Index: branches/5.1.x/core/kernel/session/session.php =================================================================== diff -u -N -r14241 -r14263 --- branches/5.1.x/core/kernel/session/session.php (.../session.php) (revision 14241) +++ branches/5.1.x/core/kernel/session/session.php (.../session.php) (revision 14263) @@ -1,6 +1,6 @@ Application->ConfigValue('SessionBrowserSignatureCheck') && ($result['BrowserSignature'] != $this->_getBrowserSignature())) { + if ($this->Application->ConfigValue('SessionBrowserSignatureCheck') && ($result['BrowserSignature'] != $this->_getBrowserSignature()) && $this->Application->GetVar('flashsid') === false) { return false; } @@ -745,12 +745,12 @@ $get_sid = getArrayValue($http_query->Get, $this->GETName); - if ($this->IsHTTPSRedirect() && $get_sid) { // Redirect from http to https on different domain + if (($this->IsHTTPSRedirect() && $get_sid) || $this->getFlashSID()) { // Redirect from http to https on different domain OR flash uploader $this->OriginalMode = $this->Mode; $this->SetMode(smGET_ONLY); } - if (!$cookies_on || $this->IsHTTPSRedirect()) { + if (!$cookies_on || $this->IsHTTPSRedirect() || $this->getFlashSID()) { //If referer is our server, but we don't have our cookies_on, it's definetly off $is_install = defined('IS_INSTALL') && IS_INSTALL; if (!$is_install && $this->_checkCookieReferer() && !$this->Application->GetVar('admin') && !$this->IsHTTPSRedirect()) { @@ -853,14 +853,28 @@ } } + function getFlashSID() + { + $http_query =& $this->Application->recallObject('HTTPQuery'); + /* @var $http_query kHTTPQuery */ + + return getArrayValue($http_query->Post, 'flashsid'); + } + function GetPassedSIDValue($use_cache = 1) { if (!empty($this->CachedSID) && $use_cache) { return $this->CachedSID; } - $http_query =& $this->Application->recallObject('HTTPQuery'); - $get_sid = getArrayValue($http_query->Get, $this->GETName); + // flash sid overrides regular sid + $get_sid = $this->getFlashSID(); + + if (!$get_sid) { + $http_query =& $this->Application->recallObject('HTTPQuery'); + $get_sid = getArrayValue($http_query->Get, $this->GETName); + } + $sid_from_get = $get_sid ? true : false; if ($this->Application->GetVar('admin') == 1 && $get_sid) { Index: branches/5.1.x/core/kernel/db/db_event_handler.php =================================================================== diff -u -N -r14241 -r14263 --- branches/5.1.x/core/kernel/db/db_event_handler.php (.../db_event_handler.php) (revision 14241) +++ branches/5.1.x/core/kernel/db/db_event_handler.php (.../db_event_handler.php) (revision 14263) @@ -1,6 +1,6 @@ Application->RecallVar('user_id'); // 1. backup user - $this->Application->StoreVar('user_id', $admin_ses->RecallVar('user_id')); // 2. fake user_id + // copy some data from given session to current session + $backup_user_id = $this->Application->RecallVar('user_id'); + $this->Application->StoreVar('user_id', $admin_ses->RecallVar('user_id')); - $check_event = new kEvent($event->getPrefixSpecial() . ':OnProcessSelected'); // 3. event, that have "add|edit" rule + $backup_user_groups = $this->Application->RecallVar('UserGroups'); + $this->Application->StoreVar('UserGroups', $admin_ses->RecallVar('UserGroups')); + + // check permissions using event, that have "add|edit" rule + $check_event = new kEvent($event->getPrefixSpecial() . ':OnProcessSelected'); $check_event->setEventParam('top_prefix', $this->Application->GetTopmostPrefix($event->Prefix, true)); + $allowed_to_upload = $this->CheckPermission($check_event); - $allowed_to_upload = $this->CheckPermission($check_event); // 4. check permission + // restore changed data, so nothing gets saved to database + $this->Application->StoreVar('user_id', $backup_user_id); + $this->Application->StoreVar('UserGroups', $backup_user_groups); - $this->Application->StoreVar('user_id', $backup_user_id); // 5. restore user id - return $allowed_to_upload; }