I found a Problem during Generating a SessionID.
When the ID exists in the table active_sessions
someone gets your auth data.
I'm using the Container Class ct_sql and I fixed this
as following:
File session.inc function get_id:
if ( "" == $id ) {
$newid=true;
while (!$id = $this->that->ac_newid(md5(uniqid($this-
>magic)), $this->name)){
$id = $this->that->ac_newid(md5(uniqid($this-
>magic)), $this->name);
}
}
File ct_sql.inc function ac_newid:
function ac_newid($str, $name) {
$query = "SELECT DISTINCTROW sid FROM ".$this-
>database_table." WHERE sid = '$str' AND name
= '$name'";
$this->db->query($uquery);
if ($this->db->affected_rows() == 0) {
return $str;
}
else {
return false;
}
}
Logged In: YES
user_id=19736
Please submit a diff against phplib-7.4pre1 or current CVS
and resubmit.
Also, how were you generating an id id that was already in
the DB?