diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 236c76e3bf5..86c1cbe0888 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -870,31 +870,32 @@ if (!function_exists('dol_getprefix')) { * Return a prefix to use for this Dolibarr instance, for session/cookie names or email id. * The prefix is unique for instance and avoid conflict between multi-instances, even when having two instances with same root dir * or two instances in same virtual servers. + * This function must not use dol_hash (that is used for password hash) and need to have all context $conf loaded. * * @param string $mode '' (prefix for session name) or 'email' (prefix for email id) * @return string A calculated prefix */ function dol_getprefix($mode = '') { - // If prefix is for email (we need to have $conf alreayd loaded for this case) + // If prefix is for email (we need to have $conf already loaded for this case) if ($mode == 'email') { global $conf; - if (!empty($conf->global->MAIL_PREFIX_FOR_EMAIL_ID)) { // If MAIL_PREFIX_FOR_EMAIL_ID is set (a value initialized with a random value is recommended) + if (!empty($conf->global->MAIL_PREFIX_FOR_EMAIL_ID)) { // If MAIL_PREFIX_FOR_EMAIL_ID is set if ($conf->global->MAIL_PREFIX_FOR_EMAIL_ID != 'SERVER_NAME') { return $conf->global->MAIL_PREFIX_FOR_EMAIL_ID; - } elseif (isset($_SERVER["SERVER_NAME"])) { + } elseif (isset($_SERVER["SERVER_NAME"])) { // If MAIL_PREFIX_FOR_EMAIL_ID is set to 'SERVER_NAME' return $_SERVER["SERVER_NAME"]; } } - // The recommended value (may be not defined for old versions) + // The recommended value if MAIL_PREFIX_FOR_EMAIL_ID is not defined (may be not defined for old versions) if (!empty($conf->file->instance_unique_id)) { - return $conf->file->instance_unique_id; + return sha1('dolibarr'.$conf->file->instance_unique_id); } - // For backward compatibility - return dol_hash(DOL_DOCUMENT_ROOT.DOL_URL_ROOT, '3'); + // For backward compatibility when instance_unique_id is not set + return sha1(DOL_DOCUMENT_ROOT.DOL_URL_ROOT); } // If prefix is for session (no need to have $conf loaded) @@ -903,15 +904,15 @@ if (!function_exists('dol_getprefix')) { // The recommended value (may be not defined for old versions) if (!empty($tmp_instance_unique_id)) { - return $tmp_instance_unique_id; + return sha1('dolibarr'.$tmp_instance_unique_id); } - // For backward compatibility + // For backward compatibility when instance_unique_id is not set if (isset($_SERVER["SERVER_NAME"]) && isset($_SERVER["DOCUMENT_ROOT"])) { - return dol_hash($_SERVER["SERVER_NAME"].$_SERVER["DOCUMENT_ROOT"].DOL_DOCUMENT_ROOT.DOL_URL_ROOT, '3'); + return sha1($_SERVER["SERVER_NAME"].$_SERVER["DOCUMENT_ROOT"].DOL_DOCUMENT_ROOT.DOL_URL_ROOT); + } else { + return sha1(DOL_DOCUMENT_ROOT.DOL_URL_ROOT); } - - return dol_hash(DOL_DOCUMENT_ROOT.DOL_URL_ROOT, '3'); } } diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 88ed3a12f3a..093813f5776 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -290,7 +290,6 @@ if (!empty($_COOKIE[$sessiontimeout])) { ini_set('session.gc_maxlifetime', $_COOKIE[$sessiontimeout]); } - // This create lock, released by session_write_close() or end of page. // We need this lock as long as we read/write $_SESSION ['vars']. We can remove lock when finished. if (!defined('NOSESSION')) { @@ -3263,7 +3262,7 @@ if (!function_exists("llxFooter")) { $forceping = GETPOST('forceping', 'alpha'); if (($_SERVER["PHP_SELF"] == DOL_URL_ROOT.'/index.php') || $forceping) { //print ''; - $hash_unique_id = md5('dolibarr'.$conf->file->instance_unique_id); + $hash_unique_id = md5('dolibarr'.$conf->file->instance_unique_id); // Do not use dol_hash(), must not change if salt changes. if (empty($conf->global->MAIN_FIRST_PING_OK_DATE) || (!empty($conf->file->instance_unique_id) && ($hash_unique_id != $conf->global->MAIN_FIRST_PING_OK_ID) && ($conf->global->MAIN_FIRST_PING_OK_ID != 'disabled')) diff --git a/htdocs/public/eventorganization/attendee_new.php b/htdocs/public/eventorganization/attendee_new.php index 55303bcb00e..a7cdd1ceda8 100644 --- a/htdocs/public/eventorganization/attendee_new.php +++ b/htdocs/public/eventorganization/attendee_new.php @@ -56,7 +56,6 @@ require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/paymentterm.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; -global $dolibarr_main_instance_unique_id; global $dolibarr_main_url_root; // Init vars diff --git a/htdocs/public/eventorganization/subscriptionok.php b/htdocs/public/eventorganization/subscriptionok.php index 4a81084223d..8acf3daba78 100644 --- a/htdocs/public/eventorganization/subscriptionok.php +++ b/htdocs/public/eventorganization/subscriptionok.php @@ -57,7 +57,7 @@ if (!empty($conf->paypal->enabled)) { require_once DOL_DOCUMENT_ROOT.'/paypal/lib/paypalfunctions.lib.php'; } -global $dolibarr_main_instance_unique_id, $dolibarr_main_url_root, $mysoc; +global $dolibarr_main_url_root, $mysoc; $langs->loadLangs(array("main", "companies", "install", "other", "eventorganization")); diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php index d25e14288f8..7bb61a708c5 100644 --- a/htdocs/public/payment/newpayment.php +++ b/htdocs/public/payment/newpayment.php @@ -70,9 +70,6 @@ include_once DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php'; $hookmanager = new HookManager($db); $hookmanager->initHooks(array('newpayment')); -// For encryption -global $dolibarr_main_instance_unique_id; - // Load translation files $langs->loadLangs(array("main", "other", "dict", "bills", "companies", "errors", "paybox", "paypal", "stripe")); // File with generic data diff --git a/htdocs/public/payment/paymentok.php b/htdocs/public/payment/paymentok.php index 499ff2c4e31..9765af89f7e 100644 --- a/htdocs/public/payment/paymentok.php +++ b/htdocs/public/payment/paymentok.php @@ -61,8 +61,6 @@ if (!empty($conf->paypal->enabled)) { require_once DOL_DOCUMENT_ROOT.'/paypal/lib/paypalfunctions.lib.php'; } -global $dolibarr_main_instance_unique_id; - $langs->loadLangs(array("main", "other", "dict", "bills", "companies", "paybox", "paypal")); // Clean parameters diff --git a/htdocs/public/project/index.php b/htdocs/public/project/index.php index 5f450a6c557..0add64bb700 100644 --- a/htdocs/public/project/index.php +++ b/htdocs/public/project/index.php @@ -54,9 +54,6 @@ include_once DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php'; $hookmanager = new HookManager($db); $hookmanager->initHooks(array('newpayment')); -// For encryption -global $dolibarr_main_instance_unique_id; - // Load translation files $langs->loadLangs(array("other", "dict", "bills", "companies", "errors", "paybox", "paypal", "stripe")); // File with generic data diff --git a/htdocs/public/project/suggestbooth.php b/htdocs/public/project/suggestbooth.php index 39c2a57700e..cb1b1089b0c 100644 --- a/htdocs/public/project/suggestbooth.php +++ b/htdocs/public/project/suggestbooth.php @@ -56,7 +56,6 @@ require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php'; require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/paymentterm.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; -global $dolibarr_main_instance_unique_id; global $dolibarr_main_url_root; // Init vars diff --git a/htdocs/public/project/suggestconference.php b/htdocs/public/project/suggestconference.php index b97777c3a9a..22589c941d2 100644 --- a/htdocs/public/project/suggestconference.php +++ b/htdocs/public/project/suggestconference.php @@ -56,7 +56,6 @@ require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php'; require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/paymentterm.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; -global $dolibarr_main_instance_unique_id; global $dolibarr_main_url_root; // Init vars diff --git a/htdocs/public/project/viewandvote.php b/htdocs/public/project/viewandvote.php index e680df15a1c..805eb8cfdd1 100644 --- a/htdocs/public/project/viewandvote.php +++ b/htdocs/public/project/viewandvote.php @@ -56,7 +56,7 @@ $hookmanager = new HookManager($db); $hookmanager->initHooks(array('newpayment')); // For encryption -global $dolibarr_main_instance_unique_id, $dolibarr_main_url_root; +global $dolibarr_main_url_root; // Load translation files $langs->loadLangs(array("main", "other", "dict", "bills", "companies", "errors", "paybox", "paypal", "stripe")); // File with generic data