X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/mfinanz.git/blobdiff_plain/0a612d2fe7ec14c9ed3f7d0d036e1c63d3027f4f..f110df03e304dd4722574a23b823a88fc4fa37d8:/SL/Auth.pm

diff --git a/SL/Auth.pm b/SL/Auth.pm
index fd3bb0326..7ca8d0bfd 100644
--- a/SL/Auth.pm
+++ b/SL/Auth.pm
@@ -511,10 +511,7 @@ sub restore_session {
 
   my $self = shift;
 
-  my $cgi            =  $main::cgi;
-  $cgi             ||=  CGI->new('');
-
-  $session_id        =  $cgi->cookie($self->get_session_cookie_name());
+  $session_id        =  $::request->{cgi}->cookie($self->get_session_cookie_name());
   $session_id        =~ s|[^0-9a-f]||g;
 
   $self->{SESSION}   = { };
@@ -815,12 +812,15 @@ sub create_unique_sesion_value {
   my $key                   = "$$-" . ($now[0] * 1000000 + $now[1]) . "-";
   $self->{unique_counter} ||= 0;
 
-  $self->{unique_counter}++ while exists $self->{SESSION}->{$key . ($self->{unique_counter} + 1)};
-  $self->{unique_counter}++;
+  my $hashed_key;
+  do {
+    $self->{unique_counter}++;
+    $hashed_key = md5_hex($key . $self->{unique_counter});
+  } while (exists $self->{SESSION}->{$hashed_key});
 
-  $self->set_session_value($key . $self->{unique_counter} => $value);
+  $self->set_session_value($hashed_key => $value);
 
-  return $key . $self->{unique_counter};
+  return $hashed_key;
 }
 
 sub save_form_in_session {