aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorSébastien SAUVAGE <sebsauvage@sebsauvage.net>2013-02-26 14:47:47 +0100
committerSébastien SAUVAGE <sebsauvage@sebsauvage.net>2013-02-26 14:47:47 +0100
commit2d9fab88be93b2aed635eab987cd3716a1bdb579 (patch)
treee8538857ba8ccd28ca3da4ca52f5a75dc33166db
parentfdc4c6a1cd1a367ce666340bb78e1d860cbcd53f (diff)
downloadShaarli-2d9fab88be93b2aed635eab987cd3716a1bdb579.tar.gz
Shaarli-2d9fab88be93b2aed635eab987cd3716a1bdb579.tar.zst
Shaarli-2d9fab88be93b2aed635eab987cd3716a1bdb579.zip
Login problem correction
This corrects the session problem with some browsers when Shaarli is hosted on a sub-domain. Please tell me if this corrects login problems if you had one.
-rw-r--r--index.php10
1 files changed, 7 insertions, 3 deletions
diff --git a/index.php b/index.php
index 8436f8ac..0253c19f 100644
--- a/index.php
+++ b/index.php
@@ -34,7 +34,8 @@ define('PHPSUFFIX',' */ ?>'); // Suffix to encapsulate data in php code.
34 34
35// Force cookie path (but do not change lifetime) 35// Force cookie path (but do not change lifetime)
36$cookie=session_get_cookie_params(); 36$cookie=session_get_cookie_params();
37session_set_cookie_params($cookie['lifetime'],dirname($_SERVER["SCRIPT_NAME"]).'/'); // Default cookie expiration and path. 37$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
38session_set_cookie_params($cookie['lifetime'],$cookiedir); // Set default cookie expiration and path.
38 39
39// PHP Settings 40// PHP Settings
40ini_set('max_input_time','60'); // High execution time in case of problematic imports/exports. 41ini_set('max_input_time','60'); // High execution time in case of problematic imports/exports.
@@ -380,13 +381,16 @@ if (isset($_POST['login']))
380 { 381 {
381 $_SESSION['longlastingsession']=31536000; // (31536000 seconds = 1 year) 382 $_SESSION['longlastingsession']=31536000; // (31536000 seconds = 1 year)
382 $_SESSION['expires_on']=time()+$_SESSION['longlastingsession']; // Set session expiration on server-side. 383 $_SESSION['expires_on']=time()+$_SESSION['longlastingsession']; // Set session expiration on server-side.
383 session_set_cookie_params($_SESSION['longlastingsession'],dirname($_SERVER["SCRIPT_NAME"]).'/'); // Set session cookie expiration on client side 384
385 $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
386 session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir); // Set session cookie expiration on client side
384 // Note: Never forget the trailing slash on the cookie path ! 387 // Note: Never forget the trailing slash on the cookie path !
385 session_regenerate_id(true); // Send cookie with new expiration date to browser. 388 session_regenerate_id(true); // Send cookie with new expiration date to browser.
386 } 389 }
387 else // Standard session expiration (=when browser closes) 390 else // Standard session expiration (=when browser closes)
388 { 391 {
389 session_set_cookie_params(0,dirname($_SERVER["SCRIPT_NAME"]).'/'); // 0 means "When browser closes" 392 $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
393 session_set_cookie_params(0,$cookiedir); // 0 means "When browser closes"
390 session_regenerate_id(true); 394 session_regenerate_id(true);
391 } 395 }
392 // Optional redirect after login: 396 // Optional redirect after login: