From: Sébastien SAUVAGE <sebsauvage@sebsauvage.net>
Date: Tue, 26 Feb 2013 13:47:47 +0000 (+0100)
Subject: Login problem correction
X-Git-Tag: v0.0.41beta~25
X-Git-Url: https://git.immae.eu/?a=commitdiff_plain;h=2d9fab88be93b2aed635eab987cd3716a1bdb579;hp=fdc4c6a1cd1a367ce666340bb78e1d860cbcd53f;p=github%2Fshaarli%2FShaarli.git

Login problem correction

This corrects the session problem with some browsers when Shaarli is
hosted on a sub-domain. Please tell me if this corrects login problems
if you had one.
---

diff --git a/index.php b/index.php
index 8436f8ac..0253c19f 100644
--- a/index.php
+++ b/index.php
@@ -34,7 +34,8 @@ define('PHPSUFFIX',' */ ?>'); // Suffix to encapsulate data in php code.
 
 // Force cookie path (but do not change lifetime)
 $cookie=session_get_cookie_params();
-session_set_cookie_params($cookie['lifetime'],dirname($_SERVER["SCRIPT_NAME"]).'/'); // Default cookie expiration and path.
+$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
+session_set_cookie_params($cookie['lifetime'],$cookiedir); // Set default cookie expiration and path.
 
 // PHP Settings
 ini_set('max_input_time','60');  // High execution time in case of problematic imports/exports.
@@ -380,13 +381,16 @@ if (isset($_POST['login']))
         {
             $_SESSION['longlastingsession']=31536000;  // (31536000 seconds = 1 year)
             $_SESSION['expires_on']=time()+$_SESSION['longlastingsession'];  // Set session expiration on server-side.
-            session_set_cookie_params($_SESSION['longlastingsession'],dirname($_SERVER["SCRIPT_NAME"]).'/'); // Set session cookie expiration on client side
+
+            $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
+            session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir); // Set session cookie expiration on client side
             // Note: Never forget the trailing slash on the cookie path !
             session_regenerate_id(true);  // Send cookie with new expiration date to browser.
         }
         else // Standard session expiration (=when browser closes)
         {
-            session_set_cookie_params(0,dirname($_SERVER["SCRIPT_NAME"]).'/'); // 0 means "When browser closes"
+            $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
+            session_set_cookie_params(0,$cookiedir); // 0 means "When browser closes"
             session_regenerate_id(true);
         }
         // Optional redirect after login: