forked from Wavyzz/dolibarr
Do not use dol_hash anymore for the name of cookies.
This commit is contained in:
Laurent Destailleur
@@ -870,31 +870,32 @@ if (!function_exists('dol_getprefix')) {
|
||||
* Return a prefix to use for this Dolibarr instance, for session/cookie names or email id.
|
||||
* The prefix is unique for instance and avoid conflict between multi-instances, even when having two instances with same root dir
|
||||
* or two instances in same virtual servers.
|
||||
* This function must not use dol_hash (that is used for password hash) and need to have all context $conf loaded.
|
||||
*
|
||||
* @param string $mode '' (prefix for session name) or 'email' (prefix for email id)
|
||||
* @return string A calculated prefix
|
||||
*/
|
||||
function dol_getprefix($mode = '')
|
||||
{
|
||||
// If prefix is for email (we need to have $conf alreayd loaded for this case)
|
||||
// If prefix is for email (we need to have $conf already loaded for this case)
|
||||
if ($mode == 'email') {
|
||||
global $conf;
|
||||
|
||||
if (!empty($conf->global->MAIL_PREFIX_FOR_EMAIL_ID)) { // If MAIL_PREFIX_FOR_EMAIL_ID is set (a value initialized with a random value is recommended)
|
||||
if (!empty($conf->global->MAIL_PREFIX_FOR_EMAIL_ID)) { // If MAIL_PREFIX_FOR_EMAIL_ID is set
|
||||
if ($conf->global->MAIL_PREFIX_FOR_EMAIL_ID != 'SERVER_NAME') {
|
||||
return $conf->global->MAIL_PREFIX_FOR_EMAIL_ID;
|
||||
} elseif (isset($_SERVER["SERVER_NAME"])) {
|
||||
} elseif (isset($_SERVER["SERVER_NAME"])) { // If MAIL_PREFIX_FOR_EMAIL_ID is set to 'SERVER_NAME'
|
||||
return $_SERVER["SERVER_NAME"];
|
||||
}
|
||||
}
|
||||
|
||||
// The recommended value (may be not defined for old versions)
|
||||
// The recommended value if MAIL_PREFIX_FOR_EMAIL_ID is not defined (may be not defined for old versions)
|
||||
if (!empty($conf->file->instance_unique_id)) {
|
||||
return $conf->file->instance_unique_id;
|
||||
return sha1('dolibarr'.$conf->file->instance_unique_id);
|
||||
}
|
||||
|
||||
// For backward compatibility
|
||||
return dol_hash(DOL_DOCUMENT_ROOT.DOL_URL_ROOT, '3');
|
||||
// For backward compatibility when instance_unique_id is not set
|
||||
return sha1(DOL_DOCUMENT_ROOT.DOL_URL_ROOT);
|
||||
}
|
||||
|
||||
// If prefix is for session (no need to have $conf loaded)
|
||||
@@ -903,15 +904,15 @@ if (!function_exists('dol_getprefix')) {
|
||||
|
||||
// The recommended value (may be not defined for old versions)
|
||||
if (!empty($tmp_instance_unique_id)) {
|
||||
return $tmp_instance_unique_id;
|
||||
return sha1('dolibarr'.$tmp_instance_unique_id);
|
||||
}
|
||||
|
||||
// For backward compatibility
|
||||
// For backward compatibility when instance_unique_id is not set
|
||||
if (isset($_SERVER["SERVER_NAME"]) && isset($_SERVER["DOCUMENT_ROOT"])) {
|
||||
return dol_hash($_SERVER["SERVER_NAME"].$_SERVER["DOCUMENT_ROOT"].DOL_DOCUMENT_ROOT.DOL_URL_ROOT, '3');
|
||||
return sha1($_SERVER["SERVER_NAME"].$_SERVER["DOCUMENT_ROOT"].DOL_DOCUMENT_ROOT.DOL_URL_ROOT);
|
||||
} else {
|
||||
return sha1(DOL_DOCUMENT_ROOT.DOL_URL_ROOT);
|
||||
}
|
||||
|
||||
return dol_hash(DOL_DOCUMENT_ROOT.DOL_URL_ROOT, '3');
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -290,7 +290,6 @@ if (!empty($_COOKIE[$sessiontimeout])) {
|
||||
ini_set('session.gc_maxlifetime', $_COOKIE[$sessiontimeout]);
|
||||
}
|
||||
|
||||
|
||||
// This create lock, released by session_write_close() or end of page.
|
||||
// We need this lock as long as we read/write $_SESSION ['vars']. We can remove lock when finished.
