Some more glitches fixed away...

[mailer.git] / inc / session.php

diff --git a/inc/session.php b/inc/session.php
index 2c7ab4488d4d59ca92eef7bf279a9ccf2469027b..7d609e44eeedfd985d77fc5440ee477cf55b11c8 100644 (file)
--- a/inc/session.php
+++ b/inc/session.php
@@ -57,7 +57,7 @@ set_session("mx_lang", $mx_lang);
 require_once(PATH."inc/load_extensions.php");
 
 // Check if refid is set
-if ((!empty($_GET['user'])) && ($CLICK == 1) && ($_SERVER['PHP_SELF'] == "click.php")) {
+if ((!empty($_GET['user'])) && ($CLICK == 1) && (basename($_SERVER['PHP_SELF']) == "click.php")) {
        // The variable user comes from the click-counter script click.php and we only accept this here
        $GLOBALS['refid'] = bigintval($_GET['user']);
 } elseif (!empty($_POST['refid'])) {
@@ -83,8 +83,8 @@ if ((!empty($_GET['user'])) && ($CLICK == 1) && ($_SERVER['PHP_SELF'] == "click.
 // Set cookie when default refid > 0
 if (!isSessionVariableSet('refid') || (!empty($GLOBALS['refid'])) || ((get_session('refid') == "0") && ($_CONFIG['def_refid'] > 0))) {
        // Set cookie
-       set_session("refid", $GLOBALS['refid']);
-}
+       set_session('refid', $GLOBALS['refid']);
+} // END - if
 
 // Transfer userid from session and validate it
 if (isset($_SESSION['userid'])) {
@@ -95,8 +95,11 @@ if (isset($_SESSION['userid'])) {
        if (!IS_MEMBER()) {
                // Then destroy the user id
                destroy_user_session();
+
+               // Kill userid
+               $GLOBALS['userid'] = 0;
        } // END - if
-}
+} // END - if
 
 // Test session if index.php or modules.php is loaded
 if ((basename($_SERVER['PHP_SELF']) == "index.php") || (basename($_SERVER['PHP_SELF']) == "modules.php") || (isBooleanConstantAndTrue('mxchange_installing'))) {
@@ -107,7 +110,8 @@ if ((basename($_SERVER['PHP_SELF']) == "index.php") || (basename($_SERVER['PHP_S
                // Cookies rejected!
                define('__COOKIES', false);
        }
-}
+} // END - if
+
 //* DEBUG: */ print("<pre>".print_r($_SESSION, true)."</pre>");
 
 //