I had a problem with the logout action deleting cookies on a local domain like localhost. (One without a dot)
I found that the serendipity_deleteCookie function was missing the same condition for local domains that the serendipity_setCookie has. (In functions_config.inc.php)
The cookies have to be deleted with sam host value as they were set, so for lacal domains, they cannot be deleted.
Adding the following lines after line 649 in the serendipity_deleteCookie function fixes the problem:
// If HTTP-Hosts like "localhost" are used, current browsers reject cookies.
// In this case, we disregard the HTTP host to be able to delete that cookie.
if (substr_count($host, '.') < 2) {
$host = '';
Problem loging out in local domain
-
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Re: Problem loging out in local domain
Hi!
Thanks for the headsup. Wouldn't it be better to check, if the host has less than 1 dot instead of 2 dots? "garv.in" would be a valid domainname, and it only has one dot, so the host should not be removed from the cookie host in that case?!
Regards,
Garvin
Thanks for the headsup. Wouldn't it be better to check, if the host has less than 1 dot instead of 2 dots? "garv.in" would be a valid domainname, and it only has one dot, so the host should not be removed from the cookie host in that case?!
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
Yes, I guess so, I just copied the condition used to set the cookie, so that it is the same to set it and remove it, but you are right.
Apparently, at the moment, s9y is not using the domain to set the cookie for single dot domains in that case.
So both the setCookie and deleteCookie method could be corrected.
Apparently, at the moment, s9y is not using the domain to set the cookie for single dot domains in that case.
So both the setCookie and deleteCookie method could be corrected.
-
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Hi!
Thanks a lot for the input. I just committed it like you suggested.
Regards,
Garvin
Thanks a lot for the input. I just committed it like you suggested.
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/