From 74fb49098eb52b8f42110713caa3892572305cf3 Mon Sep 17 00:00:00 2001
From: mensonge <mensonge@b3834d28-1941-0410-a4f8-b48e95affb8f>
Date: Fri, 18 Apr 2008 09:57:32 +0000
Subject: Bug fix: correct problem with mutual logins for several installations
 on the same host

git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@114 b3834d28-1941-0410-a4f8-b48e95affb8f
---
 constants.inc.php        | 14 ++++++++++++++
 header.inc.php           |  1 +
 services/userservice.php |  7 +++++--
 3 files changed, 20 insertions(+), 2 deletions(-)
 create mode 100644 constants.inc.php

diff --git a/constants.inc.php b/constants.inc.php
new file mode 100644
index 0000000..e64db43
--- /dev/null
+++ b/constants.inc.php
@@ -0,0 +1,14 @@
+<?php
+
+// Error codes
+define('GENERAL_MESSAGE', 200);
+define('GENERAL_ERROR', 202);
+define('CRITICAL_MESSAGE', 203);
+define('CRITICAL_ERROR', 204);
+
+// Miscellanous
+
+# INSTALLATION_ID is based on directory  path and used as prefix (in session and cookie) to prevent mutual login for different installations on the same host server
+define('INSTALLATION_ID', md5(dirname(realpath('.'))));
+
+?>
diff --git a/header.inc.php b/header.inc.php
index 6b4e76b..55defdb 100644
--- a/header.inc.php
+++ b/header.inc.php
@@ -9,6 +9,7 @@ session_start();
 
 require_once(dirname(__FILE__) .'/services/servicefactory.php');
 require_once(dirname(__FILE__) .'/config.inc.php');
+require_once(dirname(__FILE__) .'/constants.inc.php');
 require_once(dirname(__FILE__) .'/functions.inc.php');
 
 // Determine the base URL
diff --git a/services/userservice.php b/services/userservice.php
index c691b36..9e3adca 100644
--- a/services/userservice.php
+++ b/services/userservice.php
@@ -23,8 +23,8 @@ class UserService {
     function UserService(& $db) {
         $this->db =& $db;
         $this->tablename = $GLOBALS['tableprefix'] .'users';
-        $this->sessionkey = $GLOBALS['cookieprefix'] .'-currentuserid';
-        $this->cookiekey = $GLOBALS['cookieprefix'] .'-login';
+	$this->sessionkey = $GLOBALS['cookieprefix'].INSTALLATION_ID.'-currentuserid';
+	$this->cookiekey = $GLOBALS['cookieprefix'].INSTALLATION_ID.'-login';
         $this->profileurl = createURL('profile', '%2$s');
     }
 
@@ -145,8 +145,11 @@ class UserService {
 
     function getCurrentUserId() {
         if (isset($_SESSION[$this->getSessionKey()])) {
+//echo "session";die($_SESSION[$this->getSessionKey()]);
             return $_SESSION[$this->getSessionKey()];
         } else if (isset($_COOKIE[$this->getCookieKey()])) {
+//echo "cookie";die();
+
             $cook = split(':', $_COOKIE[$this->getCookieKey()]);
             //cookie looks like this: 'id:md5(username+password)'
             $query = 'SELECT * FROM '. $this->getTableName() .
-- 
cgit v1.2.3