From 1c6ca8107a15b33134bb8cfab1ed0525de24db71 Mon Sep 17 00:00:00 2001
From: Jan Schneider <jan@horde.org>
Date: Wed, 22 Dec 2010 16:25:23 +0100
Subject: [PATCH] The session key must include the user name.

 We are accessing other users' preferences during a session.
---
 framework/Core/lib/Horde/Core/Prefs/Cache/Session.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/framework/Core/lib/Horde/Core/Prefs/Cache/Session.php b/framework/Core/lib/Horde/Core/Prefs/Cache/Session.php
index 45e491124..a715c9d67 100644
--- a/framework/Core/lib/Horde/Core/Prefs/Cache/Session.php
+++ b/framework/Core/lib/Horde/Core/Prefs/Cache/Session.php
@@ -22,8 +22,8 @@ class Horde_Core_Prefs_Cache_Session extends Horde_Prefs_Cache_Base
     {
         global $session;
 
-        return $session->exists('horde', self::SESS_KEY . $scope)
-            ? $session->get('horde', self::SESS_KEY . $scope)
+        return $session->exists('horde', self::SESS_KEY . $this->_params['user'] . '/' . $scope)
+            ? $session->get('horde', self::SESS_KEY . $this->_params['user'] . '/' . $scope)
             : false;
     }
 
@@ -31,14 +31,14 @@ class Horde_Core_Prefs_Cache_Session extends Horde_Prefs_Cache_Base
      */
     public function store($scope_ob)
     {
-        $GLOBALS['session']->set('horde', self::SESS_KEY . $scope_ob->scope, $scope_ob);
+        $GLOBALS['session']->set('horde', self::SESS_KEY . $this->_params['user'] . '/' . $scope_ob->scope, $scope_ob);
     }
 
     /**
      */
     public function remove($scope = null)
     {
-        $GLOBALS['session']->remove('horde', self::SESS_KEY . strval($scope));
+        $GLOBALS['session']->remove('horde', self::SESS_KEY . $this->_params['user'] . '/' . strval($scope));
     }
 
 }
-- 
2.11.0