summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--constants.inc.php14
-rw-r--r--header.inc.php1
-rw-r--r--services/userservice.php7
3 files changed, 20 insertions, 2 deletions
diff --git a/constants.inc.php b/constants.inc.php
new file mode 100644
index 0000000..e64db43
--- /dev/null
+++ b/constants.inc.php
@@ -0,0 +1,14 @@
+<?php
+
+// Error codes
+define('GENERAL_MESSAGE', 200);
+define('GENERAL_ERROR', 202);
+define('CRITICAL_MESSAGE', 203);
+define('CRITICAL_ERROR', 204);
+
+// Miscellanous
+
+# INSTALLATION_ID is based on directory path and used as prefix (in session and cookie) to prevent mutual login for different installations on the same host server
+define('INSTALLATION_ID', md5(dirname(realpath('.'))));
+
+?>
diff --git a/header.inc.php b/header.inc.php
index 6b4e76b..55defdb 100644
--- a/header.inc.php
+++ b/header.inc.php
@@ -9,6 +9,7 @@ session_start();
require_once(dirname(__FILE__) .'/services/servicefactory.php');
require_once(dirname(__FILE__) .'/config.inc.php');
+require_once(dirname(__FILE__) .'/constants.inc.php');
require_once(dirname(__FILE__) .'/functions.inc.php');
// Determine the base URL
diff --git a/services/userservice.php b/services/userservice.php
index c691b36..9e3adca 100644
--- a/services/userservice.php
+++ b/services/userservice.php
@@ -23,8 +23,8 @@ class UserService {
function UserService(& $db) {
$this->db =& $db;
$this->tablename = $GLOBALS['tableprefix'] .'users';
- $this->sessionkey = $GLOBALS['cookieprefix'] .'-currentuserid';
- $this->cookiekey = $GLOBALS['cookieprefix'] .'-login';
+ $this->sessionkey = $GLOBALS['cookieprefix'].INSTALLATION_ID.'-currentuserid';
+ $this->cookiekey = $GLOBALS['cookieprefix'].INSTALLATION_ID.'-login';
$this->profileurl = createURL('profile', '%2$s');
}
@@ -145,8 +145,11 @@ class UserService {
function getCurrentUserId() {
if (isset($_SESSION[$this->getSessionKey()])) {
+//echo "session";die($_SESSION[$this->getSessionKey()]);
return $_SESSION[$this->getSessionKey()];
} else if (isset($_COOKIE[$this->getCookieKey()])) {
+//echo "cookie";die();
+
$cook = split(':', $_COOKIE[$this->getCookieKey()]);
//cookie looks like this: 'id:md5(username+password)'
$query = 'SELECT * FROM '. $this->getTableName() .