From: martinahansen <martinahansen@74ccb610-7750-0410-82ae-013aeee3265d>
Date: Tue, 8 Dec 2009 14:42:36 +0000 (+0000)
Subject: added security to browser
X-Git-Url: https://git.donarmstrong.com/?a=commitdiff_plain;h=8d1e618dbf5d7bef87757e9e5fe11cca4303b268;p=biopieces.git

added security to browser

git-svn-id: http://biopieces.googlecode.com/svn/trunk@799 74ccb610-7750-0410-82ae-013aeee3265d
---

diff --git a/www/index.cgi b/www/index.cgi
index 76036aa..0da2599 100755
--- a/www/index.cgi
+++ b/www/index.cgi
@@ -200,6 +200,7 @@ sub cookie_session
     $session = Maasha::BBrowser::Session::session_restore( "$cookie->{ 'SESSION_DIR' }/sessions.txt" );
 
     $cookie->{ 'PAGE' } = 'login' if not $cookie->{ 'SESSION_ID' };
+    $cookie->{ 'PAGE' } = 'login' if $cookie->{ 'SESSION_ID' } ne $ENV{ 'SSL_SESSION_ID' };
     $cookie->{ 'PAGE' } = 'login' if not exists $session->{ $cookie->{ 'USER' } };
     $cookie->{ 'PAGE' } = 'login' if $session->{ $cookie->{ 'USER' } }->{ 'SESSION_ID' } ne $cookie->{ 'SESSION_ID' };
 }
@@ -226,7 +227,8 @@ sub cookie_login
         if ( exists $session->{ $cookie->{ 'USER' } } and
              $session->{ $cookie->{ 'USER' } }->{ 'PASSWORD' } eq Digest::MD5::md5_hex( $cookie->{ 'PASSWORD' } ) )
         {
-            $session->{ $cookie->{ 'USER' } }->{ 'SESSION_ID' } ||= Maasha::BBrowser::Session::session_new();
+            # $session->{ $cookie->{ 'USER' } }->{ 'SESSION_ID' } ||= Maasha::BBrowser::Session::session_new();
+            $session->{ $cookie->{ 'USER' } }->{ 'SESSION_ID' }   = $ENV{ 'SSL_SESSION_ID' };
             $session->{ $cookie->{ 'USER' } }->{ 'TIME' }         = Maasha::Common::time_stamp();
 
             $cookie->{ 'SESSION_ID' } = $session->{ $cookie->{ 'USER' } }->{ 'SESSION_ID' };