Changeset 1005 for branches

Timestamp:

Jan 15, 2006, 2:49:29 PM (18 years ago)

Author:

nikrou

Message:

Revert to revision 1002

Location:

branches/branch-1_5

Files:

• about.php (modified) (1 diff)
• admin.php (modified) (2 diffs)
• admin/cat_list.php (modified) (6 diffs)
• admin/cat_modify.php (modified) (4 diffs)
• admin/cat_move.php (modified) (1 diff)
• admin/cat_options.php (modified) (1 diff)
• admin/cat_perm.php (modified) (1 diff)
• admin/comments.php (modified) (2 diffs)
• admin/configuration.php (modified) (1 diff)
• admin/element_set_unit.php (modified) (1 diff)
• admin/group_list.php (modified) (1 diff)
• admin/group_perm.php (modified) (1 diff)
• admin/intro.php (modified) (3 diffs)
• admin/maintenance.php (modified) (1 diff)
• admin/picture_modify.php (modified) (2 diffs)
• admin/remote_site.php (modified) (3 diffs)
• admin/stats.php (modified) (5 diffs)
• admin/thumbnail.php (modified) (1 diff)
• admin/user_list.php (modified) (2 diffs)
• admin/user_perm.php (modified) (1 diff)
• admin/waiting.php (modified) (1 diff)
• category.php (modified) (16 diffs)
• comments.php (modified) (3 diffs)
• identification.php (modified) (2 diffs)
• include/category_calendar.inc.php (modified) (6 diffs)
• include/category_default.inc.php (modified) (1 diff)
• include/category_recent_cats.inc.php (modified) (1 diff)
• include/category_subcats.inc.php (modified) (1 diff)
• include/config_default.inc.php (modified) (2 diffs)
• include/functions_category.inc.php (modified) (1 diff)
• include/functions_html.inc.php (modified) (10 diffs)
• include/functions_session.inc.php (modified) (1 diff)
• include/page_header.php (modified) (1 diff)
• include/user.inc.php (modified) (1 diff)
• notification.php (modified) (1 diff)
• password.php (modified) (1 diff)
• picture.php (modified) (12 diffs)
• profile.php (modified) (2 diffs)
• random.php (modified) (1 diff)
• register.php (modified) (1 diff)
• search.php (modified) (2 diffs)
• upload.php (modified) (2 diffs)

branches/branch-1_5/about.php

@@ -46 +46 @@
 $template->assign_vars(
   array(
-    'U_HOME' => PHPWG_ROOT_PATH.'category.php'
+    'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php')
     )
   );

branches/branch-1_5/admin.php

@@ -66 +66 @@
 $template->assign_vars(
   array(
-    'U_HISTORY'=> $link_start.'stats',
-    'U_FAQ'=> $link_start.'help',
-    'U_SITES'=> $link_start.'remote_site',
-    'U_MAINTENANCE'=> $link_start.'maintenance',
-    'U_CONFIG_GENERAL'=> $conf_link.'general',
-    'U_CONFIG_COMMENTS'=> $conf_link.'comments',
-    'U_CONFIG_DISPLAY'=> $conf_link.'default',
-    'U_CATEGORIES'=> $link_start.'cat_list',
-    'U_MOVE'=> $link_start.'cat_move',
-    'U_CAT_UPLOAD'=> $opt_link.'upload',
-    'U_CAT_COMMENTS'=> $opt_link.'comments',
-    'U_CAT_VISIBLE'=> $opt_link.'visible',
-    'U_CAT_STATUS'=> $opt_link.'status',
-    'U_CAT_OPTIONS'=> $link_start.'cat_options',
-    'U_CAT_UPDATE'=> $link_start.'update',
-    'U_WAITING'=> $link_start.'waiting',
-    'U_COMMENTS'=> $link_start.'comments',
-    'U_CADDIE'=> $link_start.'element_set&cat=caddie',
-    'U_THUMBNAILS'=> $link_start.'thumbnail',
-    'U_USERS'=> $link_start.'user_list',
-    'U_GROUPS'=> $link_start.'group_list',
-    'U_ADMIN'=> PHPWG_ROOT_PATH.'admin.php',
-    'U_RETURN'=> PHPWG_ROOT_PATH.'category.php'
+    'U_HISTORY'=>add_session_id($link_start.'stats' ),
+    'U_FAQ'=>add_session_id($link_start.'help' ),
+    'U_SITES'=>add_session_id($link_start.'remote_site'),
+    'U_MAINTENANCE'=>add_session_id($link_start.'maintenance'),
+    'U_CONFIG_GENERAL'=>add_session_id($conf_link.'general' ),
+    'U_CONFIG_COMMENTS'=>add_session_id($conf_link.'comments' ),
+    'U_CONFIG_DISPLAY'=>add_session_id($conf_link.'default' ),
+    'U_CATEGORIES'=>add_session_id($link_start.'cat_list' ),
+    'U_MOVE'=>add_session_id($link_start.'cat_move' ),
+    'U_CAT_UPLOAD'=>add_session_id($opt_link.'upload'),
+    'U_CAT_COMMENTS'=>add_session_id($opt_link.'comments'),
+    'U_CAT_VISIBLE'=>add_session_id($opt_link.'visible'),
+    'U_CAT_STATUS'=>add_session_id($opt_link.'status'),
+    'U_CAT_OPTIONS'=>add_session_id($link_start.'cat_options'),
+    'U_CAT_UPDATE'=>add_session_id($link_start.'update'),
+    'U_WAITING'=>add_session_id($link_start.'waiting' ),
+    'U_COMMENTS'=>add_session_id($link_start.'comments' ),
+    'U_CADDIE'=>add_session_id($link_start.'element_set&cat=caddie'),
+    'U_THUMBNAILS'=>add_session_id($link_start.'thumbnail' ),
+    'U_USERS'=>add_session_id($link_start.'user_list' ),
+    'U_GROUPS'=>add_session_id($link_start.'group_list' ),
+    'U_ADMIN'=>add_session_id( PHPWG_ROOT_PATH.'admin.php' ),
+    'U_RETURN'=>add_session_id(PHPWG_ROOT_PATH.'category.php')
     )
   );
@@ -97 +97 @@
     'representative',
     array(
-      'URL' => $opt_link.'representative'
+      'URL' => add_session_id($opt_link.'representative')
       )
     );

branches/branch-1_5/admin/cat_list.php

@@ -66 +66 @@
 
 $base_url = PHPWG_ROOT_PATH.'admin.php?page=cat_list';
-$navigation = '<a class="" href="'.$base_url.'">';
+$navigation = '<a class="" href="'.add_session_id($base_url).'">';
 $navigation.= $lang['home'];
 $navigation.= '</a>';
@@ -239 +239 @@
   'CATEGORIES_NAV'=>$navigation,
   'NEXT_RANK'=>$next_rank,
-  'F_ACTION'=>$form_action,
+  'F_ACTION'=>add_session_id($form_action),
   
   'L_ADD_VIRTUAL'=>$lang['cat_add'],
@@ -318 +318 @@
       'RANK'=>$category['rank']*10,
 
-      'U_JUMPTO'=>PHPWG_ROOT_PATH.'category.php?cat='.$category['id'],
-      'U_CHILDREN'=>$cat_list_url.'&amp;parent_id='.$category['id'],      
-      'U_EDIT'=>$base_url.'cat_modify&amp;cat_id='.$category['id']
+      'U_JUMPTO'=>
+      add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$category['id']),
+      
+      'U_CHILDREN'=>
+      add_session_id($cat_list_url.'&amp;parent_id='.$category['id']),
+      
+      'U_EDIT'=>
+      add_session_id($base_url.'cat_modify&amp;cat_id='.$category['id'])
       )
     );
@@ -329 +334 @@
       'category.delete',
       array(
-        'URL'=>$self_url.'&amp;delete='.$category['id']
+        'URL'=>add_session_id($self_url.'&amp;delete='.$category['id'])
         )
       );
@@ -339 +344 @@
       'category.elements',
       array(
-        'URL'=>$base_url.'element_set&amp;cat='.$category['id']
+        'URL'=>add_session_id($base_url.'element_set&amp;cat='.$category['id'])
         )
       );
@@ -349 +354 @@
       'category.permissions',
       array(
-        'URL'=>$base_url.'cat_perm&amp;cat='.$category['id']
+        'URL'=>add_session_id($base_url.'cat_perm&amp;cat='.$category['id'])
         )
       );

branches/branch-1_5/admin/cat_modify.php

@@ -172 +172 @@
   'L_SET_RANDOM_REPRESENTANT'=>$lang['cat_representant'],
 
-  'U_JUMPTO'=>PHPWG_ROOT_PATH.'category.php?cat='.$category['id'],
-  'U_CHILDREN'=>$cat_list_url.'&parent_id='.$category['id'],
+  'U_JUMPTO'=>
+    add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$category['id']),
+  'U_CHILDREN'=>
+    add_session_id($cat_list_url.'&parent_id='.$category['id']),
   'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_modify',
    
-  'F_ACTION'=>$form_action
+  'F_ACTION'=>add_session_id($form_action)
   ));
 
@@ -185 +187 @@
     'permissions',
     array(
-      'URL'=>$base_url.'cat_perm&cat='.$category['id']
+      'URL'=>add_session_id($base_url.'cat_perm&cat='.$category['id'])
         )
     );
@@ -196 +198 @@
     'elements',
     array(
-      'URL'=>$base_url.'element_set&cat='.$category['id']
+      'URL'=>add_session_id($base_url.'element_set&cat='.$category['id'])
       )
     );
@@ -266 +268 @@
     'delete',
     array(
-      'URL'=>$self_url.'&delete='.$category['id']
+      'URL'=>add_session_id($self_url.'&delete='.$category['id'])
       )
     );

branches/branch-1_5/admin/cat_move.php

@@ -69 +69 @@
 $template->assign_vars(
   array(
-    'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=cat_move',
+    'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=cat_move'),
     )
   );

branches/branch-1_5/admin/cat_options.php

@@ -154 +154 @@
     'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_options',
     
-    'F_ACTION'=>$base_url.$page['section']
+    'F_ACTION'=>add_session_id($base_url.$page['section'])
    )
  );

branches/branch-1_5/admin/cat_perm.php

@@ -208 +208 @@
         ),
     'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_perm',
-    'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=cat_perm&cat='.$page['cat']
+    'F_ACTION' =>
+      add_session_id(
+        PHPWG_ROOT_PATH.'admin.php?page=cat_perm&cat='.$page['cat']
+        )
     )
   );

branches/branch-1_5/admin/comments.php

@@ -118 +118 @@
 $template->assign_vars(
   array(
-    'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=comments'
+    'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=comments')
     )
   );
@@ -142 +142 @@
     array(
       'U_PICTURE' =>
+        add_session_id(
           PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
-          '&image_id='.$row['image_id'],
+          '&image_id='.$row['image_id']
+          ),
       'ID' => $row['id'],
       'TN_SRC' => get_thumbnail_src($row['path'], @$row['tn_ext']),

branches/branch-1_5/admin/configuration.php

@@ -150 +150 @@
     'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=configuration',
     
-    'F_ACTION'=>$action
+    'F_ACTION'=>add_session_id($action)
     ));
 

branches/branch-1_5/admin/element_set_unit.php

@@ -223 +223 @@
             $row['name'] : get_name_from_file($row['file']),
         'U_EDIT' =>
+          add_session_id(
             PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
-            '&image_id='.$row['id'],
+            '&image_id='.$row['id']
+            ),
         'ID' => $row['id'],
         'FILENAME' => $row['path'],

branches/branch-1_5/admin/group_list.php

@@ -125 +125 @@
 $template->assign_vars(
   array(
-    'F_ADD_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=group_list'
+    'F_ADD_ACTION' =>
+      add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_list')
     )
   );

branches/branch-1_5/admin/group_perm.php

@@ -141 +141 @@
     
     'F_ACTION' =>
+      add_session_id(
         PHPWG_ROOT_PATH.
         'admin.php?page=group_perm&group_id='.
         $page['group']
+        )
     )
   );

branches/branch-1_5/admin/intro.php

@@ -178 +178 @@
     'DB_GROUPS' => sprintf(l10n('%d groups'), $nb_groups),
     'DB_COMMENTS' => sprintf(l10n('%d comments'), $nb_comments),
-    'U_CHECK_UPGRADE' => PHPWG_ROOT_PATH.'admin.php?action=check_upgrade',
-    'U_PHPINFO' => PHPWG_ROOT_PATH.'admin.php?action=phpinfo'
+    'U_CHECK_UPGRADE' =>
+      add_session_id(PHPWG_ROOT_PATH.'admin.php?action=check_upgrade'),
+    'U_PHPINFO' =>
+      add_session_id(PHPWG_ROOT_PATH.'admin.php?action=phpinfo')
     )
   );
@@ -216 +218 @@
     'waiting',
     array(
-      'URL' => PHPWG_ROOT_PATH.'admin.php?page=waiting',
+      'URL' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=waiting'),
       'INFO' => sprintf(l10n('%d waiting for validation'), $nb_waiting)
       )
@@ -235 +237 @@
     'unvalidated',
     array(
-      'URL' => PHPWG_ROOT_PATH.'admin.php?page=comments',
+      'URL' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=comments'),
       'INFO' => sprintf(l10n('%d waiting for validation'), $nb_comments)
       )

branches/branch-1_5/admin/maintenance.php

@@ -99 +99 @@
 $template->assign_vars(
   array(
-    'U_MAINT_CATEGORIES' => $start_url.'categories',
-    'U_MAINT_IMAGES' => $start_url.'images',
-    'U_MAINT_HISTORY' => $start_url.'history',
-    'U_MAINT_SESSIONS' => $start_url.'sessions',
-    'U_MAINT_FEEDS' => $start_url.'feeds',
+    'U_MAINT_CATEGORIES' => add_session_id($start_url.'categories'),
+    'U_MAINT_IMAGES' => add_session_id($start_url.'images'),
+    'U_MAINT_HISTORY' => add_session_id($start_url.'history'),
+    'U_MAINT_SESSIONS' => add_session_id($start_url.'sessions'),
+    'U_MAINT_FEEDS' => add_session_id($start_url.'feeds'),
     'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=maintenance',
     )

branches/branch-1_5/admin/picture_modify.php

@@ -196 +196 @@
   array(
     'U_SYNC' =>
+      add_session_id(
         PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
         '&image_id='.$_GET['image_id'].
         (isset($_GET['cat_id']) ? '&cat_id='.$_GET['cat_id'] : '').
-        '&sync_metadata=1',
+        '&sync_metadata=1'
+        ),
     
     'PATH'=>$row['path'],
@@ -229 +231 @@
   
     'F_ACTION' =>
+      add_session_id(
         PHPWG_ROOT_PATH.'admin.php'
         .get_query_string_diff(array('sync_metadata'))
+        )
     )
   );

branches/branch-1_5/admin/remote_site.php

@@ -516 +516 @@
     'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=remote_site',
     
-    'F_ACTION'=>PHPWG_ROOT_PATH.'admin.php?page=remote_site'
+    'F_ACTION'=>add_session_id(PHPWG_ROOT_PATH.'admin.php?page=remote_site')
    )
  );
@@ -687 +687 @@
       array(
         'URL' => $url,
-        'U_UPDATE' => $base_url.'local_update'
+        'U_UPDATE' => add_session_id($base_url.'local_update')
         )
       );
@@ -732 +732 @@
     array(
       'NAME' => $row['galleries_url'],
-      'U_GENERATE' => $base_url.'generate',
-      'U_UPDATE' => $base_url.'update',
-      'U_CLEAN' => $base_url.'clean',
-      'U_DELETE' => $base_url.'delete'
+      'U_GENERATE' => add_session_id($base_url.'generate'),
+      'U_UPDATE' => add_session_id($base_url.'update'),
+      'U_CLEAN' => add_session_id($base_url.'clean'),
+      'U_DELETE' => add_session_id($base_url.'delete')
      )
    );

branches/branch-1_5/admin/stats.php

@@ -63 +63 @@
   $title_page=$lang['stats_day_title'].' du '.$date_of_day;
   $url_back = PHPWG_ROOT_PATH."admin.php?page=stats";
-  $url_back = $url_back;
+  $url_back = add_session_id($url_back);
   $title_details='<a href='.$url_back.'>'.$lang['stats_day_title'].'</a>';
   $title_day = $date_of_day;
@@ -72 +72 @@
   $title_page=$lang['stats_month_title'].' : '.$date_of_day;
   $url_back = PHPWG_ROOT_PATH."admin.php?page=stats";
-  $url_back = $url_back;
+  $url_back = add_session_id($url_back);
   $title_details='<a href='.$url_back.'>'.$lang['stats_day_title'].'</a>';
   $title_day=$lang['today'];
@@ -106 +106 @@
   'L_STAT_PICTURE'=>$lang['stats_picture'],
   
-  'IMG_REPORT'=>$url_img
+  'IMG_REPORT'=>add_session_id($url_img)
   ));
 
@@ -142 +142 @@
       ;
 
-    $value = '<a href="'.$url.'">';
+    $value = '<a href="'.add_session_id($url).'">';
     $value.= $row['d'].' ('.$week_day.')';
     $value.= "</a>";
@@ -161 +161 @@
       ;
     
-    $value = '<a href="'.$url.'">';
+    $value = '<a href="'.add_session_id($url).'">';
     $value.= $lang['month'][$row['m']].' '.$row['y'];
     $value.= "</a>";

branches/branch-1_5/admin/thumbnail.php

@@ -359 +359 @@
     'params',
     array(
-      'F_ACTION'=>$form_url,
+      'F_ACTION'=>add_session_id($form_url),
       $gdlabel=>'checked="checked"',
       $nlabel=>'checked="checked"',

branches/branch-1_5/admin/user_list.php

@@ -425 +425 @@
 $template->set_filenames(array('user_list'=>'admin/user_list.tpl'));
 
-$base_url = PHPWG_ROOT_PATH.'admin.php?page=user_list';
+$base_url = add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_list');
 
 if (isset($_GET['start']) and is_numeric($_GET['start']))
@@ -791 +791 @@
       'ID' => $local_user['id'],
       'CHECKED' => $checked,
-      'U_MOD' => $profile_url.$local_user['id'],
-      'U_PERM' => $perm_url.$local_user['id'],
+      'U_MOD' => add_session_id($profile_url.$local_user['id']),
+      'U_PERM' => add_session_id($perm_url.$local_user['id']),
       'USERNAME' => $local_user['username'],
       'STATUS' => $lang['user_status_'.$local_user['status']],

branches/branch-1_5/admin/user_perm.php

@@ -134 +134 @@
     
     'F_ACTION' =>
+      add_session_id(
         PHPWG_ROOT_PATH.
         'admin.php?page=user_perm'.
         '&user_id='.$page['user']
+        )
     )
   );

branches/branch-1_5/admin/waiting.php

@@ -149 +149 @@
   'L_DELETE'=>$lang['delete'],
   
-  'F_ACTION'=>str_replace( '&', '&', $_SERVER['REQUEST_URI'])
+  'F_ACTION'=>add_session_id(str_replace( '&', '&', $_SERVER['REQUEST_URI'] ))
   ));
   

branches/branch-1_5/category.php

@@ -32 +32 @@
 if ( isset( $_GET['act'] )
      and $_GET['act'] == 'logout'
-     and isset( $_COOKIE[session_name()] ) )
+     and isset( $_COOKIE['id'] ) )
 {
   // cookie deletion if exists
-  $_SESSION = array();
-  session_unset();
-  session_destroy();
-  setcookie(session_name(),'',0,'/');
+  setcookie( 'id', '', 0, cookie_path() );
   $url = 'category.php';
   redirect( $url );
@@ -167 +164 @@
   'L_REMEMBER_ME' => $lang['remember_me'],
   
-  'F_IDENTIFY' => PHPWG_ROOT_PATH.'identification.php',
+  'F_IDENTIFY' => add_session_id( PHPWG_ROOT_PATH.'identification.php' ),
   'T_RECENT' => $icon_recent,
 
-  'U_HOME' => PHPWG_ROOT_PATH.'category.php',
-  'U_REGISTER' => PHPWG_ROOT_PATH.'register.php',
-  'U_LOST_PASSWORD' => PHPWG_ROOT_PATH.'password.php',
+  'U_HOME' => add_session_id( PHPWG_ROOT_PATH.'category.php' ),
+  'U_REGISTER' => add_session_id( PHPWG_ROOT_PATH.'register.php' ),
+  'U_LOST_PASSWORD' => add_session_id(PHPWG_ROOT_PATH.'password.php'),
   'U_LOGOUT' => PHPWG_ROOT_PATH.'category.php?act=logout',
-  'U_ADMIN'=> PHPWG_ROOT_PATH.'admin.php',
-  'U_PROFILE'=> PHPWG_ROOT_PATH.'profile.php'
+  'U_ADMIN'=>add_session_id( PHPWG_ROOT_PATH.'admin.php' ),
+  'U_PROFILE'=>add_session_id(PHPWG_ROOT_PATH.'profile.php')
   )
 );
@@ -202 +199 @@
     'special_cat',
     array(
-      'URL' => PHPWG_ROOT_PATH.'category.php?cat=fav',
+      'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=fav'),
       'TITLE' => $lang['favorite_cat_hint'],
       'NAME' => $lang['favorite_cat']
@@ -211 +208 @@
   'special_cat',
   array(
-    'URL' => PHPWG_ROOT_PATH.'category.php?cat=most_visited',
+    'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=most_visited'),
     'TITLE' => $lang['most_visited_cat_hint'],
     'NAME' => $lang['most_visited_cat']
@@ -221 +218 @@
     'special_cat',
     array(
-      'URL' => PHPWG_ROOT_PATH.'category.php?cat=best_rated',
+      'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=best_rated'),
       'TITLE' => $lang['best_rated_cat_hint'],
       'NAME' => $lang['best_rated_cat']
@@ -231 +228 @@
   'special_cat',
   array(
-    'URL' => PHPWG_ROOT_PATH.'random.php',
+    'URL' => add_session_id(PHPWG_ROOT_PATH.'random.php'),
     'TITLE' => $lang['random_cat_hint'],
     'NAME' => $lang['random_cat']
@@ -239 +236 @@
   'special_cat',
   array(
-    'URL' => PHPWG_ROOT_PATH.'category.php?cat=recent_pics',
+    'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=recent_pics'),
     'TITLE' => $lang['recent_pics_cat_hint'],
     'NAME' => $lang['recent_pics_cat']
@@ -247 +244 @@
   'special_cat',
   array(
-    'URL' => PHPWG_ROOT_PATH.'category.php?cat=recent_cats',
+    'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=recent_cats'),
     'TITLE' => $lang['recent_cats_cat_hint'],
     'NAME' => $lang['recent_cats_cat']
@@ -255 +252 @@
   'special_cat',
   array(
-    'URL' => PHPWG_ROOT_PATH.'category.php?cat=calendar',
+    'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=calendar'),
     'TITLE' => $lang['calendar_hint'],
     'NAME' => $lang['calendar']
@@ -294 +291 @@
 'TITLE'=>$lang['hint_search'],
 'NAME'=>$lang['search'],
-'U_SUMMARY'=> 'search.php',
+'U_SUMMARY'=>add_session_id( 'search.php' ),
 ));
 
@@ -301 +298 @@
 'TITLE'=>$lang['hint_comments'],
 'NAME'=>$lang['comments'],
-'U_SUMMARY'=> 'comments.php',
+'U_SUMMARY'=>add_session_id( 'comments.php' ),
 ));
 
@@ -308 +305 @@
 'TITLE'=>$lang['about_page_title'],
 'NAME'=>$lang['About'],
-'U_SUMMARY'=> 'about.php?'.str_replace( '&', '&', $_SERVER['QUERY_STRING'] ) 
+'U_SUMMARY'=>add_session_id( 'about.php?'.str_replace( '&', '&', $_SERVER['QUERY_STRING'] ) )
 ));
 
@@ -317 +314 @@
     'TITLE'=>l10n('notification'),
     'NAME'=>l10n('Notification'),
-    'U_SUMMARY'=> PHPWG_ROOT_PATH.'notification.php'
+    'U_SUMMARY'=>add_session_id(PHPWG_ROOT_PATH.'notification.php')
 ));
 
@@ -328 +325 @@
     array(
       'URL' =>
+        add_session_id(
           PHPWG_ROOT_PATH.'admin.php?page=cat_modify'
           .'&cat_id='.$page['cat']
+          )
       )
     );
@@ -354 +353 @@
       array(
         'URL' =>
+          add_session_id(
             PHPWG_ROOT_PATH.'category.php'
             .get_query_string_diff(array('caddie')).'&caddie=1')
+        )
       );
   }
@@ -383 +384 @@
     $template->assign_block_vars(
       'upload',
-      array('U_UPLOAD'=> $url )
+      array('U_UPLOAD'=>add_session_id( $url ))
       );
   }

branches/branch-1_5/comments.php

@@ -229 +229 @@
     'F_AUTHOR'=>@$_GET['author'],
     
-    'U_HOME' => PHPWG_ROOT_PATH.'category.php'
+    'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php')
     )
   );
@@ -466 +466 @@
         'TITLE_IMG'=>$name,
         'I_THUMB'=>$thumbnail_src,
-        'U_THUMB'=>$url
+        'U_THUMB'=>add_session_id($url)
         ));
     
@@ -478 +478 @@
       'comment',
       array(
-        'U_PICTURE' => $url,
+        'U_PICTURE' => add_session_id($url),
         'TN_SRC' => $thumbnail_src,
         'AUTHOR' => $author,

branches/branch-1_5/identification.php

@@ -52 +52 @@
       $session_length = $conf['remember_me_length'];
     }
-    session_start();
-    $_SESSION['id'] = $row['id'];
-    redirect('category.php');
+    $session_id = session_create($row['id'], $session_length);
+    redirect('category.php?id='.$session_id);
   }
   else
@@ -82 +81 @@
     'L_REMEMBER_ME'=>$lang['remember_me'],
 
-    'U_REGISTER' => PHPWG_ROOT_PATH.'register.php',
-    'U_LOST_PASSWORD' => PHPWG_ROOT_PATH.'password.php',
-    'U_HOME' => PHPWG_ROOT_PATH.'category.php',
+    'U_REGISTER' => add_session_id(PHPWG_ROOT_PATH.'register.php'),
+    'U_LOST_PASSWORD' => add_session_id(PHPWG_ROOT_PATH.'password.php'),
+    'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php'),
     
-    'F_LOGIN_ACTION' => PHPWG_ROOT_PATH.'identification.php'
+    'F_LOGIN_ACTION' => add_session_id(PHPWG_ROOT_PATH.'identification.php')
     ));
 

branches/branch-1_5/include/category_calendar.inc.php

@@ -68 +68 @@
     $url = PHPWG_ROOT_PATH.'category.php?cat=calendar';
     $url.= '&year='.$calendar_year;
+    $url = add_session_id($url);
     $years_nav_bar.= ' <a href="'.$url.'">'.$calendar_year.'</a>';
   }
@@ -124 +125 @@
       $url.= $page['calendar_year'].'.'.sprintf('%02s', $calendar_month);
       $months_nav_bar.= ' ';
-      $months_nav_bar.= '<a href="'.$url.'">';
+      $months_nav_bar.= '<a href="'.add_session_id($url).'">';
       $months_nav_bar.= $lang['month'][(int)$calendar_month];
       $months_nav_bar.= '</a>';
@@ -248 +249 @@
         'IMAGE_TITLE'=>$thumbnail_title,
           
-        'U_IMG_LINK'=>$url_link
+        'U_IMG_LINK'=>add_session_id($url_link)
        )
      );
@@ -308 +309 @@
         'IMAGE_TITLE'=>$thumbnail_title,
           
-        'U_IMG_LINK'=>$url_link
+        'U_IMG_LINK'=>add_session_id($url_link)
        )
      );
@@ -362 +363 @@
         'IMAGE_TITLE'=>$thumbnail_title,
           
-        'U_IMG_LINK'=>$url_link
+        'U_IMG_LINK'=>add_session_id($url_link)
          )
        );
@@ -436 +437 @@
         'IMAGE_TITLE'=>$thumbnail_title,
           
-        'U_IMG_LINK'=>$url_link
+        'U_IMG_LINK'=>add_session_id($url_link)
          )
        );

branches/branch-1_5/include/category_default.inc.php

@@ -90 +90 @@
       'IMAGE_TS'           => get_icon($row['date_available']),
       
-      'U_IMG_LINK'         => $url_link
+      'U_IMG_LINK'         => add_session_id($url_link)
       )
     );

branches/branch-1_5/include/category_recent_cats.inc.php

@@ -79 +79 @@
       'IMAGE_TITLE'             => $lang['hint_category'],
         
-      'U_IMG_LINK'              => $url_link
+      'U_IMG_LINK'              => add_session_id($url_link)
       )
     );

branches/branch-1_5/include/category_subcats.inc.php

@@ -153 +153 @@
         'IMAGE_TS' => get_icon(@$item['date_last']),
         'U_IMG_LINK' =>
-          PHPWG_ROOT_PATH.'category.php?cat='.$item['category']
+          add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$item['category'])
         )
       );

branches/branch-1_5/include/config_default.inc.php

@@ -257 +257 @@
 // +-----------------------------------------------------------------------+
 
-// specifies to use cookie to store the session id on client side
-$conf['session_use_cookies'] = 1;
-
-// specifies to only use cookie to store the session id on client side
-$conf['session_use_only_cookies'] = 1;
-
-// do not use transparent session id support
-$conf['session_use_trans_sid'] = 0;
-
-// specifies the name of the session which is used as cookie name
-$conf['session_name'] = 'pwg_id';
-
-// comment the line below to use file handler for sessions.
-$conf['session_save_handler'] = 'db';
-
 // authorize_remembering : permits user to stay logged for a long time. It
 // creates a cookie on client side.
@@ -282 +267 @@
 // session_length : time of validity for normal session, in seconds.
 $conf['session_length'] = 3600;
+
+// session_id_size : a session identifier is compound of alphanumeric
+// characters and is case sensitive. Each character is among 62
+// possibilities. The number of possible sessions is
+// 62^$conf['session_id_size'].
+//
+// 62^5  =             916,132,832
+// 62^10 = 839,299,365,868,340,224
+//
+$conf['session_id_size'] = 10;
 
 // +-----------------------------------------------------------------------+

branches/branch-1_5/include/functions_category.inc.php

@@ -48 +48 @@
   {
     echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
-    echo '<a href="./category.php">';
+    echo '<a href="'.add_session_id( './category.php' ).'">';
     echo $lang['thumbnails'].'</a></div>';
     exit();

branches/branch-1_5/include/functions_html.inc.php

@@ -83 +83 @@
     {
       $navbar.= '<a href="';
-      $navbar.= $url.'&amp;start=0';
+      $navbar.= add_session_id($url.'&amp;start=0');
       $navbar.= '" class="'.$link_class.'">'.$lang['first_page'];
       $navbar.= '</a>';
@@ -97 +97 @@
       $previous = $start - $nb_element_page;
       $navbar.= '<a href="';
-      $navbar.= $url.'&amp;start='.$previous;
+      $navbar.= add_session_id( $url.'&amp;start='.$previous );
       $navbar.= '" class="'.$link_class.'">'.$lang['previous_page'];
       $navbar.= '</a>';
@@ -110 +110 @@
     {
       $navbar.= '&nbsp;<a href="';
-      $navbar.= $url.'&amp;start=0';
+      $navbar.= add_session_id($url.'&amp;start=0');
       $navbar.= '" class="'.$link_class.'">1</a>';
       if ($cur_page > $pages_around + 2)
@@ -131 +131 @@
         $temp_start = ($i - 1) * $nb_element_page;
         $navbar.= '&nbsp;<a href="';
-        $navbar.= $url.'&amp;start='.$temp_start;
+        $navbar.= add_session_id($url.'&amp;start='.$temp_start);
         $navbar.= '" class="'.$link_class.'">'.$i.'</a>';
       }
@@ -149 +149 @@
       }
       $navbar.= ' <a href="';
-      $navbar.= $url.'&amp;start='.$temp_start;
+      $navbar.= add_session_id($url.'&amp;start='.$temp_start);
       $navbar.= '" class="'.$link_class.'">'.$maximum.'</a>';
     }
@@ -160 +160 @@
       $next = $start + $nb_element_page;
       $navbar.= '<a href="';
-      $navbar.= $url.'&amp;start='.$next;
+      $navbar.= add_session_id( $url.'&amp;start='.$next );
       $navbar.= '" class="'.$link_class.'">'.$lang['next_page'].'</a>';
     }
@@ -174 +174 @@
       $temp_start = ($maximum - 1) * $nb_element_page;
       $navbar.= '<a href="';
-      $navbar.= $url.'&amp;start='.$temp_start;
+      $navbar.= add_session_id($url.'&amp;start='.$temp_start);
       $navbar.= '" class="'.$link_class.'">'.$lang['last_page'];
       $navbar.= '</a>';
@@ -243 +243 @@
     {
       $output.= '<a class=""';
-      $output.= ' href="'.PHPWG_ROOT_PATH.$url.$id.'">';
+      $output.= ' href="'.add_session_id(PHPWG_ROOT_PATH.$url.$id).'">';
       $output.= $name.'</a>';
     }
@@ -312 +312 @@
       $output.= '
 <a class=""
-   href="'.PHPWG_ROOT_PATH.$url.$category_id.'">'.$name.'</a>';
+   href="'.add_session_id(PHPWG_ROOT_PATH.$url.$category_id).'">'.$name.'</a>';
     }
   }
@@ -371 +371 @@
     $menu.= '>';
   
-    $url = PHPWG_ROOT_PATH.'category.php?cat='.$category['id'];
+    $url = add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$category['id']);
     $menu.= "\n".'<a href="'.$url.'">'.$category['name'].'</a>';
 

branches/branch-1_5/include/functions_session.inc.php

@@ -26 +26 @@
 // +-----------------------------------------------------------------------+
 
-if (isset($conf['session_save_handler']) and ($conf['session_save_handler'] == 'db')) {
-  session_set_save_handler('pwg_session_open', 
-                           'pwg_session_close',
-                           'pwg_session_read',
-                           'pwg_session_write',
-                           'pwg_session_destroy',
-                           'pwg_session_gc'
-                           );
-}
-
-ini_set('session.use_cookies', $conf['session_use_cookies']);
-ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
-ini_set('session.use_trans_sid', $conf['session_use_trans_sid']);
-ini_set('session.name', $conf['session_name']);
-
-function pwg_session_open($path, $name) 
-{
-  return true;
-}
-
-function pwg_session_close() 
-{
-  pwg_session_gc();
-  return true;
-}
-
-function pwg_session_read($session_id) 
-{
-  $query = "SELECT data FROM " . SESSIONS_TABLE;
-  $query .= " WHERE id = '$session_id'";
-  $result = pwg_query($query);
-  if ($result) {
-    $row = mysql_fetch_assoc($result);
-    return $row['data'];
-  } else {
-    return '';
-  }
-}
-
-function pwg_session_write($session_id, $data) 
-{
-  $query = "SELECT id FROM " . SESSIONS_TABLE;
-  $query .= " WHERE id = '$session_id'";
-  $result = pwg_query($query);
-  if (mysql_num_rows($result)) {
-    $query = "UPDATE " . SESSIONS_TABLE . " SET expiration = now()";
-    $query .= " WHERE id = '$session_id'";    
-    pwg_query($query);
-  } else {
-    $query = "INSERT INTO " . SESSIONS_TABLE . " (id,data,expiration)";
-    $query .= " VALUES('$session_id','$data',now())";
-    pwg_query($query);    
-  }
-  return true;
-}
-
-function pwg_session_destroy($session_id) 
-{
-  $query = "DELETE FROM " . SESSIONS_TABLE;
-  $query .= " WHERE id = '$session_id'";
-  pwg_query($query);
-  return true;
-}
-
-function pwg_session_gc() 
+// The function generate_key creates a string with pseudo random characters.
+// the size of the string depends on the $conf['session_id_size'].
+// Characters used are a-z A-Z and numerical values. Examples :
+//                    "Er4Tgh6", "Rrp08P", "54gj"
+// input  : none (using global variable)
+// output : $key
+function generate_key($size)
 {
   global $conf;
 
-  $query = "DELETE FROM " . SESSIONS_TABLE;
-  $query .= " WHERE UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(expiration) > " . $conf['session_length'];
+  $md5 = md5(substr(microtime(), 2, 6));
+  $init = '';
+  for ( $i = 0; $i < strlen( $md5 ); $i++ )
+  {
+    if ( is_numeric( $md5[$i] ) ) $init.= $md5[$i];
+  }
+  $init = substr( $init, 0, 8 );
+  mt_srand( $init );
+  $key = '';
+  for ( $i = 0; $i < $size; $i++ )
+  {
+    $c = mt_rand( 0, 2 );
+    if ( $c == 0 )      $key .= chr( mt_rand( 65, 90 ) );
+    else if ( $c == 1 ) $key .= chr( mt_rand( 97, 122 ) );
+    else                $key .= mt_rand( 0, 9 );
+  }
+  return $key;
+}
+
+/**
+ * create a new session and returns the session identifier
+ *
+ * - find a non-already-used session key
+ * - create a session in database
+ * - return session identifier
+ *
+ * @param int userid
+ * @param int session_lentgh : in seconds
+ * @return string
+ */
+function session_create($userid, $session_length)
+{
+  global $conf;
+
+  // 1. searching an unused session key
+  $id_found = false;
+  while (!$id_found)
+  {
+    $generated_id = generate_key($conf['session_id_size']);
+    $query = '
+SELECT id
+  FROM '.SESSIONS_TABLE.'
+  WHERE id = \''.$generated_id.'\'
+;';
+    $result = pwg_query($query);
+    if (mysql_num_rows($result) == 0)
+    {
+      $id_found = true;
+    }
+  }
+  // 3. inserting session in database
+  $query = '
+INSERT INTO '.SESSIONS_TABLE.'
+  (id,user_id,expiration)
+  VALUES
+  (\''.$generated_id.'\','.$userid.',
+   ADDDATE(NOW(), INTERVAL '.$session_length.' SECOND))
+;';
   pwg_query($query);
-  return true;
+
+  $expiration = $session_length + time();
+  setcookie('id', $generated_id, $expiration, cookie_path());
+                
+  return $generated_id;
+}
+
+// add_session_id adds the id of the session to the string given in
+// parameter as $url. If the session id is the first parameter to the url,
+// it is preceded by a '?', else it is preceded by a '&amp;'. If the
+// parameter $redirect is set to true, '&' is used instead of '&'.
+function add_session_id( $url, $redirect = false )
+{
+  global $page, $user, $conf;
+
+  if ($user['is_the_guest']
+      or $user['has_cookie']
+      or $conf['apache_authentication'])
+  {
+    return $url;
+  }
+
+  if (preg_match('/\.php\?/', $url))
+  {
+    $separator = $redirect ? '&' : '&amp;';
+  }
+  else
+  {
+    $separator = '?';
+  }
+
+  return $url.$separator.'id='.$page['session_id'];
+}
+
+// cookie_path returns the path to use for the PhpWebGallery cookie.
+// If PhpWebGallery is installed on :
+// http://domain.org/meeting/gallery/category.php
+// cookie_path will return : "/meeting/gallery"
+function cookie_path()
+{
+  return substr($_SERVER['PHP_SELF'],0,strrpos( $_SERVER['PHP_SELF'],'/'));
 }
 ?>

branches/branch-1_5/include/page_header.php

@@ -62 +62 @@
     array(
       'REFRESH_TIME' => $refresh,
-      'U_REFRESH' => $url_link
+      'U_REFRESH' => add_session_id( $url_link )
       ));
   $template->assign_block_vars('refresh', array());

branches/branch-1_5/include/user.inc.php

@@ -27 +27 @@
 
 // retrieving connected user informations
-if (isset($_COOKIE[session_name()])) 
+if (isset($_COOKIE['id']))
 {
- session_start();
- if (isset($_SESSION['id'])) 
- {
-   $user['id'] = $_SESSION['id'];    
- }
- else 
- {
-   // session timeout
-   $user['id'] = $conf['guest_id'];
-   $user['is_the_guest'] = true;
- }
-} 
-else 
+  $session_id = $_COOKIE['id'];
+  $user['has_cookie'] = true;
+}
+else if (isset($_GET['id']))
 {
- $user['id'] = $conf['guest_id'];
- $user['is_the_guest'] = true;
+  $session_id = $_GET['id'];
+  $user['has_cookie'] = false;
+}
+else
+{
+  $user['has_cookie'] = false;
+}
+
+if (isset($session_id)
+    and ereg("^[0-9a-zA-Z]{".$conf['session_id_size']."}$", $session_id))
+{
+  $page['session_id'] = $session_id;
+  $query = '
+SELECT user_id,expiration,NOW() AS now
+  FROM '.SESSIONS_TABLE.'
+  WHERE id = \''.$page['session_id'].'\'
+;';
+  $result = pwg_query($query);
+  if (mysql_num_rows($result) > 0)
+  {
+    $row = mysql_fetch_array($result);
+    if (strnatcmp($row['expiration'], $row['now']) < 0)
+    {
+      // deletion of the session from the database, because it is
+      // out-of-date
+      $delete_query = '
+DELETE FROM '.SESSIONS_TABLE.'
+  WHERE id = \''.$page['session_id'].'\'
+;';
+      pwg_query($delete_query);
+    }
+    else
+    {
+      $user['id'] = $row['user_id'];
+      $user['is_the_guest'] = false;
+    }
+  }
+}
+if (!isset($user['id']))
+{
+  $user['id'] = $conf['guest_id'];
+  $user['is_the_guest'] = true;
 }
 

branches/branch-1_5/notification.php

@@ -59 +59 @@
   array(
     'FEED_URL' => PHPWG_ROOT_PATH.'feed.php?feed='.$page['feed'],
-    'U_HOME' => PHPWG_ROOT_PATH.'category.php'
+    'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php')
     )
   );

branches/branch-1_5/password.php

@@ -177 +177 @@
 $template->assign_vars(
   array(
-    'U_HOME' => PHPWG_ROOT_PATH.'category.php'
+    'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php')
     )
   );

branches/branch-1_5/picture.php

@@ -83 +83 @@
 {
   echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
-  echo '<a href="'.PHPWG_ROOT_PATH.'category.php'.'">';
+  echo '<a href="'.add_session_id( PHPWG_ROOT_PATH.'category.php' ).'">';
   echo $lang['thumbnails'].'</a></div>';
   exit();
@@ -330 +330 @@
       // there is no favorite picture anymore we redirect the user to the
       // category page
-      redirect($url_up);
+      $url = add_session_id($url_up);
+      redirect($url);
     }
     else if (!$has_prev)
     {
       $url = str_replace( '&amp;', '&', $picture['next']['url'] );
-      redirect( $url );
+      $url = add_session_id( $url, true);
     }
     else
     {
       $url = str_replace('&amp;', '&', $picture['prev']['url'] );
-      redirect( $url );
+      $url = add_session_id( $url, true);
     }
     redirect( $url );
@@ -533 +534 @@
   'L_UP_ALT' => $lang['home'],
   
-  'U_HOME' => (PHPWG_ROOT_PATH.'category.php'),
-  'U_UP' => $url_up,
-  'U_METADATA' => $url_metadata,
-  'U_ADMIN' => $url_admin,
-  'U_SLIDESHOW'=> $url_slide,
-  'U_ADD_COMMENT' => str_replace( '&', '&amp;', $_SERVER['REQUEST_URI'] )
+  'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php'),
+  'U_UP' => add_session_id($url_up),
+  'U_METADATA' => add_session_id($url_metadata),
+  'U_ADMIN' => add_session_id($url_admin),
+  'U_SLIDESHOW'=> add_session_id($url_slide),
+  'U_ADD_COMMENT' => add_session_id(str_replace( '&', '&amp;', $_SERVER['REQUEST_URI'] ))
   )
 );
@@ -595 +596 @@
     array(
       'URL' =>
+      add_session_id(
         PHPWG_ROOT_PATH.'picture.php'
         .get_query_string_diff(array('caddie')).'&amp;caddie=1')
+      )
     );
 }
@@ -654 +657 @@
       'TITLE_IMG' => $picture['prev']['name'],
       'IMG' => $picture['prev']['thumbnail'],
-      'U_IMG' => $picture['prev']['url']
+      'U_IMG' => add_session_id($picture['prev']['url'])
       ));
 }
@@ -665 +668 @@
       'TITLE_IMG' => $picture['next']['name'],
       'IMG' => $picture['next']['thumbnail'],
-      'U_IMG' => $picture['next']['url']
+      'U_IMG' => add_session_id($picture['next']['url'])
       ));
 }
@@ -688 +691 @@
   $infos['INFO_AUTHOR'] =
     '<a href="'.
+    add_session_id(
       PHPWG_ROOT_PATH.'category.php?cat=search'.
       '&amp;search=author:'.$picture['current']['author']
-      .'">'.$picture['current']['author'].'</a>';
+      ).
+    '">'.$picture['current']['author'].'</a>';
 }
 else
@@ -702 +707 @@
   $infos['INFO_CREATION_DATE'] =
     '<a href="'.
+    add_session_id(
       PHPWG_ROOT_PATH.'category.php?cat=search'.
       '&amp;search=date_creation:'.$picture['current']['date_creation']
-      .'">'.format_date($picture['current']['date_creation']).'</a>';
+      ).
+    '">'.format_date($picture['current']['date_creation']).'</a>';
 }
 else
@@ -714 +721 @@
 $infos['INFO_AVAILABILITY_DATE'] =
   '<a href="'.
+  add_session_id(
     PHPWG_ROOT_PATH.'category.php?cat=search'.
     '&amp;search=date_available:'.
     substr($picture['current']['date_available'], 0, 10)
-    .'">'.
+    ).
+    '">'.
   format_date($picture['current']['date_available'], 'mysql_datetime').
   '</a>';
@@ -766 +775 @@
       '/([^,]+)/',
       '<a href="'.
+      add_session_id(
         PHPWG_ROOT_PATH.'category.php?cat=search&amp;search=keywords:$1'
-        .'">$1</a>',
+        ).
+      '">$1</a>',
       $picture['current']['keywords']
       );
@@ -891 +902 @@
         
   $template->assign_block_vars('stop_slideshow', array(
-  'U_SLIDESHOW'=>$picture['current']['url']
+  'U_SLIDESHOW'=>add_session_id( $picture['current']['url'] )
   ));
 }
@@ -1044 +1055 @@
       $template->assign_block_vars(
         'comments.comment.delete',
-        array('U_COMMENT_DELETE'=> $url.'&amp;del='.$row['id']
+        array('U_COMMENT_DELETE'=>add_session_id( $url.'&amp;del='.$row['id'])
           ));
     }

branches/branch-1_5/profile.php

@@ -137 +137 @@
     // redirection
     $url = PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING'];
-    redirect($url);
+    redirect(add_session_id($url));
   }
 }
@@ -199 +199 @@
     'L_RETURN_HINT' =>  $lang['home_hint'],
 
-    'U_RETURN' => PHPWG_ROOT_PATH.'category.php',
-    
-    'F_ACTION'=>$url_action,
+    'U_RETURN' => add_session_id(PHPWG_ROOT_PATH.'category.php'),
+    
+    'F_ACTION'=>add_session_id($url_action),
     ));
 

branches/branch-1_5/random.php

@@ -60 +60 @@
 // +-----------------------------------------------------------------------+
 $url = PHPWG_ROOT_PATH.'category.php?cat=list&list='.implode(',', $ids);
-redirect($url);
+redirect(add_session_id($url));
 ?>

branches/branch-1_5/register.php

@@ -77 +77 @@
   'L_EMAIL' => $lang['mail_address'],
 
-  'U_HOME' => PHPWG_ROOT_PATH.'category.php',
+  'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php'),
   
-  'F_ACTION' => 'register.php',
+  'F_ACTION' => add_session_id('register.php'),
   'F_LOGIN' => $login,
   'F_EMAIL' => $email

branches/branch-1_5/search.php

@@ -130 +130 @@
 {
   $url = 'category.php?cat=search&search='.$search_string;
+  $url = add_session_id($url, true);
   redirect($url);
 }
@@ -180 +181 @@
   'TODAY_MONTH' => date('m', time()),
   'TODAY_YEAR' => date('Y', time()),
-  'S_SEARCH_ACTION' => 'search.php',
+  'S_SEARCH_ACTION' => add_session_id( 'search.php' ),
   'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=search',
-  'U_HOME' => 'category.php'
+  'U_HOME' => add_session_id( 'category.php' )
   )
 );

branches/branch-1_5/upload.php

@@ -126 +126 @@
   {
     echo '<div style="text-align:center;">'.$lang['upload_forbidden'].'<br />';
-    echo '<a href="./category.php">';
+    echo '<a href="'.add_session_id( './category.php' ).'">';
     echo $lang['thumbnails'].'</a></div>';
     exit();
@@ -300 +300 @@
   'L_MANDATORY' =>  $lang['mandatory'],
         
-  'F_ACTION' => $u_form,
-
-  'U_RETURN' => PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING']
+  'F_ACTION' => add_session_id( $u_form ),
+
+  'U_RETURN' => add_session_id(PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING'])
   ));