[Mapbender-commits] r7138 - in trunk/mapbender: conf core http/frames

[svn_mapbender at osgeo.org]

Author: christoph
Date: 2010-11-16 06:37:08 -0800 (Tue, 16 Nov 2010)
New Revision: 7138

Modified:
   trunk/mapbender/conf/mapbender.conf-dist
   trunk/mapbender/core/globalSettings.php
   trunk/mapbender/http/frames/login.php
Log:
#720

Modified: trunk/mapbender/conf/mapbender.conf-dist
===================================================================
--- trunk/mapbender/conf/mapbender.conf-dist	2010-11-16 13:05:35 UTC (rev 7137)
+++ trunk/mapbender/conf/mapbender.conf-dist	2010-11-16 14:37:08 UTC (rev 7138)
@@ -172,6 +172,12 @@
 # --------------------------------------------
 define("PUBLIC_USER", "");
 
+# --------------------------------------------
+# define a session name (useful for )
+# --------------------------------------------
+#define("SESSION_NAME", "MAPBENDER");
+
+
 ###HACK for GLOBALS
 $DBSERVER=DBSERVER;
   $DB=DB;

Modified: trunk/mapbender/core/globalSettings.php
===================================================================
--- trunk/mapbender/core/globalSettings.php	2010-11-16 13:05:35 UTC (rev 7137)
+++ trunk/mapbender/core/globalSettings.php	2010-11-16 14:37:08 UTC (rev 7138)
@@ -26,8 +26,9 @@
 //
 // initiates the session-handling
 //
+session_start();
 if (defined("SESSION_NAME") && is_string(SESSION_NAME)) {
-//	session_name(SESSION_NAME);
+	session_name(SESSION_NAME);
 }
 
 //

Modified: trunk/mapbender/http/frames/login.php
===================================================================
--- trunk/mapbender/http/frames/login.php	2010-11-16 13:05:35 UTC (rev 7137)
+++ trunk/mapbender/http/frames/login.php	2010-11-16 14:37:08 UTC (rev 7138)
@@ -160,11 +160,14 @@
 	// if given user data is found in database, set session data (db_fetch_array returns false if no row is found)
 	if($row){
 		require_once dirname(__FILE__) . "/../../core/globalSettings.php";
-		if (Mapbender::session()->get("mb_user_id") !== false && $row["mb_user_id"] !== Mapbender::session()->get("mb_user_id")) {
-			session_write_close();
-			session_id(sha1(mt_rand()));
-			session_start();
-		}
+# These lines will create a new session if a user logs in who is not the owner 
+# of the session. However, in Geoportal-RLP this is intended, 
+#
+#		if (Mapbender::session()->get("mb_user_id") !== false && $row["mb_user_id"] !== Mapbender::session()->get("mb_user_id")) {
+#			session_write_close();
+#			session_id(sha1(mt_rand()));
+#			session_start();
+#		}
 		include(dirname(__FILE__) . "/../../conf/session.conf");
 	}
 	else {