diff --git a/Builder/IISMainHandler/build.txt b/Builder/IISMainHandler/build.txt index 34f7d67..a85890d 100644 --- a/Builder/IISMainHandler/build.txt +++ b/Builder/IISMainHandler/build.txt @@ -1 +1 @@ -1818 \ No newline at end of file +1829 \ No newline at end of file diff --git a/Common/Config.cs b/Common/Config.cs index 10e890d..6129667 100644 --- a/Common/Config.cs +++ b/Common/Config.cs @@ -37,6 +37,8 @@ namespace FLocal.Common { public readonly HashSet AdditionalHosts; + public readonly string CookiesPrefix; + public readonly int MinPostId; protected Config(NameValueCollection data) : base(data) { @@ -54,6 +56,7 @@ namespace FLocal.Common { this.IsMigrationEnabled = parseBool(data["EnableMigration"]); this.BaseHost = data["BaseHost"]; this.AdditionalHosts = new HashSet(from host in data["AdditionalHosts"].Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries) select host.Trim()); + this.CookiesPrefix = data["CookiesPrefix"]; this.MinPostId = int.Parse(data["MinPostId"]); } diff --git a/Common/dataobjects/Account.cs b/Common/dataobjects/Account.cs index ef51d03..b6892c7 100644 --- a/Common/dataobjects/Account.cs +++ b/Common/dataobjects/Account.cs @@ -135,11 +135,11 @@ namespace FLocal.Common.dataobjects { } private string hashPasswordLegacy(string password) { - return Util.md5(Util.md5(password) + " " + Util.md5(Config.instance.SaltMigration) + " " + Util.md5(this.id.ToString())); + return Util.md5(Util.md5(password) + " " + Util.md5(Config.instance.SaltPasswords) + " " + Util.md5(this.id.ToString())); } private static string hashPassword(string password, string name) { - return Util.md5(Util.md5(password) + " " + Util.md5(Config.instance.SaltMigration) + " " + Util.md5(name)); + return Util.md5(Util.md5(password) + " " + Util.md5(Config.instance.SaltPasswords) + " " + Util.md5(name)); } private string hashPassword(string password) { diff --git a/IISMainHandler/WebContext.cs b/IISMainHandler/WebContext.cs index d0b1b09..d949c16 100644 --- a/IISMainHandler/WebContext.cs +++ b/IISMainHandler/WebContext.cs @@ -130,7 +130,7 @@ namespace FLocal.IISHandler { this.requestTime = DateTime.Now; this.design = this.detectDesign(); - HttpCookie sessionCookie = this.httprequest.Cookies["session"]; + HttpCookie sessionCookie = this.httprequest.Cookies[Config.instance.CookiesPrefix + "_session"]; if(sessionCookie != null && sessionCookie.Value != null && sessionCookie.Value != "") { try { var session = Session.LoadByKey(sessionCookie.Value); @@ -142,7 +142,7 @@ namespace FLocal.IISHandler { } } session.updateLastActivity(lastUrl); - HttpCookie newCookie = this.createCookie("session"); + HttpCookie newCookie = this.createCookie(Config.instance.CookiesPrefix + "_session"); newCookie.Value = session.sessionKey; newCookie.Expires = DateTime.Now.AddDays(3); this.httpresponse.AppendCookie(newCookie); diff --git a/IISMainHandler/handlers/request/LoginHandler.cs b/IISMainHandler/handlers/request/LoginHandler.cs index 112edb1..96da78f 100644 --- a/IISMainHandler/handlers/request/LoginHandler.cs +++ b/IISMainHandler/handlers/request/LoginHandler.cs @@ -43,7 +43,7 @@ namespace FLocal.IISHandler.handlers.request { Account account = Account.tryAuthorize(context.httprequest.Form["name"], context.httprequest.Form["password"]); Session session = Session.create(account); - HttpCookie sessionCookie = context.createCookie("session"); + HttpCookie sessionCookie = context.createCookie(Config.instance.CookiesPrefix + "_session"); sessionCookie.Value = session.sessionKey; sessionCookie.Expires = DateTime.Now.AddDays(3); context.httpresponse.AppendCookie(sessionCookie); diff --git a/IISMainHandler/handlers/request/LogoutHandler.cs b/IISMainHandler/handlers/request/LogoutHandler.cs index cc27636..a6c6357 100644 --- a/IISMainHandler/handlers/request/LogoutHandler.cs +++ b/IISMainHandler/handlers/request/LogoutHandler.cs @@ -26,10 +26,11 @@ namespace FLocal.IISHandler.handlers.request { } context.session.delete(); - HttpCookie sessionCookie = context.createCookie("session"); + HttpCookie sessionCookie = context.createCookie(Config.instance.CookiesPrefix + "_session"); sessionCookie.Value = ""; sessionCookie.Expires = DateTime.Now.AddDays(-1); context.httpresponse.AppendCookie(sessionCookie); + context.session = null; return new XElement[0];