From 05044a59d7256add4ec241d5977951ada04477e2 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@bah.org.ru>
Date: Wed, 13 Jan 2010 22:25:03 +0300
Subject: [PATCH] validate_session: check for schema version

---
 functions.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/functions.php b/functions.php
index 3d09e0f6..1276146c 100644
--- a/functions.php
+++ b/functions.php
@@ -1891,6 +1891,10 @@
 			}
 		}
 
+		if ($_SESSION["ref_schema_version"] != get_schema_version($link, true)) {
+			return false;
+		}
+
 		if ($_SESSION["uid"]) {
 
 			$result = db_query($link, 
@@ -1930,6 +1934,7 @@
 					$_POST["password"] = "";
 
 					$_SESSION["language"] = $_POST["language"];
+					$_SESSION["ref_schema_version"] = get_schema_version($link, true);
 					$_SESSION["bw_limit"] = !!$_POST["bw_limit"];
 
 					if ($_POST["profile"]) {
@@ -2070,8 +2075,7 @@
 		error_reporting(0);
 
 		$error_code = 0;
-		$result = db_query($link, "SELECT schema_version FROM ttrss_version");
-		$schema_version = db_fetch_result($result, 0, "schema_version");
+		$schema_version = get_schema_version($link);
 
 		if ($schema_version != SCHEMA_VERSION) {
 			$error_code = 5;
-- 
2.39.2