diff options
Diffstat (limited to 'usr')
| -rwxr-xr-x | usr/local/www/firewall_virtual_ip.php | 3 | ||||
| -rw-r--r-- | usr/local/www/headjs.php | 3 | ||||
| -rwxr-xr-x | usr/local/www/system_firmware.php | 5 | ||||
| -rw-r--r-- | usr/local/www/system_usermanager_passwordmg.php | 5 | ||||
| -rw-r--r-- | usr/local/www/upload_progress.php | 4 |
5 files changed, 19 insertions, 1 deletions
diff --git a/usr/local/www/firewall_virtual_ip.php b/usr/local/www/firewall_virtual_ip.php index e4aee0d..f2de3ea 100755 --- a/usr/local/www/firewall_virtual_ip.php +++ b/usr/local/www/firewall_virtual_ip.php @@ -124,11 +124,14 @@ if ($_GET['act'] == "del") { if (!$input_errors) { + if (!session_id()) + session_start(); $user = getUserEntry($_SESSION['Username']); if (is_array($user) && userHasPrivilege($user, "user-config-readonly")) { header("Location: firewall_virtual_ip.php"); exit; } + session_commit(); // Special case since every proxyarp vip is handled by the same daemon. if ($a_vip[$_GET['id']]['mode'] == "proxyarp") { diff --git a/usr/local/www/headjs.php b/usr/local/www/headjs.php index 4cf1ab2..197d806 100644 --- a/usr/local/www/headjs.php +++ b/usr/local/www/headjs.php @@ -48,7 +48,10 @@ function getHeadJS() { var input_errors = ''; jQuery(document).ready(init); "; + if (!session_id()) + session_start(); $_SESSION['NO_AJAX'] == "True" ? $noajax = "var noAjaxOnSubmit = true;" : $noajax = "var noAjaxOnSubmit = false;"; + session_commit(); $headjs .= " {$noajax} diff --git a/usr/local/www/system_firmware.php b/usr/local/www/system_firmware.php index 1a54d0d..26ead4b 100755 --- a/usr/local/www/system_firmware.php +++ b/usr/local/www/system_firmware.php @@ -213,7 +213,10 @@ include("head.inc"); <form action="system_firmware.php" method="post" enctype="multipart/form-data"> <?php /* Construct an upload_id for this session */ - $upload_id = "up". $_SESSION['Username']; + if (!session_id()) + $upload_id = uniqid(); + else + $upload_id = session_id(); ?> <input type="hidden" name="UPLOAD_IDENTIFIER" value="<?php echo $upload_id;?>" /> <?php include("fbegin.inc"); ?> diff --git a/usr/local/www/system_usermanager_passwordmg.php b/usr/local/www/system_usermanager_passwordmg.php index 0d64599..895d28d 100644 --- a/usr/local/www/system_usermanager_passwordmg.php +++ b/usr/local/www/system_usermanager_passwordmg.php @@ -64,12 +64,17 @@ if (isset($_POST['save'])) { } } +if (!session_id()) + session_start(); + /* determine if user is not local to system */ $islocal = false; foreach($config['system']['user'] as $user) if($user['name'] == $_SESSION['Username']) $islocal = true; +session_commit(); + include("head.inc"); ?> diff --git a/usr/local/www/upload_progress.php b/usr/local/www/upload_progress.php index 344ae67..812f7b7 100644 --- a/usr/local/www/upload_progress.php +++ b/usr/local/www/upload_progress.php @@ -38,12 +38,16 @@ include("guiconfig.inc"); +if (!session_id()) + session_start(); + // sanitize the ID value $id = $_SESSION['uploadid']; if (!$id) { echo gettext("Sorry, we could not find an uploadid code."); exit; } +session_commit(); // retrieve the upload data from APC $info = uploadprogress_get_info($id); |
