[PATCH 1/2] Fix invalid session ID check
Lukas Fleischer
lfleischer at archlinux.org
Sun Apr 5 15:06:05 UTC 2020
Signed-off-by: Lukas Fleischer <lfleischer at archlinux.org>
---
web/lib/aur.inc.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php
index dbcc23a..f4ad6b4 100644
--- a/web/lib/aur.inc.php
+++ b/web/lib/aur.inc.php
@@ -50,7 +50,7 @@ function check_sid() {
$result = $dbh->query($q);
$row = $result->fetch(PDO::FETCH_NUM);
- if (!$row[0]) {
+ if (!$row) {
# Invalid SessionID - hacker alert!
#
$failed = 1;
--
2.26.0
More information about the aur-dev
mailing list