summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Schneider2024-03-29 13:11:03 +0100
committerChristian Schneider2024-03-29 13:11:03 +0100
commitd030a6098f4a1ff0638c6d0c31f942a00ddd18e9 (patch)
tree10a8f9414b44d1628dae2564fb7f27d3df8aaff2
parentd406a077e01ae593e2f5b01df2118c64025b71ea (diff)
downloaditools-d030a6098f4a1ff0638c6d0c31f942a00ddd18e9.tar.gz
itools-d030a6098f4a1ff0638c6d0c31f942a00ddd18e9.tar.bz2
itools-d030a6098f4a1ff0638c6d0c31f942a00ddd18e9.zip
Ignore array values in cookie (fuzzer warning mail2502)
-rw-r--r--it_session.class2
1 files changed, 1 insertions, 1 deletions
diff --git a/it_session.class b/it_session.class
index 7b8a97c..0e17293 100644
--- a/it_session.class
+++ b/it_session.class
@@ -94,7 +94,7 @@ function init()
it::fatal('it_session requires secret to be set');
/* Got a cookie? */
- if ($this->hascookies = isset($_COOKIE[$this->cookiename]))
+ if ($this->hascookies = isset($_COOKIE[$this->cookiename]) && is_string($_COOKIE[$this->cookiename]))
$this->cookie = $_COOKIE[$this->cookiename];
else
$this->cookie = '';