From 2d9fab88be93b2aed635eab987cd3716a1bdb579 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20SAUVAGE?= Date: Tue, 26 Feb 2013 14:47:47 +0100 Subject: [PATCH] Login problem correction This corrects the session problem with some browsers when Shaarli is hosted on a sub-domain. Please tell me if this corrects login problems if you had one. --- index.php | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/index.php b/index.php index 8436f8ac..0253c19f 100644 --- a/index.php +++ b/index.php @@ -34,7 +34,8 @@ // Force cookie path (but do not change lifetime) $cookie=session_get_cookie_params(); -session_set_cookie_params($cookie['lifetime'],dirname($_SERVER["SCRIPT_NAME"]).'/'); // Default cookie expiration and path. +$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; +session_set_cookie_params($cookie['lifetime'],$cookiedir); // Set default cookie expiration and path. // PHP Settings ini_set('max_input_time','60'); // High execution time in case of problematic imports/exports. @@ -380,13 +381,16 @@ function ban_canLogin() { $_SESSION['longlastingsession']=31536000; // (31536000 seconds = 1 year) $_SESSION['expires_on']=time()+$_SESSION['longlastingsession']; // Set session expiration on server-side. - session_set_cookie_params($_SESSION['longlastingsession'],dirname($_SERVER["SCRIPT_NAME"]).'/'); // Set session cookie expiration on client side + + $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; + session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir); // Set session cookie expiration on client side // Note: Never forget the trailing slash on the cookie path ! session_regenerate_id(true); // Send cookie with new expiration date to browser. } else // Standard session expiration (=when browser closes) { - session_set_cookie_params(0,dirname($_SERVER["SCRIPT_NAME"]).'/'); // 0 means "When browser closes" + $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; + session_set_cookie_params(0,$cookiedir); // 0 means "When browser closes" session_regenerate_id(true); } // Optional redirect after login: