diff options
Diffstat (limited to 'inc/common.php')
| -rw-r--r-- | inc/common.php | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/inc/common.php b/inc/common.php index ec7f9bece..0c769c50d 100644 --- a/inc/common.php +++ b/inc/common.php @@ -56,7 +56,7 @@ function stripctl($string){ * @return string */ function getSecurityToken(){ - return md5(auth_cookiesalt().session_id()); + return md5(auth_cookiesalt().session_id().$_SERVER['REMOTE_USER']); } /** @@ -714,8 +714,8 @@ function checklock($id){ } //my own lock - $ip = io_readFile($lock); - if( ($ip == clientIP()) || ($ip == $_SERVER['REMOTE_USER']) ){ + list($ip,$session) = explode("\n",io_readFile($lock)); + if($ip == $_SERVER['REMOTE_USER'] || $ip == clientIP() || $session == session_id()){ return false; } @@ -738,7 +738,7 @@ function lock($id){ if($_SERVER['REMOTE_USER']){ io_saveFile($lock,$_SERVER['REMOTE_USER']); }else{ - io_saveFile($lock,clientIP()); + io_saveFile($lock,clientIP()."\n".session_id()); } } @@ -751,8 +751,8 @@ function lock($id){ function unlock($id){ $lock = wikiLockFN($id); if(@file_exists($lock)){ - $ip = io_readFile($lock); - if( ($ip == clientIP()) || ($ip == $_SERVER['REMOTE_USER']) ){ + list($ip,$session) = explode("\n",io_readFile($lock)); + if($ip == $_SERVER['REMOTE_USER'] || $ip == clientIP() || $session == session_id()){ @unlink($lock); return true; } @@ -980,7 +980,7 @@ function saveWikiText($id,$text,$summary,$minor=false){ $file = wikiFN($id); $old = @filemtime($file); // from page - $wasRemoved = empty($text); + $wasRemoved = (trim($text) == ''); // check for empty or whitespace only $wasCreated = !@file_exists($file); $wasReverted = ($REV==true); $newRev = false; |