Remove previously added security patch against session table

exhaustion, as it causes more problems in the latest phpbb
version.  Users are advised to drop and re-create their
session tables (phpbb_sessions, phpbb_sessions_keys) without
using "HEAP" tables.

Approved by:	maintainer (via e-mail)

2 files changed, 1 insertions, 18 deletions

diff --git a/www/phpbb/Makefile b/www/phpbb/Makefile
index d4a07b676c28..f57d06e2e22c 100644
--- a/www/phpbb/Makefile
+++ b/www/phpbb/Makefile
@@ -7,6 +7,7 @@
 
 PORTNAME=	phpbb
 PORTVERSION=	2.0.22
+PORTREVISION=	1
 CATEGORIES=	www
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
 MASTER_SITE_SUBDIR=	${PORTNAME}
@@ -31,13 +32,6 @@ WWWGRP?=	www
 #
 # End of user-configurable variables.
 
-# XXX The phpBB folks does not seem to care about the session table DoS
-#     issue.  You can disable the patch at your own risk to make the
-#     visual authentication work.
-.if !defined(WITHOUT_ANTI_SESSIONTAB_DOS_PATCH)
-EXTRA_PATCHES=	${FILESDIR}/security-patch-includes-sessions.php
-.endif
-
 # Set/override/append to variables from bsd.port.mk:
 #
 WRKSRC=		${WRKDIR}/phpBB2
diff --git a/www/phpbb/files/security-patch-includes-sessions.php b/www/phpbb/files/security-patch-includes-sessions.php
deleted file mode 100644
index a84aa2f04322..000000000000
--- a/www/phpbb/files/security-patch-includes-sessions.php
+++ /dev/null
@@ -1,11 +0,0 @@
---- includes/sessions.php.orig	Sat May 14 05:04:00 2005
-+++ includes/sessions.php	Sun May 15 18:53:48 2005
-@@ -167,7 +167,7 @@
- 		$sql = "INSERT INTO " . SESSIONS_TABLE . "
- 			(session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in, session_admin)
- 			VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login, $admin)";
--		if ( !$db->sql_query($sql) )
-+		if ( $user_id != ANONYMOUS && !$db->sql_query($sql) )
- 		{
- 			message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
- 		}