Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Open sidebar
project
drupal
Commits
b93ce19a
Commit
b93ce19a
authored
Apr 30, 2007
by
Dries
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
- Patch
#56357
by John Albin, alienbrain, moshe, etc: fixed more cookie domain problems.
parent
24870347
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
36 additions
and
22 deletions
+36
-22
includes/bootstrap.inc
includes/bootstrap.inc
+28
-2
sites/default/settings.php
sites/default/settings.php
+8
-20
No files found.
includes/bootstrap.inc
View file @
b93ce19a
...
...
@@ -256,13 +256,14 @@ function drupal_unset_globals() {
}
/**
* Loads the configuration and sets the base URL correctly.
* Loads the configuration and sets the base URL, cookie domain, and
* session name correctly.
*/
function
conf_init
()
{
global
$base_url
,
$base_path
,
$base_root
;
// Export the following settings.php variables to the global namespace
global
$db_url
,
$db_prefix
,
$conf
,
$installed_profile
;
global
$db_url
,
$db_prefix
,
$cookie_domain
,
$conf
,
$installed_profile
;
$conf
=
array
();
include_once
'./'
.
conf_path
()
.
'/settings.php'
;
...
...
@@ -290,6 +291,31 @@ function conf_init() {
$base_path
=
'/'
;
}
}
if
(
$cookie_domain
)
{
// If the user specifies the cookie domain, also use it for session name.
$session_name
=
$cookie_domain
;
}
else
{
// Otherwise use $base_url for session name.
$session_name
=
$base_url
;
// We try to set the cookie domain to the hostname.
if
(
!
empty
(
$_SERVER
[
'HTTP_HOST'
]))
{
$cookie_domain
=
$_SERVER
[
'HTTP_HOST'
];
}
}
// Strip leading periods, www., and port numbers from cookie domain.
$cookie_domain
=
ltrim
(
$cookie_domain
,
'.'
);
if
(
strpos
(
$cookie_domain
,
'www.'
)
===
0
)
{
$cookie_domain
=
substr
(
$cookie_domain
,
4
);
}
$cookie_domain
=
'.'
.
array_shift
(
explode
(
':'
,
$cookie_domain
));
// Per RFC 2109, cookie domains must contain at least one dot other than the
// first. For hosts such as 'localhost' or IP Addresses we don't set a cookie domain.
if
(
count
(
explode
(
'.'
,
$cookie_domain
))
>
2
&&
!
is_numeric
(
str_replace
(
'.'
,
''
,
$cookie_domain
)))
{
ini_set
(
'session.cookie_domain'
,
$cookie_domain
);
}
session_name
(
'SESS'
.
md5
(
$session_name
));
}
/**
...
...
sites/default/settings.php
View file @
b93ce19a
...
...
@@ -137,27 +137,15 @@
ini_set
(
'url_rewriter.tags'
,
''
);
/**
* We try to set the correct cookie domain.
*/
if
(
isset
(
$_SERVER
[
'HTTP_HOST'
]))
{
$domain
=
'.'
.
preg_replace
(
'`^www\.`'
,
''
,
$_SERVER
[
'HTTP_HOST'
]);
// Per RFC 2109, cookie domains must contain at least one dot other than the
// first. For hosts such as 'localhost', we don't set a cookie domain.
if
(
count
(
explode
(
'.'
,
$domain
))
>
2
)
{
ini_set
(
'session.cookie_domain'
,
$domain
);
}
}
* Drupal automatically generates a unique session cookie name for each site
* based on on its full domain name. If you have multiple domains pointing at
* the same Drupal site, you can either redirect them all to a single
* domain (see comment in .htaccess), or uncomment the line below and specify
* their shared base domain. Doing so assures that users remain logged in as they
* cross between your various domains.
*/
/**
* On some sites, multiple domains or subdomains may point to the same site.
* For instance, example.com may redirect to foo.example.com. In that case,
* the browser may confuse the cookies between the two domains, resulting in
* an inability to log in. In that case, uncomment the line below and set
* it to the more generic domain name. For instance, .example.com is more
* generic than .foo.example.com. Remember the leading period on the domain
* name, even if you wouldn't type it in your browser.
*/
#ini_set('session.cookie_domain', '.example.com');
#$cookie_domain = 'example.com';
/**
* Variable overrides:
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment