Checking all values for $_SESSION

See https://github.com/friendica/friendica/issues/6918#issuecomment-491492826
This commit is contained in:
Philipp Holzer 2019-05-29 19:55:18 +02:00
parent 3015135750
commit e853e256c7
No known key found for this signature in database
GPG key ID: D8365C3D36B77D90

View file

@ -7,8 +7,8 @@ use Friendica\Core\System;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Model\Contact; use Friendica\Model\Contact;
use Friendica\Model\Profile; use Friendica\Model\Profile;
use Friendica\Util\Strings;
use Friendica\Util\Network; use Friendica\Util\Network;
use Friendica\Util\Strings;
function redir_init(App $a) { function redir_init(App $a) {
@ -70,7 +70,10 @@ function redir_init(App $a) {
&& is_array($_SESSION['remote'])) && is_array($_SESSION['remote']))
{ {
foreach ($_SESSION['remote'] as $v) { foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $_SESSION['visitor_visiting'] && $v['cid'] == $_SESSION['visitor_id']) { if (!empty($v['uid']) && !empty($_SESSION['visitor_visiting']) &&
!empty($v['cid']) && !empty($_SESSION['visitor_id']) &&
$v['uid'] == $_SESSION['visitor_visiting'] &&
$v['cid'] == $_SESSION['visitor_id']) {
// Remote user is already authenticated. // Remote user is already authenticated.
$target_url = defaults($url, $contact_url); $target_url = defaults($url, $contact_url);
Logger::log($contact['name'] . " is already authenticated. Redirecting to " . $target_url, Logger::DEBUG); Logger::log($contact['name'] . " is already authenticated. Redirecting to " . $target_url, Logger::DEBUG);