Allow configuration of cookie storage on client (RFE #1095227).

2006-04-26 21:36:34 +00:00
parent d561a14419
commit d91c1fff8e
4 changed files with 11 additions and 3 deletions
--- a/6
+++ b/6
@@ -32,8 +32,10 @@ $Source$
      textarea ;-).
    * libraries/display_export.lib.php: Reinclude table selection (bug
      #1477226).
-    * libraries/auth/cookie.auth.lib.php: 
-        - Remove unused function.
+    * libraries/auth/cookie.auth.lib.php: Remove unused function.
+    * libraries/auth/cookie.auth.lib.php, Documentation.html,
+      libraries/config.default.php: Allow configuration of cookie storage on
+      client (RFE #1095227).

 2006-04-26 Sebastian Mendel <cybot_tm@users.sourceforge.net>
    * themes/*:
--- a/Documentation.html
+++ b/Documentation.html
@@ -1020,6 +1020,11 @@ ALTER TABLE `pma_column_comments`
    <dt id="cfg_LoginCookieValidity">$cfg[LoginCookieValidity] integer [number of seconds]</dt>
    <dd>Define how long is login cookie valid.</dd>

+    <dt id="cfg_LoginCookieStore">$cfg[LoginCookieStore] integer [number of seconds]</dt>
+    <dd>Define how long is login cookie should be stored in browser. Default 0
+        means that it will be kept for existing session. This is recommended
+        for not trusted environments.</dd>
+
    <dt id="cfg_UseDbSearch">$cfg[UseDbSearch] boolean</dt>
    <dd>Define whether the "search string inside database" is enabled or not.</dd>

--- a/libraries/auth/cookie.auth.lib.php
+++ b/libraries/auth/cookie.auth.lib.php
@@ -421,7 +421,7 @@ function PMA_auth_set_user()
    setcookie('pma_cookie_password-' . $server,
        PMA_blowfish_encrypt(!empty($cfg['Server']['password']) ? $cfg['Server']['password'] : "\xff(blank)",
            $GLOBALS['cfg']['blowfish_secret'] . $GLOBALS['current_time']),
-        0,
+        $GLOBALS['cfg']['LoginCookieStore'],
        $GLOBALS['cookie_path'], '',
        $GLOBALS['is_https']);

--- a/libraries/config.default.php
+++ b/libraries/config.default.php
@@ -136,6 +136,7 @@ $cfg['AllowUserDropDatabase']   = FALSE;  // show a 'Drop database' link to norm
 $cfg['Confirm']                 = TRUE;   // confirm 'DROP TABLE' & 'DROP DATABASE'
 $cfg['LoginCookieRecall']       = TRUE;   // recall previous login in cookie auth. mode or not
 $cfg['LoginCookieValidity']     = 1800;   // validity of cookie login (in seconds)
+$cfg['LoginCookieStore']        = 0;      // how long login cookie should be stored (in seconds)
 $cfg['UseDbSearch']             = TRUE;   // whether to enable the "database search" feature
                                          // or not
 $cfg['IgnoreMultiSubmitErrors'] = FALSE;  // if set to true, PMA continues computing multiple-statement queries