From bb972e8de32fcd1d73a9fcdd4995358095bf7bda Mon Sep 17 00:00:00 2001
From: johnnyq <johnny@pittpc.com>
Date: Fri, 4 Feb 2022 17:04:28 -0500
Subject: [PATCH] Store full user agent, we can always parse it later

---
 check_login.php | 9 +++++----
 login.php       | 9 ++++++---
 2 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/check_login.php b/check_login.php
index c7d2cad1..963dcb2a 100644
--- a/check_login.php
+++ b/check_login.php
@@ -24,10 +24,11 @@
 	//SESSION FINGERPRINT
 	$session_ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip()));
 	$session_os = strip_tags(mysqli_real_escape_string($mysqli,get_os()));
-	$session_browser = strip_tags(mysqli_real_escape_string($mysqli,get_web_browser()));
-	$session_device = strip_tags(mysqli_real_escape_string($mysqli,get_device()));
-
-	$session_user_agent = "$session_os - $session_browser";
+	//$session_browser = strip_tags(mysqli_real_escape_string($mysqli,get_web_browser()));
+	//$session_device = strip_tags(mysqli_real_escape_string($mysqli,get_device()));
+	//$session_user_agent = "$session_os - $session_browser";
+	// Get user agent
+	$session_user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
 
 	$session_user_id = $_SESSION['user_id'];
 
diff --git a/login.php b/login.php
index 29178b96..0d845838 100644
--- a/login.php
+++ b/login.php
@@ -10,11 +10,14 @@ include("functions.php");
 
 //SESSION FINGERPRINT
 $ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip()));
-$os = strip_tags(mysqli_real_escape_string($mysqli,get_os()));
-$browser = strip_tags(mysqli_real_escape_string($mysqli,get_web_browser()));
+//$os = strip_tags(mysqli_real_escape_string($mysqli,get_os()));
+//$browser = strip_tags(mysqli_real_escape_string($mysqli,get_web_browser()));
 //$device = strip_tags(mysqli_real_escape_string($mysqli,get_device()));
 
-$user_agent = "$os - $browser";
+//$user_agent = "$os - $browser";
+// Get user agent
+$user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
+
 
 // HTTP Only cookies
 ini_set("session.cookie_httponly", True);