diff --git a/classes/context/Context.class.php b/classes/context/Context.class.php index c23563452..23208af4c 100644 --- a/classes/context/Context.class.php +++ b/classes/context/Context.class.php @@ -1267,15 +1267,17 @@ class Context $val = array($val); } + $result = array(); foreach($val as $k => $v) { + $k = htmlentities($k); if($key === 'page' || $key === 'cpage' || substr_compare($key, 'srl', -3) === 0) { - $val[$k] = !preg_match('/^[0-9,]+$/', $v) ? (int) $v : $v; + $result[$k] = !preg_match('/^[0-9,]+$/', $v) ? (int) $v : $v; } elseif($key === 'mid' || $key === 'vid' || $key === 'search_keyword') { - $val[$k] = htmlspecialchars($v, ENT_COMPAT | ENT_HTML401, 'UTF-8', FALSE); + $result[$k] = htmlspecialchars($v, ENT_COMPAT | ENT_HTML401, 'UTF-8', FALSE); } else { @@ -1286,12 +1288,12 @@ class Context if(!is_array($v)) { - $val[$k] = trim($v); + $result[$k] = trim($v); } } } - return $isArray ? $val : $val[0]; + return $isArray ? $result : $result[0]; } /** diff --git a/config/config.inc.php b/config/config.inc.php index 8076a91a7..e436273cc 100644 --- a/config/config.inc.php +++ b/config/config.inc.php @@ -29,7 +29,7 @@ define('__ZBXE__', __XE__); /** * Display XE's full version. */ -define('__XE_VERSION__', '1.7.6'); +define('__XE_VERSION__', '1.7.7'); define('__XE_VERSION_ALPHA__', (stripos(__XE_VERSION__, 'alpha') !== false)); define('__XE_VERSION_BETA__', (stripos(__XE_VERSION__, 'beta') !== false)); define('__XE_VERSION_RC__', (stripos(__XE_VERSION__, 'rc') !== false)); diff --git a/modules/member/member.controller.php b/modules/member/member.controller.php index 471022202..769944157 100644 --- a/modules/member/member.controller.php +++ b/modules/member/member.controller.php @@ -1873,8 +1873,7 @@ class memberController extends member function validateSession() { $destory_session = false; - - if($_SESSION['ipaddress'] != $_SERVER['REMOTE_ADDR']) $destory_session = true; + if($_SESSION['destroyed'] === true) $destory_session = true; if($destory_session) { @@ -1887,9 +1886,16 @@ class memberController extends member function regenerateSession() { - if(!$_SESSION['session_checkup'] || time() - $_SESSION['session_checkup'] > 30) + if(!$_SESSION['session_checkup']) { - session_regenerate_id(true); + $_SESSION['session_checkup'] = time(); + } + + if(time() - $_SESSION['session_checkup'] >= 1) + { + $_SESSION['destroyed'] = true; + session_regenerate_id(); + $_SESSION['destroyed'] = false; $_SESSION['session_checkup'] = time(); } } diff --git a/modules/member/skins/default/find_member_account.html b/modules/member/skins/default/find_member_account.html index 1b7cf67e2..bba843e46 100644 --- a/modules/member/skins/default/find_member_account.html +++ b/modules/member/skins/default/find_member_account.html @@ -6,7 +6,7 @@

{$XE_VALIDATOR_MESSAGE}

-
+ @@ -25,7 +25,7 @@

{$XE_VALIDATOR_MESSAGE}

- + @@ -59,7 +59,7 @@

{$XE_VALIDATOR_MESSAGE}

- +