The session key must include the user name.

 We are accessing other users' preferences during a session.

diff --git a/framework/Core/lib/Horde/Core/Prefs/Cache/Session.php b/framework/Core/lib/Horde/Core/Prefs/Cache/Session.php
index 45e4911..a715c9d 100644 (file)
--- a/framework/Core/lib/Horde/Core/Prefs/Cache/Session.php
+++ b/framework/Core/lib/Horde/Core/Prefs/Cache/Session.php
@@ -22,8 +22,8 @@ class Horde_Core_Prefs_Cache_Session extends Horde_Prefs_Cache_Base
     {
         global $session;
 
-        return $session->exists('horde', self::SESS_KEY . $scope)
-            ? $session->get('horde', self::SESS_KEY . $scope)
+        return $session->exists('horde', self::SESS_KEY . $this->_params['user'] . '/' . $scope)
+            ? $session->get('horde', self::SESS_KEY . $this->_params['user'] . '/' . $scope)
             : false;
     }
 
@@ -31,14 +31,14 @@ class Horde_Core_Prefs_Cache_Session extends Horde_Prefs_Cache_Base
      */
     public function store($scope_ob)
     {
-        $GLOBALS['session']->set('horde', self::SESS_KEY . $scope_ob->scope, $scope_ob);
+        $GLOBALS['session']->set('horde', self::SESS_KEY . $this->_params['user'] . '/' . $scope_ob->scope, $scope_ob);
     }
 
     /**
      */
     public function remove($scope = null)
     {
-        $GLOBALS['session']->remove('horde', self::SESS_KEY . strval($scope));
+        $GLOBALS['session']->remove('horde', self::SESS_KEY . $this->_params['user'] . '/' . strval($scope));
     }
 
 }