From e0c6efdc48898c0a347b809fb3914538b22dca1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Chapeaux?= Date: Sat, 9 Feb 2002 18:04:03 +0000 Subject: [PATCH] improved patch #495360 --- ChangeLog | 6 ++++-- libraries/auth/cookie.auth.lib.php3 | 16 ++++++++-------- main.php3 | 6 ++++-- 3 files changed, 16 insertions(+), 12 deletions(-) diff --git a/ChangeLog b/ChangeLog index 2aafce74a..357121069 100755 --- a/ChangeLog +++ b/ChangeLog @@ -6,9 +6,9 @@ $Id$ $Source$ 2002-02-09 Marc Delisle - * main.php3, libraries/auth/cookie.auth.lib.php3, Patch + * main.php3, libraries/auth/cookie.auth.lib.php3, Patch 495360 (cookie with domain), experimental, thanks to - Piotr Roszatycki (d3xter) and Christoph (certelt) + Piotr Roszatycki (d3xter) and Christoph (certelt). 2002-02-09 Loïc Chapeaux * libraries/functions.js: improved the "mark row" feature (it wasn't @@ -22,6 +22,8 @@ $Source$ * tbl_properties.php3, line 573: fixed an xhtml error. * header.inc.php3, lines 53-57; left.php3, line 67: patch #515199 - Problem with thanks to Alexander M. Turek. + * main.php3, lines 11-14; libraries/grab_globals.lib.php3, lines 27-32; + libraries/auth/cookie.auth.lib.php3: improved patch #495360. 2002-02-08 Marc Delisle * ukrainian updates thanks to Markijan Baran. diff --git a/libraries/auth/cookie.auth.lib.php3 b/libraries/auth/cookie.auth.lib.php3 index 9dc4b7786..29aac2e1e 100644 --- a/libraries/auth/cookie.auth.lib.php3 +++ b/libraries/auth/cookie.auth.lib.php3 @@ -11,6 +11,9 @@ if (!defined('PMA_COOKIE_AUTH_INCLUDED')) { define('PMA_COOKIE_AUTH_INCLUDED', 1); + // Defines the cookie path + $cookiePath = substr($SCRIPT_NAME, 0, strrpos($SCRIPT_NAME, '/')); + /** * Sorts available languages by their true names * @@ -269,8 +272,7 @@ if (uname.value == '') { // The user wants to be logged out -> delete password cookie if (!empty($old_usr)) { - setcookie('pma_cookie_password', '',0, - substr($SCRIPT_NAME, 0, strrpos($SCRIPT_NAME, '/'))); + setcookie('pma_cookie_password', '', 0, $GLOBALS['cookiePath']); } // The user just logged in @@ -359,12 +361,11 @@ if (uname.value == '') { // Set cookies if required (once per session) if (!$from_cookie) { // Duration = one month for username - setcookie('pma_cookie_username', $cfgServer['user'], + setcookie('pma_cookie_username', $cfgServer['user'], time() + (60 * 60 * 24 * 30), - substr($SCRIPT_NAME, 0, strrpos($SCRIPT_NAME, '/'))); + $GLOBALS['cookiePath']); // Duration = till the browser is closed for password - setcookie('pma_cookie_password', $cfgServer['password'],0, - substr($SCRIPT_NAME, 0, strrpos($SCRIPT_NAME, '/'))); + setcookie('pma_cookie_password', $cfgServer['password'], 0, $GLOBALS['cookiePath']); } return TRUE; @@ -381,8 +382,7 @@ if (uname.value == '') { function PMA_auth_fails() { // Deletes password cookie and displays the login form - setcookie('pma_cookie_password', '',0, - substr($SCRIPT_NAME, 0, strrpos($SCRIPT_NAME, '/'))); + setcookie('pma_cookie_password', '', 0, $GLOBALS['cookiePath']); PMA_auth(); return TRUE; diff --git a/main.php3 b/main.php3 index 42347c8e8..3047308cb 100755 --- a/main.php3 +++ b/main.php3 @@ -8,8 +8,10 @@ require('./libraries/grab_globals.lib.php3'); require('./libraries/common.lib.php3'); // Puts the language to use in a cookie that will expire in 30 days -setcookie('lang', $lang, time() + 60*60*24*30, - substr($SCRIPT_NAME, 0, strrpos($SCRIPT_NAME, '/')) ); +if (!isset($cookiePath)) { + $cookiePath = substr($SCRIPT_NAME, 0, strrpos($SCRIPT_NAME, '/')); +} +setcookie('lang', $lang, time() + 60*60*24*30, $cookiePath); // Defines the "item" image depending on text direction $item_img = 'images/item_' . $text_dir . '.gif'; // Handles some variables that may have been sent by the calling script