extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-12-28 09:38:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

"fixed IE cookie problem: IE seems not to care for the path when deleting cookies, beside using the oposite order in processing the cookies"

Browse Source
This commit is contained in:
Ralf Becker 2007-05-24 10:10:20 +00:00
parent 196046f66c
commit 83a9989e57
1 changed files with 35 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
phpgwapi/inc/class.sessions.inc.php
View File

@ -13,7 +13,9 @@
* @license LGPL * @license LGPL
* @version $Id$ * @version $Id$
*/ */
error_log('>>>>>>>>>> eGW-trunk '.$_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING']);
error_log('_COOKIE='.print_r($_COOKIE,true));
error_log('_POST='.print_r($_POST,true));
/** /**
* eGW's Session Management * eGW's Session Management
* *
@ -161,6 +163,13 @@
*/ */
var $egw_domains; var $egw_domains;
/**
* Write debug messages about session verification to the error_log
*
* @var boolean
*/
var $errorlog_debug = true;
/** /**
* Constructor just loads up some defaults from cookies * Constructor just loads up some defaults from cookies
* *
@ -310,6 +319,7 @@
*/ */
if ($session['session_dla'] <= (time() - $GLOBALS['egw_info']['server']['sessions_timeout'])) if ($session['session_dla'] <= (time() - $GLOBALS['egw_info']['server']['sessions_timeout']))
{ {
if ($this->errorlog_debug) error_log("*** session::verify('$sessionid') session timed out");
$this->destroy($sessionid,$kp3); $this->destroy($sessionid,$kp3);
return False; return False;
} }
@ -338,6 +348,7 @@
$this->account_id = $GLOBALS['egw']->accounts->name2id($this->account_lid,'account_lid','u'); $this->account_id = $GLOBALS['egw']->accounts->name2id($this->account_lid,'account_lid','u');
if (!$this->account_id) if (!$this->account_id)
{ {
if ($this->errorlog_debug) error_log("*** session::verify($sessionid) !accounts::name2id('$this->account_lid')");
return False; return False;
} }
@ -355,6 +366,7 @@
if ($this->user['expires'] != -1 && $this->user['expires'] < time()) if ($this->user['expires'] != -1 && $this->user['expires'] < time())
{ {
if ($this->errorlog_debug) error_log("*** session::verify($sessionid) accounts is expired");
if(is_object($GLOBALS['egw']->log)) if(is_object($GLOBALS['egw']->log))
{ {
$GLOBALS['egw']->log->message(array( $GLOBALS['egw']->log->message(array(
@ -377,6 +389,7 @@
} }
if ($this->account_domain != $GLOBALS['egw_info']['user']['domain']) if ($this->account_domain != $GLOBALS['egw_info']['user']['domain'])
{ {
if ($this->errorlog_debug) error_log("*** session::verify($sessionid) wrong domain");
if(is_object($GLOBALS['egw']->log)) if(is_object($GLOBALS['egw']->log))
{ {
$GLOBALS['egw']->log->message(array( $GLOBALS['egw']->log->message(array(
@ -393,6 +406,7 @@
if (@$GLOBALS['egw_info']['server']['sessions_checkip']) if (@$GLOBALS['egw_info']['server']['sessions_checkip'])
{ {
if ($this->errorlog_debug) error_log("*** session::verify($sessionid) wrong IP");
if((PHP_OS != 'Windows') && (PHP_OS != 'WINNT') && if((PHP_OS != 'Windows') && (PHP_OS != 'WINNT') &&
(!$GLOBALS['egw_info']['user']['session_ip'] || $GLOBALS['egw_info']['user']['session_ip'] != $this->getuser_ip()) (!$GLOBALS['egw_info']['user']['session_ip'] || $GLOBALS['egw_info']['user']['session_ip'] != $this->getuser_ip())
) )
@ -422,6 +436,7 @@
} }
if (! $this->account_lid) if (! $this->account_lid)
{ {
if ($this->errorlog_debug) error_log("*** session::verify($sessionid) !account_lid");
if(is_object($GLOBALS['egw']->log)) if(is_object($GLOBALS['egw']->log))
{ {
// This needs some better wording // This needs some better wording
@ -439,6 +454,7 @@
$_current_app=$GLOBALS['egw_info']['flags']['currentapp']; $_current_app=$GLOBALS['egw_info']['flags']['currentapp'];
if($this->session_flags=='A' && !$GLOBALS['egw_info']['user']['apps'][$_current_app]) if($this->session_flags=='A' && !$GLOBALS['egw_info']['user']['apps'][$_current_app])
{ {
if ($this->errorlog_debug) error_log("*** session::verify($sessionid) anon user entering not allowed app");
$this->destroy($sessionid,$kp3); $this->destroy($sessionid,$kp3);
/* Overwrite Cookie with empty user. For 2 weeks */ /* Overwrite Cookie with empty user. For 2 weeks */
@ -450,6 +466,7 @@
return False; return False;
} }
if ($this->errorlog_debug) error_log("--> session::verify($sessionid) SUCCESS");
return True; return True;
} }
@ -497,17 +514,15 @@
} }
print_debug('COOKIE_DOMAIN',$this->cookie_domain,'api'); print_debug('COOKIE_DOMAIN',$this->cookie_domain,'api');
$url_parts = parse_url($GLOBALS['egw_info']['server']['webserver_url']); if (!$GLOBALS['egw_info']['server']['cookiepath'])
if (!($this->cookie_path = $url_parts['path'])) $this->cookie_path = '/';
// if the cookiepath should be / and it's not, delete evtl. existing cookies and set '/'
if (!$GLOBALS['egw_info']['server']['cookiepath'] && $this->cookie_path != '/')
{ {
foreach(array('sessionid','kp3','domain','last_domain','last_loginid') as $name)
{
setcookie($name,false,0,$this->cookie_path,$this->cookie_domain);
}
$this->cookie_path = '/'; $this->cookie_path = '/';
} }
else
{
$url_parts = parse_url($GLOBALS['egw_info']['server']['webserver_url']);
if (!($this->cookie_path = $url_parts['path']) ) $this->cookie_path = '/';
}
//echo "<p>cookie_path='$this->cookie_path', cookie_domain='$this->cookie_domain'</p>\n"; //echo "<p>cookie_path='$this->cookie_path', cookie_domain='$this->cookie_domain'</p>\n";
$this->set_cookie_params($this->cookie_domain,$this->cookie_path); // for php4 sessions necessary $this->set_cookie_params($this->cookie_domain,$this->cookie_path); // for php4 sessions necessary
@ -528,7 +543,7 @@
$this->egw_set_cookiedomain(); $this->egw_set_cookiedomain();
} }
if (is_null($cookiepath)) $cookiepath = $this->cookie_path; if (is_null($cookiepath)) $cookiepath = $this->cookie_path;
error_log("setcookie($cookiename,$cookievalue,$cookietime,$cookiepath,$this->cookie_domain)");
setcookie($cookiename,$cookievalue,$cookietime,$cookiepath,$this->cookie_domain); setcookie($cookiename,$cookievalue,$cookietime,$cookiepath,$this->cookie_domain);
} }