fixing the fix: api version is not yet read, therefore use modifiction time of phpgwapi/inc/setup.inc.php instead

This commit is contained in:
Ralf Becker 2012-04-10 07:52:03 +00:00
parent 8bca2eb07f
commit dfae0922dd

View File

@ -762,7 +762,7 @@ class egw_session
{ {
// we generate a pseudo-sessionid from the basic auth credentials // we generate a pseudo-sessionid from the basic auth credentials
$sessionid = md5($_SERVER['PHP_AUTH_USER'].':'.$_SERVER['PHP_AUTH_PW'].':'.$_SERVER['HTTP_HOST'].':'. $sessionid = md5($_SERVER['PHP_AUTH_USER'].':'.$_SERVER['PHP_AUTH_PW'].':'.$_SERVER['HTTP_HOST'].':'.
EGW_SERVER_ROOT.':'.self::getuser_ip().':'.$GLOBALS['egw_info']['apps']['phpgwapi']['version']); EGW_SERVER_ROOT.':'.self::getuser_ip().':'.filemtime(EGW_SERVER_ROOT.'/phpgwapi/setup/setup.inc.php'));
} }
// same for digest auth // same for digest auth
elseif (isset($_SERVER['PHP_AUTH_DIGEST']) && elseif (isset($_SERVER['PHP_AUTH_DIGEST']) &&
@ -772,7 +772,7 @@ class egw_session
// can't use full $_SERVER['PHP_AUTH_DIGEST'], as it changes (contains eg. the url) // can't use full $_SERVER['PHP_AUTH_DIGEST'], as it changes (contains eg. the url)
$data = egw_digest_auth::parse_digest($_SERVER['PHP_AUTH_DIGEST']); $data = egw_digest_auth::parse_digest($_SERVER['PHP_AUTH_DIGEST']);
$sessionid = md5($data['username'].':'.$data['realm'].':'.$data['nonce'].':'.$_SERVER['HTTP_HOST']. $sessionid = md5($data['username'].':'.$data['realm'].':'.$data['nonce'].':'.$_SERVER['HTTP_HOST'].
EGW_SERVER_ROOT.':'.self::getuser_ip().':'.$GLOBALS['egw_info']['apps']['phpgwapi']['version']); EGW_SERVER_ROOT.':'.self::getuser_ip().':'.filemtime(EGW_SERVER_ROOT.'/phpgwapi/setup/setup.inc.php'));
} }
elseif(!$only_basic_auth && isset($_REQUEST[self::EGW_SESSION_NAME])) elseif(!$only_basic_auth && isset($_REQUEST[self::EGW_SESSION_NAME]))
{ {