From 9e8d8e4a06fda84d0c1c295890478daee3a67dd2 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Mon, 30 Apr 2012 21:04:53 +0000
Subject: Accept two past time slots for auth cookie validation; don't encode
 user-agent into session auth hash (#1488449)

Conflicts:

	program/include/rcube.php
---
 program/include/rcmail.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'program/include/rcmail.php')

diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index eec3dd27f..8988bdc13 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -802,7 +802,7 @@ class rcmail
       $this->session->set_keep_alive($keep_alive);
     }
 
-    $this->session->set_secret($this->config->get('des_key') . $_SERVER['HTTP_USER_AGENT']);
+    $this->session->set_secret($this->config->get('des_key') . dirname($_SERVER['SCRIPT_NAME']));
     $this->session->set_ip_check($this->config->get('ip_check'));
   }
 
-- 
cgit v1.2.3