Merge pull request #37 from sebsauvage/CookieDomain

Correction for login problem with webkit browsers on sub-domain hosted Shaarli.
This commit is contained in:
Sébastien SAUVAGE 2013-03-08 01:01:40 -08:00
commit 41a30d9b2d

View file

@ -35,7 +35,7 @@ define('PHPSUFFIX',' */ ?>'); // Suffix to encapsulate data in php code.
// Force cookie path (but do not change lifetime) // Force cookie path (but do not change lifetime)
$cookie=session_get_cookie_params(); $cookie=session_get_cookie_params();
$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
session_set_cookie_params($cookie['lifetime'],$cookiedir); // Set default cookie expiration and path. session_set_cookie_params($cookie['lifetime'],$cookiedir,$_SERVER['SERVER_NAME']); // Set default cookie expiration and path.
// Set session parameters on server side. // Set session parameters on server side.
define('INACTIVITY_TIMEOUT',3600); // (in seconds). If the user does not access any page within this time, his/her session is considered expired. define('INACTIVITY_TIMEOUT',3600); // (in seconds). If the user does not access any page within this time, his/her session is considered expired.
@ -394,14 +394,14 @@ if (isset($_POST['login']))
$_SESSION['expires_on']=time()+$_SESSION['longlastingsession']; // Set session expiration on server-side. $_SESSION['expires_on']=time()+$_SESSION['longlastingsession']; // Set session expiration on server-side.
$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir); // Set session cookie expiration on client side session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir,$_SERVER['SERVER_NAME']); // Set session cookie expiration on client side
// Note: Never forget the trailing slash on the cookie path ! // Note: Never forget the trailing slash on the cookie path !
session_regenerate_id(true); // Send cookie with new expiration date to browser. session_regenerate_id(true); // Send cookie with new expiration date to browser.
} }
else // Standard session expiration (=when browser closes) else // Standard session expiration (=when browser closes)
{ {
$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
session_set_cookie_params(0,$cookiedir); // 0 means "When browser closes" session_set_cookie_params(0,$cookiedir,$_SERVER['SERVER_NAME']); // 0 means "When browser closes"
session_regenerate_id(true); session_regenerate_id(true);
} }
// Optional redirect after login: // Optional redirect after login: