From cb2def971b05067a51c18f85c672866e0ff070c1 Mon Sep 17 00:00:00 2001 From: cajus Date: Mon, 21 Apr 2008 07:04:59 +0000 Subject: [PATCH] Added browser check git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@10573 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-core/include/class_session.inc | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/gosa-core/include/class_session.inc b/gosa-core/include/class_session.inc index 4773fe17d..145e716b2 100644 --- a/gosa-core/include/class_session.inc +++ b/gosa-core/include/class_session.inc @@ -74,6 +74,17 @@ class session { ini_set("session.gc_maxlifetime",24*60*60); session_start(); + /* Check for changed browsers and bail out */ + if (isset($_SESSION['HTTP_USER_AGENT'])) + { + if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) { + session_destroy(); + session_start(); + } + } else { + $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']); + } + /* Regenerate ID to increase security */ if (!isset($_SESSION['started'])){ session_regenerate_id(); -- 2.30.2