1 files changed, 4 insertions, 4 deletions
diff --git a/index.php b/index.php
index e50c0181..8b5ba334 100644
--- a/index.php
+++ b/index.php
@@ -47,7 +47,7 @@ define('WEB_PATH', substr($_SERVER["REQUEST_URI"], 0, 1+strrpos($_SERVER["REQUES
 // Force cookie path (but do not change lifetime)
 $cookie=session_get_cookie_params();
 $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
-session_set_cookie_params($cookie['lifetime'],$cookiedir,$_SERVER['HTTP_HOST']); // Set default cookie expiration and path.
+session_set_cookie_params($cookie['lifetime'],$cookiedir,$_SERVER['SERVER_NAME']); // Set default cookie expiration and path.
 // Set session parameters on server side.
 define('INACTIVITY_TIMEOUT',3600); // (in seconds). If the user does not access any page within this time, his/her session is considered expired.
@@ -406,14 +406,14 @@ if (isset($_POST['login']))
            $_SESSION['expires_on']=time()+$_SESSION['longlastingsession'];  // Set session expiration on server-side.
            $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
-            session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir,$_SERVER['HTTP_HOST']); // Set session cookie expiration on client side
+            session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir,$_SERVER['SERVER_NAME']); // Set session cookie expiration on client side
            // Note: Never forget the trailing slash on the cookie path!
            session_regenerate_id(true);  // Send cookie with new expiration date to browser.
        }
        else // Standard session expiration (=when browser closes)
        {
            $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
-            session_set_cookie_params(0,$cookiedir,$_SERVER['HTTP_HOST']); // 0 means "When browser closes"
+            session_set_cookie_params(0,$cookiedir,$_SERVER['SERVER_NAME']); // 0 means "When browser closes"
            session_regenerate_id(true);
        }
        // Optional redirect after login:
@@ -445,7 +445,7 @@ function serverUrl()
 {
    $https = (!empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS'])=='on')) || $_SERVER["SERVER_PORT"]=='443'; // HTTPS detection.
    $serverport = ($_SERVER["SERVER_PORT"]=='80' || ($https && $_SERVER["SERVER_PORT"]=='443') ? '' : ':'.$_SERVER["SERVER_PORT"]);
-    return 'http'.($https?'s':'').'://'.$_SERVER['HTTP_HOST'].$serverport;
+    return 'http'.($https?'s':'').'://'.$_SERVER['SERVER_NAME'].$serverport;
 }
 // Returns the absolute URL of current script, without the query.

diff --git a/index.php b/index.php index e50c0181..8b5ba334 100644 --- a/index.php +++ b/index.php
@@ -47,7 +47,7 @@ define('WEB_PATH', substr($_SERVER["REQUEST_URI"], 0, 1+strrpos($_SERVER["REQUES
47	// Force cookie path (but do not change lifetime)	47	// Force cookie path (but do not change lifetime)
48	$cookie=session_get_cookie_params();	48	$cookie=session_get_cookie_params();
49	$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';	49	$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
50	session_set_cookie_params($cookie['lifetime'],$cookiedir,$_SERVER['HTTP_HOST']); // Set default cookie expiration and path.	50	session_set_cookie_params($cookie['lifetime'],$cookiedir,$_SERVER['SERVER_NAME']); // Set default cookie expiration and path.
51		51
52	// Set session parameters on server side.	52	// Set session parameters on server side.
53	define('INACTIVITY_TIMEOUT',3600); // (in seconds). If the user does not access any page within this time, his/her session is considered expired.	53	define('INACTIVITY_TIMEOUT',3600); // (in seconds). If the user does not access any page within this time, his/her session is considered expired.
@@ -406,14 +406,14 @@ if (isset($_POST['login']))
406	$_SESSION['expires_on']=time()+$_SESSION['longlastingsession']; // Set session expiration on server-side.	406	$_SESSION['expires_on']=time()+$_SESSION['longlastingsession']; // Set session expiration on server-side.
407		407
408	$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';	408	$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
409	session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir,$_SERVER['HTTP_HOST']); // Set session cookie expiration on client side	409	session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir,$_SERVER['SERVER_NAME']); // Set session cookie expiration on client side
410	// Note: Never forget the trailing slash on the cookie path!	410	// Note: Never forget the trailing slash on the cookie path!
411	session_regenerate_id(true); // Send cookie with new expiration date to browser.	411	session_regenerate_id(true); // Send cookie with new expiration date to browser.
412	}	412	}
413	else // Standard session expiration (=when browser closes)	413	else // Standard session expiration (=when browser closes)
414	{	414	{
415	$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';	415	$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/';
416	session_set_cookie_params(0,$cookiedir,$_SERVER['HTTP_HOST']); // 0 means "When browser closes"	416	session_set_cookie_params(0,$cookiedir,$_SERVER['SERVER_NAME']); // 0 means "When browser closes"
417	session_regenerate_id(true);	417	session_regenerate_id(true);
418	}	418	}
419	// Optional redirect after login:	419	// Optional redirect after login:
@@ -445,7 +445,7 @@ function serverUrl()
445	{	445	{
446	$https = (!empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS'])=='on')) \|\| $_SERVER["SERVER_PORT"]=='443'; // HTTPS detection.	446	$https = (!empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS'])=='on')) \|\| $_SERVER["SERVER_PORT"]=='443'; // HTTPS detection.
447	$serverport = ($_SERVER["SERVER_PORT"]=='80' \|\| ($https && $_SERVER["SERVER_PORT"]=='443') ? '' : ':'.$_SERVER["SERVER_PORT"]);	447	$serverport = ($_SERVER["SERVER_PORT"]=='80' \|\| ($https && $_SERVER["SERVER_PORT"]=='443') ? '' : ':'.$_SERVER["SERVER_PORT"]);
448	return 'http'.($https?'s':'').'://'.$_SERVER['HTTP_HOST'].$serverport;	448	return 'http'.($https?'s':'').'://'.$_SERVER['SERVER_NAME'].$serverport;
449	}	449	}
450		450
451	// Returns the absolute URL of current script, without the query.	451	// Returns the absolute URL of current script, without the query.