Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-24 02:11:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix: better solution with new system

Browse Source
This commit is contained in:
Regis Houssin
2010-12-29 19:20:20 +00:00
parent 3b1874446c
commit 77f138710c
1 changed files with 2 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
htdocs/lib/functions.lib.php
View File

@@ -72,18 +72,8 @@ function GETPOST($paramname,$check='',$method=0)
*/
function dol_getprefix()
{
// Add real path in session name
$realpath='';
if (preg_match('/^([^.]+)\/htdocs\//i', realpath($_SERVER["SCRIPT_FILENAME"]), $regs)) $realpath = isset($regs[1])?$regs[1]:'';
if (defined('DOL_DOCUMENT_ROOT_ALT') && DOL_DOCUMENT_ROOT_ALT)
{
$realpath='';
// Warning, using alt feature is a security hole because path is not in session name, so being authenticated into an instance allow access on another
// FIXME The fix is to use only "root url" like the one defined into $dolibarr_main_url_root
}
//print "x".$realpath."-".$_SERVER["SERVER_NAME"].$_SERVER["DOCUMENT_ROOT"]."-".md5($_SERVER["SERVER_NAME"].$_SERVER["DOCUMENT_ROOT"]);
//return md5($_SERVER["SERVER_NAME"].$_SERVER["DOCUMENT_ROOT"].$realpath);
return md5($_SERVER["SERVER_NAME"].$_SERVER["DOCUMENT_ROOT"].$realpath);
//print "prefix=".$_SERVER["SERVER_NAME"]."-".$_SERVER["DOCUMENT_ROOT"]."-".DOL_DOCUMENT_ROOT;
return md5($_SERVER["SERVER_NAME"].$_SERVER["DOCUMENT_ROOT"].DOL_DOCUMENT_ROOT);
}
/**