Merge branch 'bug/cs278/58025' into develop-olympus

* bug/cs278/58025:
  [bug/58025] Search robots are now redirected if they send a SID in the request

Conflicts:
	phpBB/docs/CHANGELOG.html

2 files changed, 7 insertions, 0 deletions

diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index 3f457efb69..08f8be32fd 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -104,6 +104,7 @@
 		<li>[Fix] Prevent wrong tar archive type detection. (Bug #12531)</li>
 		<li>[Fix] Correct redirection after login to forum not in web root (Bug #58755)</li>
 		<li>[Fix] Allow setting parent forums regardless of permission settings. (Bug #57415)</li>
+		<li>[Fix] Redirect search engines that access pages with SIDs in the URL. (Bug #58025)</li>
 		<li>[Feature] Support for Microsoft's Native SQL Server Driver for PHP (Bug #57055 - Patch by Chris Pucci at Microsoft)</li>
 		<li>[Feature] The memcache acm plugin now supports multiple memcache servers.</li>
 	</ul>
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index 1a302d5991..8beb0161f9 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -608,6 +608,12 @@ class session
 		}
 		else
 		{
+			// Bot user, if they have a SID in the Request URI we need to get rid of it
+			// otherwise they'll index this page with the SID, duplicate content oh my!
+			if (isset($_GET['sid']))
+			{
+				redirect(build_url(array('sid')));
+			}
 			$this->data['session_last_visit'] = $this->time_now;
 		}