|
||||
if (!defined('NOSESSION')) {
|
||||
@@ -3263,7 +3262,7 @@ if (!function_exists("llxFooter")) {
|
||||
$forceping = GETPOST('forceping', 'alpha');
|
||||
if (($_SERVER["PHP_SELF"] == DOL_URL_ROOT.'/index.php') || $forceping) {
|
||||
//print '<!-- instance_unique_id='.$conf->file->instance_unique_id.' MAIN_FIRST_PING_OK_ID='.$conf->global->MAIN_FIRST_PING_OK_ID.' -->';
|
||||
$hash_unique_id = md5('dolibarr'.$conf->file->instance_unique_id);
|
||||
$hash_unique_id = md5('dolibarr'.$conf->file->instance_unique_id); // Do not use dol_hash(), must not change if salt changes.
|
||||
|
||||
if (empty($conf->global->MAIN_FIRST_PING_OK_DATE)
|
||||
|| (!empty($conf->file->instance_unique_id) && ($hash_unique_id != $conf->global->MAIN_FIRST_PING_OK_ID) && ($conf->global->MAIN_FIRST_PING_OK_ID != 'disabled'))
|
||||
|
||||
@@ -56,7 +56,6 @@ require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/paymentterm.class.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
|
||||
|
||||
global $dolibarr_main_instance_unique_id;
|
||||
global $dolibarr_main_url_root;
|
||||
|
||||
// Init vars
|
||||
|
||||
@@ -57,7 +57,7 @@ if (!empty($conf->paypal->enabled)) {
|
||||
require_once DOL_DOCUMENT_ROOT.'/paypal/lib/paypalfunctions.lib.php';
|
||||
}
|
||||
|
||||
global $dolibarr_main_instance_unique_id, $dolibarr_main_url_root, $mysoc;
|
||||
global $dolibarr_main_url_root, $mysoc;
|
||||
|
||||
$langs->loadLangs(array("main", "companies", "install", "other", "eventorganization"));
|
||||
|
||||
|
||||
@@ -70,9 +70,6 @@ include_once DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php';
|
||||
$hookmanager = new HookManager($db);
|
||||
$hookmanager->initHooks(array('newpayment'));
|
||||
|
||||
// For encryption
|
||||
global $dolibarr_main_instance_unique_id;
|
||||
|
||||
// Load translation files
|
||||
$langs->loadLangs(array("main", "other", "dict", "bills", "companies", "errors", "paybox", "paypal", "stripe")); // File with generic data
|
||||
|
||||
|
||||
@@ -61,8 +61,6 @@ if (!empty($conf->paypal->enabled)) {
|
||||
require_once DOL_DOCUMENT_ROOT.'/paypal/lib/paypalfunctions.lib.php';
|
||||
}
|
||||
|
||||
global $dolibarr_main_instance_unique_id;
|
||||
|
||||
$langs->loadLangs(array("main", "other", "dict", "bills", "companies", "paybox", "paypal"));
|
||||
|
||||
// Clean parameters
|
||||
|
||||
@@ -54,9 +54,6 @@ include_once DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php';
|
||||
$hookmanager = new HookManager($db);
|
||||
$hookmanager->initHooks(array('newpayment'));
|
||||
|
||||
// For encryption
|
||||
global $dolibarr_main_instance_unique_id;
|
||||
|
||||
// Load translation files
|
||||
$langs->loadLangs(array("other", "dict", "bills", "companies", "errors", "paybox", "paypal", "stripe")); // File with generic data
|
||||
|
||||
|
||||
@@ -56,7 +56,6 @@ require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/paymentterm.class.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
|
||||
|
||||
global $dolibarr_main_instance_unique_id;
|
||||
global $dolibarr_main_url_root;
|
||||
|
||||
// Init vars
|
||||
|
||||
@@ -56,7 +56,6 @@ require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/paymentterm.class.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
|
||||
|
||||
global $dolibarr_main_instance_unique_id;
|
||||
global $dolibarr_main_url_root;
|
||||
|
||||
// Init vars
|
||||
|
||||
@@ -56,7 +56,7 @@ $hookmanager = new HookManager($db);
|
||||
$hookmanager->initHooks(array('newpayment'));
|
||||
|
||||
// For encryption
|
||||
global $dolibarr_main_instance_unique_id, $dolibarr_main_url_root;
|
||||
global $dolibarr_main_url_root;
|
||||
|
||||
// Load translation files
|
||||
$langs->loadLangs(array("main", "other", "dict", "bills", "companies", "errors", "paybox", "paypal", "stripe")); // File with generic data
|
||||
|
||||
Reference in New Issue
Block a user