1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.2 CometChat & Xenforo w/Memcache (Help Needed)

Discussion in 'Troubleshooting and Problems' started by Bill.D, Aug 28, 2013.

  1. Bill.D

    Bill.D Active Member

    Hey all,

    I know that this is not really a Xenforo issue, but I am hoping that someone has had the issue and knows what to do.

    I have a Xenforo install with a memcached system to handle sessions. I installed CometChat and it says you need to be logged in even though you are.

    Here is what I found. In the Integration.php file in the cometchat directory:
    PHP:
    if (!empty($_COOKIE['xf_session'])) {      
            
    $sql = ("SELECT `session_data` FROM  `".TABLE_PREFIX."session` WHERE `session_id` = '".$_COOKIE['xf_session']."'");
            
    $query mysql_query($sql);
            
    $sess2 mysql_fetch_array($query);
            
    $sess3 unserialize($sess2[0]);
            
    $userid $sess3['user_id'];
        }
    Note that is is looking in the SQL DB for the Session.. Where as I am using the Memcache system for session.. Does anyone know how to make CometChat look in the Memcached system for session data?

    Thanks all,
    -Bill
     
  2. graham_w

    graham_w Active Member

    Would that not be a question for cometchat ?
     
  3. Luke F

    Luke F Well-Known Member

    Looks like that snippet is vulnerable to sql injection
     
  4. Bill.D

    Bill.D Active Member

    Yah, I asked them but there in a different time zone, and I was hoping someone here already knew the answer.
     

Share This Page