Merge branch 'master' of vc.linet-services.de:public/lx-office-erp

[mfinanz.git] / SL / Auth.pm

diff --git a/SL/Auth.pm b/SL/Auth.pm
index fd3bb0326c4e7bc424c6e8bc551a45b46b6621a0..7ca8d0bfdd9e002a73f2a000a3f03caf28d4a980 100644 (file)
--- a/SL/Auth.pm
+++ b/SL/Auth.pm
@@ -511,10 +511,7 @@ sub restore_session {
 
   my $self = shift;
 
-  my $cgi            =  $main::cgi;
-  $cgi             ||=  CGI->new('');
-
-  $session_id        =  $cgi->cookie($self->get_session_cookie_name());
+  $session_id        =  $::request->{cgi}->cookie($self->get_session_cookie_name());
   $session_id        =~ s|[^0-9a-f]||g;
 
   $self->{SESSION}   = { };
@@ -815,12 +812,15 @@ sub create_unique_sesion_value {
   my $key                   = "$$-" . ($now[0] * 1000000 + $now[1]) . "-";
   $self->{unique_counter} ||= 0;
 
-  $self->{unique_counter}++ while exists $self->{SESSION}->{$key . ($self->{unique_counter} + 1)};
-  $self->{unique_counter}++;
+  my $hashed_key;
+  do {
+    $self->{unique_counter}++;
+    $hashed_key = md5_hex($key . $self->{unique_counter});
+  } while (exists $self->{SESSION}->{$hashed_key});
 
-  $self->set_session_value($key . $self->{unique_counter} => $value);
+  $self->set_session_value($hashed_key => $value);
 
-  return $key . $self->{unique_counter};
+  return $hashed_key;
 }
 
 sub save_form_in_session {