X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-core%2Finclude%2Fclass_session.inc;h=4a98ad2dc6aa31bd2c67c050b05b3558ea58e707;hb=be544c6b24fb2d0ae005ce38e44d1a0f7a869e0a;hp=4773fe17d015983240f9e792225de4bac9cc2561;hpb=486c1f58fd44059951086ab9aca7586c679d8e26;p=gosa.git

diff --git a/gosa-core/include/class_session.inc b/gosa-core/include/class_session.inc
index 4773fe17d..4a98ad2dc 100644
--- a/gosa-core/include/class_session.inc
+++ b/gosa-core/include/class_session.inc
@@ -74,6 +74,17 @@ class session {
 		ini_set("session.gc_maxlifetime",24*60*60);
 		session_start();
 
+    /* Check for changed browsers and bail out */
+    if (isset($_SESSION['HTTP_USER_AGENT']))
+    {
+      if ($_SESSION['HTTP_USER_AGENT'] !=  md5($_SERVER['HTTP_USER_AGENT'])) {
+        session_destroy();
+        session_start();
+      }
+    } else {
+      $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
+    }
+
     /* Regenerate ID to increase security */
     if (!isset($_SESSION['started'])){
       session_regenerate_id();
@@ -83,7 +94,7 @@ class session {
 
 	public static function destroy()
 	{
-		session_destroy();
+		@session_destroy();
 	}
 
 	public static function set_lifetime($seconds = -1)