From bcb9b2f5c9e832cf6a8027a999b969c663c67075 Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Tue, 10 Apr 2012 07:53:08 +0000 Subject: [PATCH] fixing the fix: api version is not yet read, therefore use modifiction time of phpgwapi/inc/setup.inc.php instead --- phpgwapi/inc/class.egw_session.inc.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpgwapi/inc/class.egw_session.inc.php b/phpgwapi/inc/class.egw_session.inc.php index 4314d25068..df8096b80b 100644 --- a/phpgwapi/inc/class.egw_session.inc.php +++ b/phpgwapi/inc/class.egw_session.inc.php @@ -762,7 +762,7 @@ class egw_session { // we generate a pseudo-sessionid from the basic auth credentials $sessionid = md5($_SERVER['PHP_AUTH_USER'].':'.$_SERVER['PHP_AUTH_PW'].':'.$_SERVER['HTTP_HOST'].':'. - EGW_SERVER_ROOT.':'.self::getuser_ip().':'.$GLOBALS['egw_info']['apps']['phpgwapi']['version']); + EGW_SERVER_ROOT.':'.self::getuser_ip().':'.filemtime(EGW_SERVER_ROOT.'/phpgwapi/setup/setup.inc.php')); } // same for digest auth elseif (isset($_SERVER['PHP_AUTH_DIGEST']) && @@ -772,7 +772,7 @@ class egw_session // can't use full $_SERVER['PHP_AUTH_DIGEST'], as it changes (contains eg. the url) $data = egw_digest_auth::parse_digest($_SERVER['PHP_AUTH_DIGEST']); $sessionid = md5($data['username'].':'.$data['realm'].':'.$data['nonce'].':'.$_SERVER['HTTP_HOST']. - EGW_SERVER_ROOT.':'.self::getuser_ip().':'.$GLOBALS['egw_info']['apps']['phpgwapi']['version']); + EGW_SERVER_ROOT.':'.self::getuser_ip().':'.filemtime(EGW_SERVER_ROOT.'/phpgwapi/setup/setup.inc.php')); } elseif(!$only_basic_auth && isset($_REQUEST[self::EGW_SESSION_NAME])) {