Page MenuHomeIn-Portal Phabricator
Files F1068655

D512.diff
No OneTemporary
Actions

File Metadata

Created
Fri, Jul 18, 6:49 PM

D512.diff
View Options

Index: core/install.php
===================================================================
--- core/install.php
+++ core/install.php
@@ -864,6 +864,8 @@
if (strstr($domain, $license_domain) || $modules_helper->_IsLocalSite($domain)) {
$this->toolkit->systemConfig->set('Domain', 'Misc', $domain);
$this->toolkit->systemConfig->save();
+
+ $this->Application->SetConfigValue('SessionCookieDomains', $domain);
}
else {
$this->errorMessage = 'Domain name entered does not match domain name in the license!';
Index: core/install/english.lang
===================================================================
--- core/install/english.lang
+++ core/install/english.lang
@@ -206,7 +206,8 @@
<PHRASE Label="la_config_Search_MinKeyword_Length" Module="Core" Type="1">TWluaW1hbCBTZWFyY2ggS2V5d29yZCBMZW5ndGg=</PHRASE>
<PHRASE Label="la_config_SemaphoreLifetimeInSeconds" Module="Core" Type="1">RGVsZXRlIFN0dWNrIFNlbWFwaG9yZXMgYWZ0ZXI=</PHRASE>
<PHRASE Label="la_config_SessionBrowserSignatureCheck" Module="Core" Type="1">U2Vzc2lvbiBTZWN1cml0eSBDaGVjayBiYXNlZCBvbiBCcm93c2VyIFNpZ25hdHVyZQ==</PHRASE>
- <PHRASE Label="la_config_SessionCookieDomains" Module="Core" Type="1">U2Vzc2lvbiBDb29raWUgRG9tYWlucyAoc2luZ2xlIGRvbWFpbiBwZXIgbGluZSk=</PHRASE>
+ <PHRASE Label="la_config_SessionCookieDomains" Module="Core" Type="1" Hint="VGhlIEZyb250LUVuZCBMb2dpbiBmb3JtIHdpbGwgYmUgYnJva2VuIHVubGVzcyB0aGlzIHNldHRpbmcgaXMgcG9wdWxhdGVkLg==">
+U2Vzc2lvbiBDb29raWUgRG9tYWlucyAoc2luZ2xlIGRvbWFpbiBwZXIgbGluZSk=</PHRASE>
<PHRASE Label="la_config_SessionIPAddressCheck" Module="Core" Type="1">U2Vzc2lvbiBTZWN1cml0eSBDaGVjayBiYXNlZCBvbiBJUA==</PHRASE>
<PHRASE Label="la_config_SiteNameSubTitle" Module="Core" Type="1">V2Vic2l0ZSBTdWJ0aXRsZQ==</PHRASE>
<PHRASE Label="la_config_site_zone" Module="Core" Type="1">VGltZSB6b25lIG9mIHRoZSBzaXRl</PHRASE>
@@ -1141,7 +1142,7 @@
<PHRASE Label="la_prompt_Select_Source" Module="Core" Type="1">U2VsZWN0IFNvdXJjZSBMYW5ndWFnZQ==</PHRASE>
<PHRASE Label="la_prompt_SentOn" Module="Core" Type="1">U2VudCBPbg==</PHRASE>
<PHRASE Label="la_prompt_session_cookie_name" Module="Core" Type="1">U2Vzc2lvbiBDb29raWUgTmFtZQ==</PHRASE>
- <PHRASE Label="la_prompt_session_management" Module="Core" Type="1">U2Vzc2lvbiBNYW5hZ2VtZW50IE1ldGhvZA==</PHRASE>
+ <PHRASE Label="la_prompt_session_management" Module="Core" Type="1">U2Vzc2lvbiBNYW5hZ2VtZW50IE1ldGhvZCAoZm9yIEZyb250LUVuZCBvbmx5KQ==</PHRASE>
<PHRASE Label="la_prompt_session_timeout" Module="Core" Type="1">U2Vzc2lvbiBJbmFjdGl2aXR5IFRpbWVvdXQgKHNlY29uZHMp</PHRASE>
<PHRASE Label="la_prompt_showgeneraltab" Module="Core" Type="1">U2hvdyBvbiB0aGUgZ2VuZXJhbCB0YWI=</PHRASE>
<PHRASE Label="la_prompt_SimpleSearch" Module="Core" Type="1">U2ltcGxlIFNlYXJjaA==</PHRASE>
Index: core/install/install_data.sql
===================================================================
--- core/install/install_data.sql
+++ core/install/install_data.sql
@@ -50,7 +50,7 @@
INSERT INTO SystemSettings VALUES(DEFAULT, 'HardMaintenanceTemplate', 'maintenance', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsMaintenance', 'la_config_HardMaintenanceTemplate', 'text', '', 'style="width: 200px;"', '15.04', 0, 0, 'hint:la_config_HardMaintenanceTemplate');
INSERT INTO SystemSettings VALUES(DEFAULT, 'CookieSessions', '2', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_prompt_session_management', 'select', NULL, '0=la_opt_QueryString||1=la_opt_Cookies||2=la_opt_AutoDetect', 20.01, 0, 1, NULL);
INSERT INTO SystemSettings VALUES(DEFAULT, 'SessionCookieName', 'sid', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_prompt_session_cookie_name', 'text', '', '', 20.02, 0, 1, NULL);
-INSERT INTO SystemSettings VALUES(DEFAULT, 'SessionCookieDomains', '', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_SessionCookieDomains', 'textarea', '', 'rows="5" cols="40"', 20.021, 0, 0, NULL);
+INSERT INTO SystemSettings VALUES(DEFAULT, 'SessionCookieDomains', '', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_SessionCookieDomains', 'textarea', '', 'rows="5" cols="40"', 20.021, 0, 0, 'hint:la_config_SessionCookieDomains');
INSERT INTO SystemSettings VALUES(DEFAULT, 'KeepSessionOnBrowserClose', '0', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_KeepSessionOnBrowserClose', 'checkbox', '', '', 20.03, 0, 0, NULL);
INSERT INTO SystemSettings VALUES(DEFAULT, 'SessionBrowserSignatureCheck', '0', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_SessionBrowserSignatureCheck', 'checkbox', NULL, NULL, 20.04, 0, 1, NULL);
INSERT INTO SystemSettings VALUES(DEFAULT, 'SessionIPAddressCheck', '0', 'In-Portal', 'in-portal:configure_advanced', 'la_section_SettingsSession', 'la_config_SessionIPAddressCheck', 'checkbox', NULL, NULL, 20.05, 0, 1, NULL);
Index: core/install/upgrades.php
===================================================================
--- core/install/upgrades.php
+++ core/install/upgrades.php
@@ -2390,6 +2390,13 @@
foreach ( $ids as $id ) {
$this->Conn->doUpdate($page_helper->getRevisionContent($id), $table_name, 'RevisionId = ' . $id);
}
+
+ if ( $this->Application->ConfigValue('SessionCookieDomains') === '' ) {
+ $this->Application->SetConfigValue(
+ 'SessionCookieDomains',
+ $this->_toolkit->systemConfig->get('Domain', 'Misc')
+ );
+ }
}
/**
Index: core/install/upgrades.sql
===================================================================
--- core/install/upgrades.sql
+++ core/install/upgrades.sql
@@ -2986,3 +2986,6 @@
UPDATE UserSessionLogs SET SessionKey = SessionId;
ALTER TABLE CurlLog CHANGE `SessionKey` `SessionKey` char(64) NOT NULL DEFAULT '';
ALTER TABLE SystemLog CHANGE `LogSessionKey` `LogSessionKey` char(64) NOT NULL DEFAULT '';
+UPDATE LanguageLabels SET l1_HintTranslation = 'The Front-End Login form will be broken unless this setting is populated.' WHERE PhraseKey = 'LA_CONFIG_SESSIONCOOKIEDOMAINS';
+UPDATE LanguageLabels SET l1_Translation = 'Session Management Method (for Front-End only)' WHERE PhraseKey = 'LA_PROMPT_SESSION_MANAGEMENT';
+UPDATE SystemSettings SET HintLabel = 'hint:la_config_SessionCookieDomains' WHERE VariableName = 'SessionCookieDomains';
Index: core/kernel/session/session.php
===================================================================
--- core/kernel/session/session.php
+++ core/kernel/session/session.php
@@ -214,18 +214,18 @@
if (!array_key_exists($domain, $cache)) {
switch ( substr_count($domain, '.') ) {
case 2:
- // 3rd level domain (3 parts)
- $cache[$domain] = substr($domain, strpos($domain, '.')); // with leading "."
+ // The 3rd-level domain (3 parts), e.g. "www.website.com".
+ $cache[$domain] = substr($domain, strpos($domain, '.')); // With leading ".", e.g. ".website.com".
break;
case 1:
- // 2rd level domain (2 parts)
- $cache[$domain] = '.' . $domain; // with leading "."
+ // The 2nd-level domain (2 parts), e.g. "website.com".
+ $cache[$domain] = '.' . $domain; // With leading ".", e.g. ".website.com".
break;
default:
- // more then 3rd level
- $cache[$domain] = ltrim($domain, '.'); // without leading "."
+ // More than the 3rd-level domain, e.g. "my.custom.website.com".
+ $cache[$domain] = ltrim($domain, '.'); // Without leading ".", e.g. "my.custom.website.com".
break;
}
}
@@ -317,17 +317,16 @@
}
/**
- * Helper method for detecting cookie availability
+ * Checks if we're coming from our website.
*
- * @return bool
+ * @return boolean
+ * @see kUrlManager::HREF()
*/
- function _checkCookieReferer()
+ protected function checkCookieReferer()
{
- // removing /admin for compatability with in-portal (in-link/admin/add_link.php)
- $path = preg_replace('/admin[\/]{0,1}$/', '', $this->CookiePath);
- $reg = '#^'.preg_quote(PROTOCOL.ltrim($this->CookieDomain, '.').$path).'#';
+ $path = PROTOCOL . ltrim($this->CookieDomain, '.') . $this->CookiePath;
- return preg_match($reg, getArrayValue($_SERVER, 'HTTP_REFERER') );
+ return preg_match('#^' . preg_quote($path, '#') . '#', getArrayValue($_SERVER, 'HTTP_REFERER'));
}
function CheckIfCookiesAreOn()
@@ -353,7 +352,7 @@
if ( !$cookies_on || $this->Application->HttpQuery->IsHTTPSRedirect() || $this->getFlashSID() ) {
//If referer is our server, but we don't have our cookies_on, it's definetly off
$is_install = defined('IS_INSTALL') && IS_INSTALL;
- if ( !$is_install && $this->_checkCookieReferer() && !$this->Application->GetVar('admin') && !$this->Application->HttpQuery->IsHTTPSRedirect() ) {
+ if ( !$is_install && $this->checkCookieReferer() && !$this->Application->GetVar('admin') && !$this->Application->HttpQuery->IsHTTPSRedirect() ) {
$this->CookiesEnabled = false;
}
else {

Event Timeline

In-Portal CMS · In-Portal Community Pages · In-Portal Issue Tracker · In-Portal Repository Browser · Quality Assurance · In-Portal CI Server