[BUG?] Syntax is ok at Sources/QueryString.php about crawlers SESSIONID ?

Started by Pitufo, March 26, 2006, 03:57:42 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Pitufo

March 26, 2006, 03:57:42 PM
I'm sorry if this is a missunderstanding, PHP isn't my programming language. I were looking for the SESSIONID management all this afternoon, I found what I think may be a code error, and "solving" it seems to work fine.

First, see the original code (v1.0.6) near end of Sources/QueryString.php:

Code Select
// Do nothing if the session is cookied, or they are a crawler - guests are caught by redirectexit().  This doesn't work below PHP 4.3.0, because it makes the output buffer bigger.
if (empty($_COOKIE) && SID != '' && (!$user_info['is_guest'] || (strpos($_SERVER['HTTP_USER_AGENT'], 'Mozilla') !== false || strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') !== false)) && @version_compare(PHP_VERSION, '4.3.0') != -1)
$buffer = preg_replace('/"' . preg_quote($scripturl, '/') . '(?!\?' . preg_quote(SID, '/') . ')(\?)?/', '"' . $scripturl . '?' . SID . '&', $buffer);

I see this doesn't works like claims, a crawler also takes the SESSIONID parameter in the output.

After triying to insert some alterations, I found what may be a typo error, and changing it, seems to work fine with crawlers, AKA don't being SESSIONID'd.

Code Select
// Do nothing if the session is cookied, or they are a crawler - guests are caught by redirectexit().  This doesn't work below PHP 4.3.0, because it makes the output buffer bigger.
if (empty($_COOKIE) && SID != '' && (!$user_info['is_guest'] || (strpos($_SERVER['HTTP_USER_AGENT'], 'Mozilla') != false || strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') != false)) && @version_compare(PHP_VERSION, '4.3.0') != -1)
$buffer = preg_replace('/"' . preg_quote($scripturl, '/') . '(?!\?' . preg_quote(SID, '/') . ')(\?)?/', '"' . $scripturl . '?' . SID . '&', $buffer);

Look for the differences here:

(strpos($_SERVER['HTTP_USER_AGENT'], 'Mozilla') != false || strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') != false)

I read in this forum and all the net a big amount of information about triying to kick off this SESSIONID parameter for crawlers, but it seems is something prepared in the forum, only failing.

Is very strange to me to think is the real solution, specially when I use other programming languages and PHP isn't one I know more than a fly, and I'm very surprised, but I like to read a "you are crazy, this is ok" and let me the 1% opportunity to push the right button.

Thanks for your attention and excuse me if I'm in a mistake.

Regards.
Print
Go Up Pages1
User actions
Advertisement: