- fixed the annoying php4-sessions bug

- it was introduced by changes lars merged from dave (phpGW) ;-)
- of cause php4 sessions work in eGW without sending cookies, if this is disabled in admin->site configuration

phpgwapi/inc/class.phpgw.inc.php

@@ -106,26 +106,6 @@
 
 		function redirect_link($url = '',$extravars='')
 		{
-			if(@defined('PHPGW_PHPSESSID') &&
-				@defined('SID'))//add support for non cookie based php4 sessions
-			{
-				if(is_array($extravars))
-				{
-					list($ignore, $id) =explode('=',SID);
-					$extravars[PHPGW_PHPSESSID] = $id;
-				}
-				else
-				{
-					if($extravars)
-					{
-						$extravars .= SID;
-					}
-					else
-					{
-						$extravars = SID;
-					}
-				}
-			}
 			$this->redirect($this->session->link($url, $extravars));
 		}
 		
@@ -146,7 +126,7 @@
 		{
 			return $this->session->is_repost($display_error);
 		}
-		
+
 		/**
 		 * Handles redirects under iis and apache
 		 *

phpgwapi/inc/class.sessions.inc.php

@@ -141,8 +141,10 @@
 
 			/* Create the crypto object */
 			$GLOBALS['phpgw']->crypto = CreateObject('phpgwapi.crypto');
-			$this->phpgw_set_cookiedomain();
-
+			if ($GLOBALS['phpgw_info']['server']['use_cookies'])
+			{
+				$this->phpgw_set_cookiedomain();
+			}
 			// verfiy and if necessary create and save our config settings
 			//
 			$save_rep = False;
@@ -1101,6 +1103,7 @@
 		*/
 		function link($url, $extravars = '')
 		{
+			//echo "<p>session::link(url='".print_r($url,True)."',extravars='".print_r($extravars,True)."')";
 			/* first we process the $url to build the full scriptname */
 			$full_scriptname = True;
 
@@ -1182,7 +1185,6 @@
 //			$extravars['click_history'] = $this->generate_click_history();
 
 			/* if we end up with any extravars then we generate the url friendly string */
-			/* and return the result */
 			if (is_array($extravars))
 			{
 				$new_extravars = '';
@@ -1194,9 +1196,9 @@
 					}
 					$new_extravars .= $key.'='.urlencode($value);
 				}
-				return $url .= '?' . $new_extravars;
+				$url .= '?' . $new_extravars;
 			}
-			/* if no extravars then we return the cleaned up url/scriptname */
+			//echo " = '$url'</p>\n";
 			return $url;
 		}
 

phpgwapi/inc/class.sessions_php4.inc.php

@@ -31,9 +31,9 @@
 			$this->sessions_();
 			//controls the time out for php4 sessions - skwashd 18-May-2003
 			ini_set('session.gc_maxlifetime', $GLOBALS['phpgw_info']['server']['sessions_timeout']);
-			@define('PHPGW_PHPSESSID', ini_get('session.name'));
+			session_name('sessionid');
 		}
-		
+
 		function read_session()
 		{
 			session_id($this->sessionid);
@@ -83,6 +83,13 @@
 				$action = $_SERVER['PHP_SELF'];
 			}
 
+			// This way XML-RPC users aren't always listed as
+			// xmlrpc.php
+			if ($this->xmlrpc_method_called)
+			{
+				$action = $this->xmlrpc_method_called;
+			}
+
 			$GLOBALS['phpgw_session']['session_dla'] = time();
 			$GLOBALS['phpgw_session']['session_action'] = $action;
 		
@@ -107,7 +114,10 @@
 				$this->clean_sessions();
 				session_unset();
 				session_destroy();
-				$this->phpgw_setcookie(session_name());
+				if ($GLOBALS['phpgw_info']['server']['use_cookies'])
+				{
+					$this->phpgw_setcookie(session_name());
+				}
 			}
 			else
 			{
@@ -116,7 +126,7 @@
 				if (isset($sessions[$sessionid]))
 				{
 					//echo "<p>session_php4::destroy($session_id): unlink('".$sessions[$sessionid]['php_session_file'].")</p>\n";
-					unlink($sessions[$sessionid]['php_session_file']);
+					@unlink($sessions[$sessionid]['php_session_file']);
 				}
 			}
 
@@ -215,6 +225,10 @@
 				}
 				if (!isset($session_cache[$file]))	// not in cache, read and cache it
 				{
+					if (!is_readable($path. '/' . $file))
+					{
+						continue;	// happens if webserver runs multiple user-ids
+					}
 					$fd = fopen ($path . '/' . $file,'r');
 					$session = fread ($fd, filesize ($path . '/' . $file));
 					fclose ($fd);