Attached Files |
infinite_redirect_with_cookies.patch [^] (5,923 bytes) 2010-02-03 12:08
[Show Content]
Index: install/english.lang
===================================================================
--- install/english.lang (revision 13140)
+++ install/english.lang (working copy)
@@ -226,6 +226,7 @@
<PHRASE Label="la_config_ResizableFrames" Module="Core" Type="1">RnJhbWVzIGluIGFkbWluaXN0cmF0aXZlIGNvbnNvbGUgYXJlIHJlc2l6YWJsZQ==</PHRASE>
<PHRASE Label="la_config_Search_MinKeyword_Length" Module="Core" Type="1">TWluaW1hbCBTZWFyY2ggS2V5d29yZCBMZW5ndGg=</PHRASE>
<PHRASE Label="la_config_SessionBrowserSignatureCheck" Module="Core" Type="1">U2Vzc2lvbiBTZWN1cml0eSBDaGVjayBiYXNlZCBvbiBCcm93c2VyIFNpZ25hdHVyZQ==</PHRASE>
+ <PHRASE Label="la_config_SessionCookieDomains" Module="Core" Type="1">U2Vzc2lvbiBDb29raWUgRG9tYWlucyAoc2luZ2xlIGRvbWFpbiBwZXIgbGluZSk=</PHRASE>
<PHRASE Label="la_config_SessionIPAddressCheck" Module="Core" Type="1">U2Vzc2lvbiBTZWN1cml0eSBDaGVjayBiYXNlZCBvbiBJUA==</PHRASE>
<PHRASE Label="la_config_SiteNameSubTitle" Module="Core" Type="1">V2Vic2l0ZSBTdWJ0aXRsZQ==</PHRASE>
<PHRASE Label="la_config_site_zone" Module="Core" Type="1">VGltZSB6b25lIG9mIHRoZSBzaXRl</PHRASE>
Index: install/install_data.sql
===================================================================
--- install/install_data.sql (revision 13151)
+++ install/install_data.sql (working copy)
@@ -78,6 +78,8 @@
INSERT INTO ConfigurationValues VALUES (DEFAULT, 'CookieSessions', '2', 'In-Portal', 'in-portal:configure_advanced');
INSERT INTO ConfigurationAdmin VALUES ('SessionCookieName', 'la_section_SettingsSession', 'la_prompt_session_cookie_name', 'text', '', '', 20.02, 0, 1);
INSERT INTO ConfigurationValues VALUES (DEFAULT, 'SessionCookieName', 'sid', 'In-Portal', 'in-portal:configure_advanced');
+INSERT INTO ConfigurationAdmin VALUES ('SessionCookieDomains', 'la_section_SettingsSession', 'la_config_SessionCookieDomains', 'textarea', '', 'rows="5" cols="40"', 20.021, 0, 0);
+INSERT INTO ConfigurationValues VALUES (DEFAULT, 'SessionCookieDomains', '', 'In-Portal', 'in-portal:configure_advanced');
INSERT INTO ConfigurationAdmin VALUES ('KeepSessionOnBrowserClose', 'la_section_SettingsSession', 'la_config_KeepSessionOnBrowserClose', 'checkbox', '', '', 20.03, 0, 0);
INSERT INTO ConfigurationValues VALUES (DEFAULT, 'KeepSessionOnBrowserClose', '0', 'In-Portal', 'in-portal:configure_advanced');
INSERT INTO ConfigurationAdmin VALUES ('SessionBrowserSignatureCheck', 'la_section_SettingsSession', 'la_config_SessionBrowserSignatureCheck', 'checkbox', NULL, NULL, 20.04, 0, 1);
Index: install/upgrades.sql
===================================================================
--- install/upgrades.sql (revision 13151)
+++ install/upgrades.sql (working copy)
@@ -1650,3 +1650,6 @@
DELETE FROM Phrase WHERE Phrase LIKE 'la_event_%';
DELETE FROM PersistantSessionData WHERE VariableName = 'phrases_columns_.';
+
+INSERT INTO ConfigurationAdmin VALUES ('SessionCookieDomains', 'la_section_SettingsSession', 'la_config_SessionCookieDomains', 'textarea', '', 'rows="5" cols="40"', 20.021, 0, 0);
+INSERT INTO ConfigurationValues VALUES (DEFAULT, 'SessionCookieDomains', '', 'In-Portal', 'in-portal:configure_advanced');
Index: kernel/session/session.php
===================================================================
--- kernel/session/session.php (revision 13128)
+++ kernel/session/session.php (working copy)
@@ -536,9 +536,55 @@
*/
function SetCookieDomain($domain)
{
- $this->CookieDomain = substr_count($domain, '.') ? '.'.ltrim($domain, '.') : false;
+ // 1. localhost or other like it without "." in domain name
+ if (!substr_count($domain, '.')) {
+ // don't use cookie domain at all
+ $this->CookieDomain = false;
+ return ;
+ }
+
+ // 2. match using predefined cookie domains from configuration
+ $cookie_domains = $this->Application->ConfigValue('SessionCookieDomains');
+
+ if ($cookie_domains) {
+ $cookie_domains = array_map('trim', explode("\n", $cookie_domains));
+
+ foreach ($cookie_domains as $cookie_domain) {
+ if (ltrim($cookie_domain, '.') == $domain) {
+ $this->CookieDomain = $cookie_domain; // as defined in configuration
+ return ;
+ }
+ }
+ }
+
+ // 3. only will execute, when none of domains were matched at previous step
+ $this->CookieDomain = $this->_autoGuessDomain($domain);
}
+ /**
+ * Auto-guess cookie domain based on $_SERVER['HTTP_HOST']
+ *
+ * @param $domain
+ * @return string
+ */
+ function _autoGuessDomain($domain)
+ {
+ switch ( substr_count($domain, '.') ) {
+ case 2:
+ // 3rd level domain (3 parts)
+ return substr($domain, strpos($domain, '.')); // with leading "."
+ break;
+
+ case 1:
+ // 2rd level domain (2 parts)
+ return '.' . $domain; // with leading "."
+ break;
+ }
+
+ // more then 3rd level
+ return ltrim($domain, '.'); // without leading "."
+ }
+
function SetGETName($get_name)
{
$this->GETName = $get_name;
@@ -702,6 +748,13 @@
$this->Application->HttpQuery->Cookie[$name] = $value;
}
+ $old_style_domain = defined('IS_INSTALL') && IS_INSTALL ? '.' . SERVER_NAME : $this->_autoGuessDomain(SERVER_NAME);
+
+ if ($this->CookieDomain != $old_style_domain) {
+ // new style cookie domain -> delete old style cookie to prevent infinite redirect
+ setcookie($name, $value, adodb_mktime() - 3600, $this->CookiePath, $old_style_domain, $this->CookieSecure);
+ }
+
setcookie($name, $value, $expires, $this->CookiePath, $this->CookieDomain, $this->CookieSecure);
}
Index: kernel/utility/unit_config_reader.php
===================================================================
--- kernel/utility/unit_config_reader.php (revision 13128)
+++ kernel/utility/unit_config_reader.php (working copy)
@@ -81,6 +81,7 @@
$config_vars = Array (
'SessionTimeout',
'SessionCookieName',
+ 'SessionCookieDomains',
'SessionBrowserSignatureCheck',
'SessionIPAddressCheck',
'CookieSessions',
infinite_redirect_with_cookies_v2.patch [^] (6,647 bytes) 2010-05-01 12:02
[Show Content]
Index: install/english.lang
===================================================================
--- install/english.lang (revision 13470)
+++ install/english.lang (working copy)
@@ -250,6 +250,7 @@
<PHRASE Label="la_config_ResizableFrames" Module="Core" Type="1">RnJhbWVzIGluIGFkbWluaXN0cmF0aXZlIGNvbnNvbGUgYXJlIHJlc2l6YWJsZQ==</PHRASE>
<PHRASE Label="la_config_Search_MinKeyword_Length" Module="Core" Type="1">TWluaW1hbCBTZWFyY2ggS2V5d29yZCBMZW5ndGg=</PHRASE>
<PHRASE Label="la_config_SessionBrowserSignatureCheck" Module="Core" Type="1">U2Vzc2lvbiBTZWN1cml0eSBDaGVjayBiYXNlZCBvbiBCcm93c2VyIFNpZ25hdHVyZQ==</PHRASE>
+ <PHRASE Label="la_config_SessionCookieDomains" Module="Core" Type="1">U2Vzc2lvbiBDb29raWUgRG9tYWlucyAoc2luZ2xlIGRvbWFpbiBwZXIgbGluZSk=</PHRASE>
<PHRASE Label="la_config_SessionIPAddressCheck" Module="Core" Type="1">U2Vzc2lvbiBTZWN1cml0eSBDaGVjayBiYXNlZCBvbiBJUA==</PHRASE>
<PHRASE Label="la_config_SiteNameSubTitle" Module="Core" Type="1">V2Vic2l0ZSBTdWJ0aXRsZQ==</PHRASE>
<PHRASE Label="la_config_site_zone" Module="Core" Type="1">VGltZSB6b25lIG9mIHRoZSBzaXRl</PHRASE>
Index: install/install_data.sql
===================================================================
--- install/install_data.sql (revision 13470)
+++ install/install_data.sql (working copy)
@@ -43,6 +43,7 @@
INSERT INTO ConfigurationValues VALUES(DEFAULT, 'UseVisitorTracking', '0', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsWebsite', 'la_config_UseVisitorTracking', 'checkbox', '', '', 10.09, 0, 0, NULL);
INSERT INTO ConfigurationValues VALUES(DEFAULT, 'CookieSessions', '2', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_prompt_session_management', 'select', NULL, '0=lu_opt_QueryString||1=lu_opt_Cookies||2=lu_opt_AutoDetect', 20.01, 0, 1, NULL);
INSERT INTO ConfigurationValues VALUES(DEFAULT, 'SessionCookieName', 'sid', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_prompt_session_cookie_name', 'text', '', '', 20.02, 0, 1, NULL);
+INSERT INTO ConfigurationValues VALUES(DEFAULT, 'SessionCookieDomains', '', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_SessionCookieDomains', 'textarea', '', 'rows="5" cols="40"', 20.021, 0, 0, NULL);
INSERT INTO ConfigurationValues VALUES(DEFAULT, 'KeepSessionOnBrowserClose', '0', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_KeepSessionOnBrowserClose', 'checkbox', '', '', 20.03, 0, 0, NULL);
INSERT INTO ConfigurationValues VALUES(DEFAULT, 'SessionBrowserSignatureCheck', '0', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_SessionBrowserSignatureCheck', 'checkbox', NULL, NULL, 20.04, 0, 1, NULL);
INSERT INTO ConfigurationValues VALUES(DEFAULT, 'SessionIPAddressCheck', '0', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_SessionIPAddressCheck', 'checkbox', NULL, NULL, 20.05, 0, 1, NULL);
Index: install/upgrades.sql
===================================================================
--- install/upgrades.sql (revision 13470)
+++ install/upgrades.sql (working copy)
@@ -1810,3 +1810,5 @@
UPDATE Phrase
SET l<%PRIMARY_LANGUAGE%>_Translation = 'Enable SEO-friendly URLs mode (MOD-REWRITE)'
WHERE Phrase = 'la_config_use_modrewrite' AND l<%PRIMARY_LANGUAGE%>_Translation = 'Use MOD REWRITE';
+
+INSERT INTO ConfigurationValues VALUES(DEFAULT, 'SessionCookieDomains', '', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_SessionCookieDomains', 'textarea', '', 'rows="5" cols="40"', 20.021, 0, 0, NULL);
\ No newline at end of file
Index: kernel/session/session.php
===================================================================
--- kernel/session/session.php (revision 13462)
+++ kernel/session/session.php (working copy)
@@ -549,9 +549,63 @@
*/
function SetCookieDomain($domain)
{
- $this->CookieDomain = substr_count($domain, '.') ? '.'.ltrim($domain, '.') : false;
+ // 1. localhost or other like it without "." in domain name
+ if (!substr_count($domain, '.')) {
+ // don't use cookie domain at all
+ $this->CookieDomain = false;
+ return ;
+ }
+
+ // 2. match using predefined cookie domains from configuration
+ $cookie_domains = $this->Application->ConfigValue('SessionCookieDomains');
+
+ if ($cookie_domains) {
+ $cookie_domains = array_map('trim', explode("\n", $cookie_domains));
+
+ foreach ($cookie_domains as $cookie_domain) {
+ if (ltrim($cookie_domain, '.') == $domain) {
+ $this->CookieDomain = $cookie_domain; // as defined in configuration
+ return ;
+ }
+ }
+ }
+
+ // 3. only will execute, when none of domains were matched at previous step
+ $this->CookieDomain = $this->_autoGuessDomain($domain);
}
+ /**
+ * Auto-guess cookie domain based on $_SERVER['HTTP_HOST']
+ *
+ * @param $domain
+ * @return string
+ */
+ function _autoGuessDomain($domain)
+ {
+ static $cache = Array ();
+
+ if (!array_key_exists($domain, $cache)) {
+ switch ( substr_count($domain, '.') ) {
+ case 2:
+ // 3rd level domain (3 parts)
+ $cache[$domain] = substr($domain, strpos($domain, '.')); // with leading "."
+ break;
+
+ case 1:
+ // 2rd level domain (2 parts)
+ $cache[$domain] = '.' . $domain; // with leading "."
+ break;
+
+ default:
+ // more then 3rd level
+ $cache[$domain] = ltrim($domain, '.'); // without leading "."
+ break;
+ }
+ }
+
+ return $cache[$domain];
+ }
+
function SetGETName($get_name)
{
$this->GETName = $get_name;
@@ -715,6 +769,13 @@
$this->Application->HttpQuery->Cookie[$name] = $value;
}
+ $old_style_domain = defined('IS_INSTALL') && IS_INSTALL ? '.' . SERVER_NAME : $this->_autoGuessDomain(SERVER_NAME);
+
+ if ($this->CookieDomain != $old_style_domain) {
+ // new style cookie domain -> delete old style cookie to prevent infinite redirect
+ setcookie($name, $value, adodb_mktime() - 3600, $this->CookiePath, $old_style_domain, $this->CookieSecure);
+ }
+
setcookie($name, $value, $expires, $this->CookiePath, $this->CookieDomain, $this->CookieSecure);
}
Index: kernel/utility/unit_config_reader.php
===================================================================
--- kernel/utility/unit_config_reader.php (revision 13473)
+++ kernel/utility/unit_config_reader.php (working copy)
@@ -82,6 +82,7 @@
// session related
'SessionTimeout',
'SessionCookieName',
+ 'SessionCookieDomains',
'SessionBrowserSignatureCheck',
'SessionIPAddressCheck',
'CookieSessions',
infinite_redirect_with_cookies_v3.patch [^] (6,795 bytes) 2010-05-05 02:42
[Show Content]
Index: install/english.lang
===================================================================
--- install/english.lang (revision 13470)
+++ install/english.lang (working copy)
@@ -250,6 +250,7 @@
<PHRASE Label="la_config_ResizableFrames" Module="Core" Type="1">RnJhbWVzIGluIGFkbWluaXN0cmF0aXZlIGNvbnNvbGUgYXJlIHJlc2l6YWJsZQ==</PHRASE>
<PHRASE Label="la_config_Search_MinKeyword_Length" Module="Core" Type="1">TWluaW1hbCBTZWFyY2ggS2V5d29yZCBMZW5ndGg=</PHRASE>
<PHRASE Label="la_config_SessionBrowserSignatureCheck" Module="Core" Type="1">U2Vzc2lvbiBTZWN1cml0eSBDaGVjayBiYXNlZCBvbiBCcm93c2VyIFNpZ25hdHVyZQ==</PHRASE>
+ <PHRASE Label="la_config_SessionCookieDomains" Module="Core" Type="1">U2Vzc2lvbiBDb29raWUgRG9tYWlucyAoc2luZ2xlIGRvbWFpbiBwZXIgbGluZSk=</PHRASE>
<PHRASE Label="la_config_SessionIPAddressCheck" Module="Core" Type="1">U2Vzc2lvbiBTZWN1cml0eSBDaGVjayBiYXNlZCBvbiBJUA==</PHRASE>
<PHRASE Label="la_config_SiteNameSubTitle" Module="Core" Type="1">V2Vic2l0ZSBTdWJ0aXRsZQ==</PHRASE>
<PHRASE Label="la_config_site_zone" Module="Core" Type="1">VGltZSB6b25lIG9mIHRoZSBzaXRl</PHRASE>
Index: install/install_data.sql
===================================================================
--- install/install_data.sql (revision 13476)
+++ install/install_data.sql (working copy)
@@ -43,6 +43,7 @@
INSERT INTO ConfigurationValues VALUES(DEFAULT, 'UseVisitorTracking', '0', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsWebsite', 'la_config_UseVisitorTracking', 'checkbox', '', '', 10.09, 0, 0, NULL);
INSERT INTO ConfigurationValues VALUES(DEFAULT, 'CookieSessions', '2', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_prompt_session_management', 'select', NULL, '0=lu_opt_QueryString||1=lu_opt_Cookies||2=lu_opt_AutoDetect', 20.01, 0, 1, NULL);
INSERT INTO ConfigurationValues VALUES(DEFAULT, 'SessionCookieName', 'sid', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_prompt_session_cookie_name', 'text', '', '', 20.02, 0, 1, NULL);
+INSERT INTO ConfigurationValues VALUES(DEFAULT, 'SessionCookieDomains', '', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_SessionCookieDomains', 'textarea', '', 'rows="5" cols="40"', 20.021, 0, 0, NULL);
INSERT INTO ConfigurationValues VALUES(DEFAULT, 'KeepSessionOnBrowserClose', '0', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_KeepSessionOnBrowserClose', 'checkbox', '', '', 20.03, 0, 0, NULL);
INSERT INTO ConfigurationValues VALUES(DEFAULT, 'SessionBrowserSignatureCheck', '0', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_SessionBrowserSignatureCheck', 'checkbox', NULL, NULL, 20.04, 0, 1, NULL);
INSERT INTO ConfigurationValues VALUES(DEFAULT, 'SessionIPAddressCheck', '0', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_SessionIPAddressCheck', 'checkbox', NULL, NULL, 20.05, 0, 1, NULL);
Index: install/upgrades.sql
===================================================================
--- install/upgrades.sql (revision 13476)
+++ install/upgrades.sql (working copy)
@@ -1810,3 +1810,5 @@
UPDATE Phrase
SET l<%PRIMARY_LANGUAGE%>_Translation = 'Enable SEO-friendly URLs mode (MOD-REWRITE)'
WHERE Phrase = 'la_config_use_modrewrite' AND l<%PRIMARY_LANGUAGE%>_Translation = 'Use MOD REWRITE';
+
+INSERT INTO ConfigurationValues VALUES(DEFAULT, 'SessionCookieDomains', '', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_SessionCookieDomains', 'textarea', '', 'rows="5" cols="40"', 20.021, 0, 0, NULL);
Index: kernel/session/session.php
===================================================================
--- kernel/session/session.php (revision 13462)
+++ kernel/session/session.php (working copy)
@@ -549,9 +549,63 @@
*/
function SetCookieDomain($domain)
{
- $this->CookieDomain = substr_count($domain, '.') ? '.'.ltrim($domain, '.') : false;
+ // 1. localhost or other like it without "." in domain name
