SERVER_NAME changed to HTTP_HOST
SERVER_NAME changed to HTTP_HOST because SERVER_NAME can cause problems on some misconfigured hosts. HTTP_HOST is usually more reliable with those servers. (cf. http://stackoverflow.com/questions/2297403/http-host-vs-server-name). This should cause less problem on most hosts.
This commit is contained in:
parent
99954e1290
commit
f6a6ca0aec
1 changed files with 7 additions and 7 deletions
14
index.php
14
index.php
|
@ -41,7 +41,7 @@ define('PHPSUFFIX',' */ ?>'); // Suffix to encapsulate data in php code.
|
|||
// Force cookie path (but do not change lifetime)
|
||||
$cookie=session_get_cookie_params();
|
||||
$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
|
||||
session_set_cookie_params($cookie['lifetime'],$cookiedir,$_SERVER['SERVER_NAME']); // Set default cookie expiration and path.
|
||||
session_set_cookie_params($cookie['lifetime'],$cookiedir,$_SERVER['HTTP_HOST']); // Set default cookie expiration and path.
|
||||
|
||||
// Set session parameters on server side.
|
||||
define('INACTIVITY_TIMEOUT',3600); // (in seconds). If the user does not access any page within this time, his/her session is considered expired.
|
||||
|
@ -400,14 +400,14 @@ if (isset($_POST['login']))
|
|||
$_SESSION['expires_on']=time()+$_SESSION['longlastingsession']; // Set session expiration on server-side.
|
||||
|
||||
$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
|
||||
session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir,$_SERVER['SERVER_NAME']); // Set session cookie expiration on client side
|
||||
session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir,$_SERVER['HTTP_HOST']); // Set session cookie expiration on client side
|
||||
// Note: Never forget the trailing slash on the cookie path !
|
||||
session_regenerate_id(true); // Send cookie with new expiration date to browser.
|
||||
}
|
||||
else // Standard session expiration (=when browser closes)
|
||||
{
|
||||
$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
|
||||
session_set_cookie_params(0,$cookiedir,$_SERVER['SERVER_NAME']); // 0 means "When browser closes"
|
||||
session_set_cookie_params(0,$cookiedir,$_SERVER['HTTP_HOST']); // 0 means "When browser closes"
|
||||
session_regenerate_id(true);
|
||||
}
|
||||
// Optional redirect after login:
|
||||
|
@ -439,7 +439,7 @@ function serverUrl()
|
|||
{
|
||||
$https = (!empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS'])=='on')) || $_SERVER["SERVER_PORT"]=='443'; // HTTPS detection.
|
||||
$serverport = ($_SERVER["SERVER_PORT"]=='80' || ($https && $_SERVER["SERVER_PORT"]=='443') ? '' : ':'.$_SERVER["SERVER_PORT"]);
|
||||
return 'http'.($https?'s':'').'://'.$_SERVER["SERVER_NAME"].$serverport;
|
||||
return 'http'.($https?'s':'').'://'.$_SERVER['HTTP_HOST'].$serverport;
|
||||
}
|
||||
|
||||
// Returns the absolute URL of current script, without the query.
|
||||
|
@ -1279,7 +1279,7 @@ function renderPage()
|
|||
if (is_numeric($_GET['linksperpage'])) { $_SESSION['LINKS_PER_PAGE']=abs(intval($_GET['linksperpage'])); }
|
||||
// Make sure the referer is from Shaarli itself.
|
||||
$referer = '?';
|
||||
if (!empty($_SERVER['HTTP_REFERER']) && strcmp(parse_url($_SERVER['HTTP_REFERER'],PHP_URL_HOST),$_SERVER['SERVER_NAME'])==0)
|
||||
if (!empty($_SERVER['HTTP_REFERER']) && strcmp(parse_url($_SERVER['HTTP_REFERER'],PHP_URL_HOST),$_SERVER['HTTP_HOST'])==0)
|
||||
$referer = $_SERVER['HTTP_REFERER'];
|
||||
header('Location: '.$referer);
|
||||
exit;
|
||||
|
@ -1298,7 +1298,7 @@ function renderPage()
|
|||
}
|
||||
// Make sure the referer is from Shaarli itself.
|
||||
$referer = '?';
|
||||
if (!empty($_SERVER['HTTP_REFERER']) && strcmp(parse_url($_SERVER['HTTP_REFERER'],PHP_URL_HOST),$_SERVER['SERVER_NAME'])==0)
|
||||
if (!empty($_SERVER['HTTP_REFERER']) && strcmp(parse_url($_SERVER['HTTP_REFERER'],PHP_URL_HOST),$_SERVER['HTTP_HOST'])==0)
|
||||
$referer = $_SERVER['HTTP_REFERER'];
|
||||
header('Location: '.$referer);
|
||||
exit;
|
||||
|
@ -2009,7 +2009,7 @@ function lazyThumbnail($url,$href=false)
|
|||
function install()
|
||||
{
|
||||
// On free.fr host, make sure the /sessions directory exists, otherwise login will not work.
|
||||
if (endsWith($_SERVER['SERVER_NAME'],'.free.fr') && !is_dir($_SERVER['DOCUMENT_ROOT'].'/sessions')) mkdir($_SERVER['DOCUMENT_ROOT'].'/sessions',0705);
|
||||
if (endsWith($_SERVER['HTTP_HOST'],'.free.fr') && !is_dir($_SERVER['DOCUMENT_ROOT'].'/sessions')) mkdir($_SERVER['DOCUMENT_ROOT'].'/sessions',0705);
|
||||
|
||||
|
||||
// This part makes sure sessions works correctly.
|
||||
|
|
Loading…
Reference in a new issue