From 0cdd55cdf8b31b651a70f1e3659515f9ea697b3e Mon Sep 17 00:00:00 2001
From: Dmitriy Simushev <simushevds@ossg.ru>
Date: Mon, 4 Feb 2013 09:01:48 +0000
Subject: [PATCH] Create prefix for session vars

---
 .../webim/libs/classes/users_processor.php    | 10 +++----
 src/messenger/webim/libs/common/constants.php |  5 ++++
 src/messenger/webim/libs/init.php             |  4 ++-
 src/messenger/webim/libs/operator.php         | 28 +++++++++----------
 src/messenger/webim/operator/avatar.php       |  4 +--
 src/messenger/webim/operator/operator.php     |  2 +-
 src/messenger/webim/operator/permissions.php  |  4 +--
 src/messenger/webim/operator/users.php        |  2 +-
 8 files changed, 33 insertions(+), 26 deletions(-)

diff --git a/src/messenger/webim/libs/classes/users_processor.php b/src/messenger/webim/libs/classes/users_processor.php
index ffd80b47..ae41a08b 100644
--- a/src/messenger/webim/libs/classes/users_processor.php
+++ b/src/messenger/webim/libs/classes/users_processor.php
@@ -153,7 +153,7 @@ class UsersProcessor extends ClientSideProcessor {
 	/**
 	 * Return updated threads list. API function
 	 *
-	 * @global string $mysqlprefix Database tables prefix
+	 * @global string $session_prefix Session vars prefix
 	 * @global int $can_viewthreads View threads permission code
 	 * @global int $can_takeover Take threads over permission code
 	 * @param array $args Associative array of arguments. It must contains
@@ -164,17 +164,17 @@ class UsersProcessor extends ClientSideProcessor {
 	 *  - 'threads': array of threads changes
 	 */
 	protected function apiUpdateThreads($args) {
-		global $mysqlprefix, $can_viewthreads, $can_takeover;
+		global $session_prefix, $can_viewthreads, $can_takeover;
 
 		$operator = self::checkOperator($args['agentId']);
 
 		$since = $args['revision'];
 		// Get operator groups
-		if (!isset($_SESSION["${mysqlprefix}operatorgroups"])) {
-			$_SESSION["${mysqlprefix}operatorgroups"]
+		if (!isset($_SESSION[$session_prefix."operatorgroups"])) {
+			$_SESSION[$session_prefix."operatorgroups"]
 				= get_operator_groupslist($operator['operatorid']);
 		}
-		$groupids = $_SESSION["${mysqlprefix}operatorgroups"];
+		$groupids = $_SESSION[$session_prefix."operatorgroups"];
 
 		$db = Database::getInstance();
 		$query = "select t.*, " .
diff --git a/src/messenger/webim/libs/common/constants.php b/src/messenger/webim/libs/common/constants.php
index e56999d3..fa454a19 100644
--- a/src/messenger/webim/libs/common/constants.php
+++ b/src/messenger/webim/libs/common/constants.php
@@ -30,5 +30,10 @@ $dbversion = '1.6.3';
  */
 $featuresversion = '1.6.4';
 
+/**
+ * Prefix for session variables.
+ * Provide an ability to instal several mibew instances on one server.
+ */
+$session_prefix = md5($mysqlhost.'##'.$mysqldb.'##'.$mysqlprefix) . '_';
 
 ?>
\ No newline at end of file
diff --git a/src/messenger/webim/libs/init.php b/src/messenger/webim/libs/init.php
index 61f645db..790f6be3 100644
--- a/src/messenger/webim/libs/init.php
+++ b/src/messenger/webim/libs/init.php
@@ -21,6 +21,9 @@ session_start();
 // Include configuration file
 require_once(dirname(__FILE__) . '/config.php');
 
+// Include system constants file
+require_once(dirname(__FILE__) . '/common/constants.php');
+
 // Include system classes
 require_once(dirname(__FILE__) . '/classes/database.php');
 require_once(dirname(__FILE__) . '/classes/settings.php');
@@ -30,7 +33,6 @@ require_once(dirname(__FILE__) . '/classes/plugin.php');
 
 // Include common libs
 require_once(dirname(__FILE__) . '/common/configurations.php');
-require_once(dirname(__FILE__) . '/common/constants.php');
 require_once(dirname(__FILE__) . '/common/csrf.php');
 require_once(dirname(__FILE__) . '/common/datetime.php');
 require_once(dirname(__FILE__) . '/common/forms.php');
diff --git a/src/messenger/webim/libs/operator.php b/src/messenger/webim/libs/operator.php
index 182e5c67..5fd42902 100644
--- a/src/messenger/webim/libs/operator.php
+++ b/src/messenger/webim/libs/operator.php
@@ -268,7 +268,7 @@ function create_operator($login, $email, $password, $localename, $commonname, $a
  */
 function notify_operator_alive($operatorid, $istatus)
 {
-	global $mysqlprefix;
+	global $session_prefix;
 	$db = Database::getInstance();
 	$db->query(
 		"update {chatoperator} set istatus = :istatus, dtmlastvisited = :now " .
@@ -279,9 +279,9 @@ function notify_operator_alive($operatorid, $istatus)
 			':operatorid' => $operatorid
 		)
 	);
-	if (isset($_SESSION["${mysqlprefix}operator"])) {
-		if ($_SESSION["${mysqlprefix}operator"]['operatorid'] == $operatorid) {
-			$_SESSION["${mysqlprefix}operator"]['istatus'] = $istatus;
+	if (isset($_SESSION[$session_prefix."operator"])) {
+		if ($_SESSION[$session_prefix."operator"]['operatorid'] == $operatorid) {
+			$_SESSION[$session_prefix."operator"]['istatus'] = $istatus;
 		}
 	}
 }
@@ -369,13 +369,13 @@ function append_query($link, $pv)
 
 function check_login($redirect = true)
 {
-	global $webimroot, $mysqlprefix;
-	if (!isset($_SESSION["${mysqlprefix}operator"])) {
+	global $webimroot, $session_prefix;
+	if (!isset($_SESSION[$session_prefix."operator"])) {
 		if (isset($_COOKIE['webim_lite'])) {
 			list($login, $pwd) = preg_split("/,/", $_COOKIE['webim_lite'], 2);
 			$op = operator_by_login($login);
 			if ($op && isset($pwd) && isset($op['vcpassword']) && md5($op['vcpassword']) == $pwd && !operator_is_disabled($op)) {
-				$_SESSION["${mysqlprefix}operator"] = $op;
+				$_SESSION[$session_prefix."operator"] = $op;
 				return $op;
 			}
 		}
@@ -391,7 +391,7 @@ function check_login($redirect = true)
 			return null;
 		}
 	}
-	return $_SESSION["${mysqlprefix}operator"];
+	return $_SESSION[$session_prefix."operator"];
 }
 
 // Force the admin to set a password after the installation
@@ -407,14 +407,14 @@ function force_password($operator)
 
 function get_logged_in()
 {
-	global $mysqlprefix;
-	return isset($_SESSION["${mysqlprefix}operator"]) ? $_SESSION["${mysqlprefix}operator"] : FALSE;
+	global $session_prefix;
+	return isset($_SESSION[$session_prefix."operator"]) ? $_SESSION[$session_prefix."operator"] : FALSE;
 }
 
 function login_operator($operator, $remember)
 {
-	global $webimroot, $mysqlprefix;
-	$_SESSION["${mysqlprefix}operator"] = $operator;
+	global $webimroot, $session_prefix;
+	$_SESSION[$session_prefix."operator"] = $operator;
 	if ($remember) {
 		$value = $operator['vclogin'] . "," . md5($operator['vcpassword']);
 		setcookie('webim_lite', $value, time() + 60 * 60 * 24 * 1000, "$webimroot/");
@@ -426,8 +426,8 @@ function login_operator($operator, $remember)
 
 function logout_operator()
 {
-	global $webimroot, $mysqlprefix;
-	unset($_SESSION["${mysqlprefix}operator"]);
+	global $webimroot, $session_prefix;
+	unset($_SESSION[$session_prefix."operator"]);
 	unset($_SESSION['backpath']);
 	if (isset($_COOKIE['webim_lite'])) {
 		setcookie('webim_lite', '', time() - 3600, "$webimroot/");
diff --git a/src/messenger/webim/operator/avatar.php b/src/messenger/webim/operator/avatar.php
index a470032e..13f69d7c 100644
--- a/src/messenger/webim/operator/avatar.php
+++ b/src/messenger/webim/operator/avatar.php
@@ -73,8 +73,8 @@ if (!$op) {
 	if (count($errors) == 0) {
 		update_operator_avatar($op['operatorid'], $avatar);
 
-		if ($opId && $avatar && $_SESSION["${mysqlprefix}operator"] && $operator['operatorid'] == $opId) {
-			$_SESSION["${mysqlprefix}operator"]['vcavatar'] = $avatar;
+		if ($opId && $avatar && $_SESSION[$session_prefix."operator"] && $operator['operatorid'] == $opId) {
+			$_SESSION[$session_prefix."operator"]['vcavatar'] = $avatar;
 		}
 		header("Location: $webimroot/operator/avatar.php?op=$opId");
 		exit;
diff --git a/src/messenger/webim/operator/operator.php b/src/messenger/webim/operator/operator.php
index 297de0ec..b48ad04a 100644
--- a/src/messenger/webim/operator/operator.php
+++ b/src/messenger/webim/operator/operator.php
@@ -81,7 +81,7 @@ if ((isset($_POST['login']) || !is_capable($can_administrate, $operator)) && iss
 			// update the session password
 			if (!empty($password) && $opId == $operator['operatorid']) {
 				$toDashboard = $operator['vcpassword'] == md5('') && $password != '';
-				$_SESSION["${mysqlprefix}operator"]['vcpassword'] = md5($password);
+				$_SESSION[$session_prefix."operator"]['vcpassword'] = md5($password);
 				if($toDashboard) {
 					header("Location: $webimroot/operator/index.php");
 					exit;
diff --git a/src/messenger/webim/operator/permissions.php b/src/messenger/webim/operator/permissions.php
index bc0c444c..0ce89dca 100644
--- a/src/messenger/webim/operator/permissions.php
+++ b/src/messenger/webim/operator/permissions.php
@@ -59,8 +59,8 @@ if (!$op) {
 	if (count($errors) == 0) {
 		update_operator_permissions($op['operatorid'], $new_permissions);
 
-		if ($opId && $_SESSION["${mysqlprefix}operator"] && $operator['operatorid'] == $opId) {
-			$_SESSION["${mysqlprefix}operator"]['iperm'] = $new_permissions;
+		if ($opId && $_SESSION[$session_prefix."operator"] && $operator['operatorid'] == $opId) {
+			$_SESSION[$session_prefix."operator"]['iperm'] = $new_permissions;
 		}
 		header("Location: $webimroot/operator/permissions.php?op=$opId&stored");
 		exit;
diff --git a/src/messenger/webim/operator/users.php b/src/messenger/webim/operator/users.php
index 7ae813a2..5ec9d9ff 100644
--- a/src/messenger/webim/operator/users.php
+++ b/src/messenger/webim/operator/users.php
@@ -26,7 +26,7 @@ $status = isset($_GET['away']) ? 1 : 0;
 
 notify_operator_alive($operator['operatorid'], $status);
 
-$_SESSION["${mysqlprefix}operatorgroups"] = get_operator_groupslist($operator['operatorid']);
+$_SESSION[$session_prefix."operatorgroups"] = get_operator_groupslist($operator['operatorid']);
 
 $page = array();
 $page['havemenu'] = isset($_GET['nomenu']) ? "0" : "1";