+ if (!substr_count($domain, '.')) {
+ // don't use cookie domain at all
+ $this->CookieDomain = false;
+ return ;
+ }
+
+ // 2. match using predefined cookie domains from configuration
+ $cookie_domains = $this->Application->ConfigValue('SessionCookieDomains');
+
+ if ($cookie_domains) {
+ $cookie_domains = array_map('trim', explode("\n", $cookie_domains));
+
+ foreach ($cookie_domains as $cookie_domain) {
+ if (ltrim($cookie_domain, '.') == $domain) {
+ $this->CookieDomain = $cookie_domain; // as defined in configuration
+ return ;
+ }
+ }
+ }
+
+ // 3. only will execute, when none of domains were matched at previous step
+ $this->CookieDomain = $this->_autoGuessDomain($domain);
}
+ /**
+ * Auto-guess cookie domain based on $_SERVER['HTTP_HOST']
+ *
+ * @param $domain
+ * @return string
+ */
+ function _autoGuessDomain($domain)
+ {
+ static $cache = Array ();
+
+ if (!array_key_exists($domain, $cache)) {
+ switch ( substr_count($domain, '.') ) {
+ case 2:
+ // 3rd level domain (3 parts)
+ $cache[$domain] = substr($domain, strpos($domain, '.')); // with leading "."
+ break;
+
+ case 1:
+ // 2rd level domain (2 parts)
+ $cache[$domain] = '.' . $domain; // with leading "."
+ break;
+
+ default:
+ // more then 3rd level
+ $cache[$domain] = ltrim($domain, '.'); // without leading "."
+ break;
+ }
+ }
+
+ return $cache[$domain];
+ }
+
function SetGETName($get_name)
{
$this->GETName = $get_name;
@@ -715,6 +769,21 @@
$this->Application->HttpQuery->Cookie[$name] = $value;
}
+ $old_style_domains = Array (
+ // domain like in pre 5.1.0 versions
+ '.' . SERVER_NAME,
+
+ // auto-guessed domain (when user specified other domain in configuration variable)
+ $this->_autoGuessDomain(SERVER_NAME)
+ );
+
+ foreach ($old_style_domains as $old_style_domain) {
+ if ($this->CookieDomain != $old_style_domain) {
+ // new style cookie domain -> delete old style cookie to prevent infinite redirect
+ setcookie($name, $value, adodb_mktime() - 3600, $this->CookiePath, $old_style_domain, $this->CookieSecure);
+ }
+ }
+
setcookie($name, $value, $expires, $this->CookiePath, $this->CookieDomain, $this->CookieSecure);
}
Index: kernel/utility/unit_config_reader.php
===================================================================
--- kernel/utility/unit_config_reader.php (revision 13473)
+++ kernel/utility/unit_config_reader.php (working copy)
@@ -82,6 +82,7 @@
// session related
'SessionTimeout',
'SessionCookieName',
+ 'SessionCookieDomains',
'SessionBrowserSignatureCheck',
'SessionIPAddressCheck',
'CookieSessions',
infinite_redirect_with_cookies_modules.patch [^] (610 bytes) 2010-05-05 02:42
[Show Content]
Index: in-commerce/units/affiliates/affiliates_event_handler.php
===================================================================
--- in-commerce/units/affiliates/affiliates_event_handler.php (revision 13400)
+++ in-commerce/units/affiliates/affiliates_event_handler.php (working copy)
@@ -118,7 +118,8 @@
}
else
{
- setcookie('affiliate_id', $affiliate_id, $this->getCookieExpiration(), BASE_PATH, '.'.SERVER_NAME); // in cookie
+ // in cookie
+ $this->Application->Session->SetCookie('affiliate_id', $affiliate_id, $this->getCookieExpiration());
}
}
}
|