| Author: Thomas Bruederli <roundcube@gmail.com> |
+-----------------------------------------------------------------------+
- $Id: rcmail.php 4509 2011-02-09 10:51:50Z thomasb $
+ $Id: rcmail.php 4626 2011-03-31 12:32:44Z alec $
*/
*/
public function shutdown()
{
- if (is_object($this->imap))
- $this->imap->close();
-
if (is_object($this->smtp))
$this->smtp->disconnect();
*/
public function get_request_token()
{
- $key = $this->task;
-
- if (!$_SESSION['request_tokens'][$key])
- $_SESSION['request_tokens'][$key] = md5(uniqid($key . mt_rand(), true));
-
- return $_SESSION['request_tokens'][$key];
+ $sess_id = $_COOKIE[ini_get('session.name')];
+ if (!$sess_id) $sess_id = session_id();
+ return md5('RT' . $this->task . $this->config->get('des_key') . $sess_id);
}
public function check_request($mode = RCUBE_INPUT_POST)
{
$token = get_input_value('_token', $mode);
- return !empty($token) && $_SESSION['request_tokens'][$this->task] == $token;
+ $sess_id = $_COOKIE[ini_get('session.name')];
+ return !empty($sess_id) && $token == $this->get_request_token();
}
}
}
+ if (is_object($this->imap))
+ $this->imap->close();
+
return $base64 ? base64_encode($cipher) : $cipher;
}