS formatting
short array
Merge pull request #1239 from Andrew-Staves-Activ/notificationhandler_subscribe_success
Use string not object
Cleanup in \XoopsSecurity::checkBadips()
- Remove unset()s, fixes #1085
- Use Xmf\IPAddress::fromRequest() to obtain address (does proxy check)
- Correct sample added by installer with "\." needed for regex
Merge branch 'feature/php8_templates' of https://github.com/mambax7/XoopsCore25 into feature/php8_templates
# Conflicts:
# htdocs/themes/xswatch4/modules/publisher/publisher_item.tpl
Merge xswatch4
|
| Date: |
2 months ago |
| Size: |
9,067 bytes |
|
|
|
