From 1a1745c9fa20883e65948040a92866998d78e1ec Mon Sep 17 00:00:00 2001
From: Michael <heluecht@pirati.ca>
Date: Wed, 25 Sep 2019 06:46:28 +0000
Subject: [PATCH] Security improvements

---
 boot.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/boot.php b/boot.php
index 4c9a1a5e8c..224eba1f45 100644
--- a/boot.php
+++ b/boot.php
@@ -413,7 +413,7 @@ function public_contact()
  *
  * @return int|bool visitor_id or false
  */
-function remote_user($uid = 0)
+function remote_user($uid = null)
 {
 	// You cannot be both local and remote.
 	// Unncommented by rabuzarus because remote authentication to local
@@ -426,15 +426,15 @@ function remote_user($uid = 0)
 		return false;
 	}
 
-	if (!empty($uid) && !empty($_SESSION['remote'])) {
+	if (!is_null($uid) && !empty($_SESSION['remote'])) {
+		/// @todo replace it with this:
+		// if (!empty($_SESSION['remote'][$uid])) ...
 		foreach ($_SESSION['remote'] as $visitor) {
 			if ($visitor['uid'] == $uid) {
 				return $visitor['cid'];
 			}
 		}
-	}
-
-	if (!empty($_SESSION['visitor_id'])) {
+	} elseif (is_null($uid) && !empty($_SESSION['visitor_id'])) {
 		return intval($_SESSION['visitor_id']);
 	}