Index: ezsrratingdataobject.php =================================================================== --- ezsrratingdataobject.php (revision 4544) +++ ezsrratingdataobject.php (working copy) @@ -132,7 +132,7 @@ if ( $this->currentUserHasRated === null ) { $http = eZHTTPTool::instance(); - if ( $http->hasSessionVariable('ezsrRatedAttributeIdList') ) + if ( $http->hasSessionVariable('ezsrRatedAttributeIdList', false) ) $attributeIdList = explode( ',', $http->sessionVariable('ezsrRatedAttributeIdList') ); else $attributeIdList = array(); @@ -191,11 +191,11 @@ // Store attribute id in session to avoid multiple ratings by same user even if he logs out (gets new session key) $http = eZHTTPTool::instance(); $attributeIdList = $this->attribute( 'contentobject_attribute_id' ); - if ( $http->hasSessionVariable('ezsrRatedAttributeIdList') ) + if ( $http->hasSessionVariable('ezsrRatedAttributeIdList', false) ) { $attributeIdList = $http->sessionVariable('ezsrRatedAttributeIdList') . ',' . $attributeIdList; + $http->setSessionVariable('ezsrRatedAttributeIdList', $attributeIdList ); } - $http->setSessionVariable('ezsrRatedAttributeIdList', $attributeIdList ); } eZPersistentObject::store( $fieldFilters ); } Index: ezsrserverfunctions.php =================================================================== --- ezsrserverfunctions.php (revision 4544) +++ ezsrserverfunctions.php (working copy) @@ -58,8 +58,8 @@ // Provide extra session protection on 4.1 (not possible on 4.0) by expecting user // to have an existing session (new session = mostlikely a spammer / hacker trying to manipulate rating) - if ( class_exists( 'eZSession' ) && eZSession::userHasSessionCookie() !== true ) - return $ret; + //if ( class_exists( 'eZSession' ) && eZSession::userHasSessionCookie() !== true ) + // return $ret; // Return if parameters are not valid attribute id + version numbers $contentobjectAttribute = eZContentObjectAttribute::fetch( $ret['id'], $args[1] );