fixing the fix: api version is not yet read, therefore use modifiction time of phpgwapi/inc/setup.inc.php instead

This commit is contained in:
Ralf Becker 2012-04-10 07:53:08 +00:00
parent 5c0b30bf4f
commit bcb9b2f5c9

View File

@ -762,7 +762,7 @@ class egw_session
{
// we generate a pseudo-sessionid from the basic auth credentials
$sessionid = md5($_SERVER['PHP_AUTH_USER'].':'.$_SERVER['PHP_AUTH_PW'].':'.$_SERVER['HTTP_HOST'].':'.
EGW_SERVER_ROOT.':'.self::getuser_ip().':'.$GLOBALS['egw_info']['apps']['phpgwapi']['version']);
EGW_SERVER_ROOT.':'.self::getuser_ip().':'.filemtime(EGW_SERVER_ROOT.'/phpgwapi/setup/setup.inc.php'));
}
// same for digest auth
elseif (isset($_SERVER['PHP_AUTH_DIGEST']) &&
@ -772,7 +772,7 @@ class egw_session
// can't use full $_SERVER['PHP_AUTH_DIGEST'], as it changes (contains eg. the url)
$data = egw_digest_auth::parse_digest($_SERVER['PHP_AUTH_DIGEST']);
$sessionid = md5($data['username'].':'.$data['realm'].':'.$data['nonce'].':'.$_SERVER['HTTP_HOST'].
EGW_SERVER_ROOT.':'.self::getuser_ip().':'.$GLOBALS['egw_info']['apps']['phpgwapi']['version']);
EGW_SERVER_ROOT.':'.self::getuser_ip().':'.filemtime(EGW_SERVER_ROOT.'/phpgwapi/setup/setup.inc.php'));
}
elseif(!$only_basic_auth && isset($_REQUEST[self::EGW_SESSION_NAME]))
{