N°1852 Fix loss of inline images and attachments when user has been logged off

application/cmdbabstract.class.inc.php

@@ -2485,7 +2485,7 @@ EOF
 		$sJsonFieldsMap = json_encode($aFieldsMap);
 		$sState = $this->GetState();
 		$sSessionStorageKey = $sClass.'_'.$iKey;
-		$sTempId = session_id().'_'.$iTransactionId;
+		$sTempId = utils::GetUploadTempId($iTransactionId);
 		$oPage->add_ready_script(InlineImage::EnableCKEditorImageUpload($this, $sTempId));
 
 		$oPage->add_script(
@@ -2784,7 +2784,7 @@ EOF
 		}
 
 		// Note: This part (inline images activation) is duplicated in self::DisplayModifyForm and several other places. Maybe it should be refactored so it automatically activates when an HTML field is present, or be an option of the attribute. See bug n°1240.
-		$sTempId = session_id().'_'.$iTransactionId;
+		$sTempId = utils::GetUploadTempId($iTransactionId);
 		$oPage->add_ready_script(InlineImage::EnableCKEditorImageUpload($this, $sTempId));
 	}
 

application/transaction.class.inc.php

@@ -119,7 +119,7 @@ class privUITransactionSession
 		// Strictly speaking, the two lines below should be grouped together
 		// by a critical section
 		// sem_acquire($rSemIdentified);
-		$id = str_replace(array('.', ' '), '', microtime()); //1 + count($_SESSION['transactions']);
+		$id = static::GetUserPrefix() . str_replace(array('.', ' '), '', microtime()); //1 + count($_SESSION['transactions']);
 		$_SESSION['transactions'][$id] = true;
 		// sem_release($rSemIdentified);
 		
@@ -174,6 +174,17 @@ class privUITransactionSession
 			// sem_release($rSemIdentified);
 		}		
 	}
+
+	/**
+	 * Returns a string to prefix transaction ID with info from the current user.
+	 *
+	 * @return string
+	 */
+	protected static function GetUserPrefix()
+	{
+		$sPrefix = 'u'.UserRights::GetUserId();
+		return $sPrefix.'-';
+	}
 }
 
 /**
@@ -206,7 +217,7 @@ class privUITransactionFile
 			throw new Exception('The directory "'.APPROOT.'data/transactions" must be writable to the application.');
 		}
 		self::CleanupOldTransactions();
-		$id = basename(tempnam(APPROOT.'data/transactions', self::GetUserPrefix()));
+		$id = basename(tempnam(APPROOT.'data/transactions', static::GetUserPrefix()));
 		self::Info('GetNewTransactionId: Created transaction: '.$id);
 
 		return (string)$id;
@@ -310,6 +321,11 @@ class privUITransactionFile
 		return $aResult;
 	}
 
+	/**
+	 * Returns a prefix based on the user login instead of its ID for a better usage in tempnam()
+	 *
+	 * @inheritdoc
+	 */
 	protected static function GetUserPrefix()
 	{
 		$sPrefix = substr(UserRights::GetUser(), 0, 10);

application/utils.inc.php

@@ -527,7 +527,7 @@ class utils
 	/**
 	 * Returns a unique tmp id for the current upload based on the transaction system (db).
 	 *
-	 * Build as session_id() . '_' . static::GetNewTransactionId()
+	 * Build as static::GetNewTransactionId()
 	 *
 	 * @return string
 	 */
@@ -537,7 +537,7 @@ class utils
 		{
 			$sTransactionId = static::GetNewTransactionId();
 		}
-		return session_id() . '_' . $sTransactionId;
+		return $sTransactionId;
 	}
 
 	public static function ReadFromFile($sFileName)