diff options
| -rw-r--r-- | constants.inc.php | 14 | ||||
| -rw-r--r-- | header.inc.php | 1 | ||||
| -rw-r--r-- | services/userservice.php | 7 |
3 files changed, 20 insertions, 2 deletions
diff --git a/constants.inc.php b/constants.inc.php new file mode 100644 index 0000000..e64db43 --- /dev/null +++ b/constants.inc.php @@ -0,0 +1,14 @@ +<?php + +// Error codes +define('GENERAL_MESSAGE', 200); +define('GENERAL_ERROR', 202); +define('CRITICAL_MESSAGE', 203); +define('CRITICAL_ERROR', 204); + +// Miscellanous + +# INSTALLATION_ID is based on directory path and used as prefix (in session and cookie) to prevent mutual login for different installations on the same host server +define('INSTALLATION_ID', md5(dirname(realpath('.')))); + +?> diff --git a/header.inc.php b/header.inc.php index 6b4e76b..55defdb 100644 --- a/header.inc.php +++ b/header.inc.php @@ -9,6 +9,7 @@ session_start(); require_once(dirname(__FILE__) .'/services/servicefactory.php'); require_once(dirname(__FILE__) .'/config.inc.php'); +require_once(dirname(__FILE__) .'/constants.inc.php'); require_once(dirname(__FILE__) .'/functions.inc.php'); // Determine the base URL diff --git a/services/userservice.php b/services/userservice.php index c691b36..9e3adca 100644 --- a/services/userservice.php +++ b/services/userservice.php @@ -23,8 +23,8 @@ class UserService { function UserService(& $db) { $this->db =& $db; $this->tablename = $GLOBALS['tableprefix'] .'users'; - $this->sessionkey = $GLOBALS['cookieprefix'] .'-currentuserid'; - $this->cookiekey = $GLOBALS['cookieprefix'] .'-login'; + $this->sessionkey = $GLOBALS['cookieprefix'].INSTALLATION_ID.'-currentuserid'; + $this->cookiekey = $GLOBALS['cookieprefix'].INSTALLATION_ID.'-login'; $this->profileurl = createURL('profile', '%2$s'); } @@ -145,8 +145,11 @@ class UserService { function getCurrentUserId() { if (isset($_SESSION[$this->getSessionKey()])) { +//echo "session";die($_SESSION[$this->getSessionKey()]); return $_SESSION[$this->getSessionKey()]; } else if (isset($_COOKIE[$this->getCookieKey()])) { +//echo "cookie";die(); + $cook = split(':', $_COOKIE[$this->getCookieKey()]); //cookie looks like this: 'id:md5(username+password)' $query = 'SELECT * FROM '. $this->getTableName() . |