prefixed cookies

2009-10-08 13:59:12 +01:00 · 2009-10-08 13:59:12 +01:00 · a7caf1e060
commit a7caf1e060
parent 0e2a0b6f68
3 changed files with 39 additions and 6 deletions
--- a/core/util.inc.php
+++ b/core/util.inc.php
@ -308,6 +308,33 @@ function get_session_ip($config) {
    return $addr;
 }

+/**
+ * similar to $_COOKIE[$name], but $name has the site-wide cookie
+ * prefix prepended to it, eg username -> shm_username, to prevent
+ * conflicts from multiple installs within one domain.
+ */
+function get_prefixed_cookie($name) {
+	global $config;
+	$full_name = $config->get_string('cookie_prefix','shm')."_".$name;
+	if(isset($_COOKIE[$full_name])) {
+		return $_COOKIE[$full_name];
+	}
+	else {
+		return null;
+	}
+}
+
+/**
+ * The counterpart for get_prefixed_cookie, this works like php's
+ * setcookie method, but prepends the site-wide cookie prefix to
+ * the $name argument before doing anything.
+ */
+function set_prefixed_cookie($name, $value, $time, $path) {
+	global $config;
+	$full_name = $config->get_string('cookie_prefix','shm')."_".$name;
+	setcookie($full_name, $value, $time, $path);
+}
+
 /**
 * Figure out the path to the shimmie install root.
 *
@ -709,8 +736,8 @@ function _get_page_request() {
 function _get_user() {
 	global $config, $database;
 	$user = null;
-	if(isset($_COOKIE["shm_user"]) && isset($_COOKIE["shm_session"])) {
-	    $tmp_user = User::by_session($_COOKIE["shm_user"], $_COOKIE["shm_session"]);
+	if(get_prefixed_cookie("user") && get_prefixed_cookie("session")) {
+	    $tmp_user = User::by_session(get_prefixed_cookie("user"), get_prefixed_cookie("session"));
 		if(!is_null($tmp_user)) {
 			$user = $tmp_user;
 		}
@ -728,7 +755,12 @@ $_cache_memcache = false;
 $_cache_filename = null;

 function _cache_active() {
-	return ((CACHE_MEMCACHE || CACHE_DIR) && $_SERVER["REQUEST_METHOD"] == "GET" && !isset($_COOKIE["shm_session"]) && !isset($_COOKIE["shm_nocache"]));
+	return (
+		(CACHE_MEMCACHE || CACHE_DIR) &&
+		$_SERVER["REQUEST_METHOD"] == "GET" &&
+		!get_prefixed_cookie("session") &&
+		!get_prefixed_cookie("nocache")
+	);
 }

 function _start_cache() {
--- a/ext/setup/main.php
+++ b/ext/setup/main.php
@ -165,6 +165,7 @@ class Setup extends SimpleExtension {
 		$config->set_default_string("theme", "default");
 		$config->set_default_bool("use_autodate", true);
 		$config->set_default_string("use_autodate", "F j, Y");
+		$config->set_default_string("cookie_prefix", "shm");
 	}

 	public function onPageRequest($event) {
--- a/ext/user/main.php
+++ b/ext/user/main.php
@ -72,7 +72,7 @@ class UserPage extends SimpleExtension {
 				}
 			}
 			else if($event->get_arg(0) == "logout") {
-				setcookie("shm_session", "", time()+60*60*24*$config->get_int('login_memory'), "/");
+				set_prefixed_cookie("session", "", time()+60*60*24*$config->get_int('login_memory'), "/");
 				log_info("user", "Logged out");
 				$page->set_mode("redirect");
 				$page->set_redirect(make_link());
@ -275,9 +275,9 @@ class UserPage extends SimpleExtension {
 		$addr = get_session_ip($config);
 		$hash = md5(strtolower($name) . $pass);

-		setcookie("shm_user", $name,
+		set_prefixed_cookie("user", $name,
 				time()+60*60*24*365, '/');
-		setcookie("shm_session", md5($hash.$addr),
+		set_prefixed_cookie("session", md5($hash.$addr),
 				time()+60*60*24*$config->get_int('login_memory'), '/');
 	}
 //}}}