1
steiner666
www COOKIE issue fix
  • 2008/1/6 19:36

  • steiner666

  • Just popping in

  • Posts: 2

  • Since: 2006/12/18


Lets say you pass off your domain to someone with "www.domain.com" and some people will attempt to register or create an account via the http://www.domain.com.

Unless you registered your XOOPS url via the code as http://www.domain.com (which is usually avoided due to sub-domains and other functionalities disabled) whenever someone logs in with the www in the address bar, the form will refer them to the domain you set in your settings, WITH OUT logging them in.

There is a very simple fix. In the mainfile.php, near the bottom you will find this code:
foreach ( array('GLOBALS''_SESSION''HTTP_SESSION_VARS''_GET''HTTP_GET_VARS''_POST''HTTP_POST_VARS''_COOKIE''HTTP_COOKIE_VARS''_REQUEST''_SERVER''HTTP_SERVER_VARS''_ENV''HTTP_ENV_VARS''_FILES''HTTP_POST_FILES''xoopsDB''xoopsUser''xoopsUserId''xoopsUserGroups''xoopsUserIsAdmin''xoopsConfig''xoopsOption''xoopsModule''xoopsModuleConfig''xoopsRequestUri') as $bad_global ) {
        if ( isset( 
$_REQUEST[$bad_global] ) ) {
            
header'Location: '.XOOPS_URL.'/' );
            exit();
        }
    }


Replace with the code below. (the only thing added was a period after the "Location: "), sub-domains, and wild card domain prefixes (*.domain.com) will read the cookies that were created on the main page...
foreach ( array('GLOBALS''_SESSION''HTTP_SESSION_VARS''_GET''HTTP_GET_VARS''_POST''HTTP_POST_VARS''_COOKIE''HTTP_COOKIE_VARS''_REQUEST''_SERVER''HTTP_SERVER_VARS''_ENV''HTTP_ENV_VARS''_FILES''HTTP_POST_FILES''xoopsDB''xoopsUser''xoopsUserId''xoopsUserGroups''xoopsUserIsAdmin''xoopsConfig''xoopsOption''xoopsModule''xoopsModuleConfig''xoopsRequestUri') as $bad_global ) {
        if ( isset( 
$_REQUEST[$bad_global] ) ) {
            
header'Location: .'.XOOPS_URL.'/' );
            exit();
        }
    }


This also helps for servers that don't use sessions as they should.

Login

Who's Online

321 user(s) are online (267 user(s) are browsing Support Forums)


Members: 0


Guests: 321


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits