From f9fb6c70ac832c0fce74dc922079498d9e0fe8e8 Mon Sep 17 00:00:00 2001 From: Roland Haeder Date: Thu, 17 Apr 2014 23:38:15 +0200 Subject: [PATCH] Function getSession() does now only use secureString() if no database connection is there. This saves some "expensive" calls to the EL-code functions. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Roland Häder --- inc/session-functions.php | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/inc/session-functions.php b/inc/session-functions.php index 5421c1f013..954d233c3d 100644 --- a/inc/session-functions.php +++ b/inc/session-functions.php @@ -10,11 +10,6 @@ * -------------------------------------------------------------------- * * Kurzbeschreibung : Sitzungsrelevante Funktionen * * -------------------------------------------------------------------- * - * $Revision:: $ * - * $Date:: $ * - * $Tag:: 0.2.1-FINAL $ * - * $Author:: $ * - * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2009 by Roland Haeder * * Copyright (c) 2009 - 2013 by Mailer Developer Team * * For more information visit: http://mxchange.org * @@ -100,7 +95,13 @@ function getSession ($var) { // Is the variable there? if (isSessionVariableSet($var)) { // Then get it secured! - $value = sqlEscapeString($GLOBALS['_SESSION'][$var]); + if ((isInstaller()) || (!isSqlLinkUp())) { + // Secure string without escaping (and compiling) + $value = secureString($GLOBALS['_SESSION'][$var]); + } else { + // Escape string with SQL driver + $value = sqlEscapeString($GLOBALS['_SESSION'][$var]); + } } // END - if // Return the value -- 2.39.5