From a7caf1e06021c106514d0d9cb7d83bcfebc656f4 Mon Sep 17 00:00:00 2001 From: Shish Date: Thu, 8 Oct 2009 13:59:12 +0100 Subject: [PATCH] prefixed cookies --- core/util.inc.php | 38 +++++++++++++++++++++++++++++++++++--- ext/setup/main.php | 1 + ext/user/main.php | 6 +++--- 3 files changed, 39 insertions(+), 6 deletions(-) diff --git a/core/util.inc.php b/core/util.inc.php index 3788403a..3e00e2ff 100644 --- a/core/util.inc.php +++ b/core/util.inc.php @@ -308,6 +308,33 @@ function get_session_ip($config) { return $addr; } +/** + * similar to $_COOKIE[$name], but $name has the site-wide cookie + * prefix prepended to it, eg username -> shm_username, to prevent + * conflicts from multiple installs within one domain. + */ +function get_prefixed_cookie($name) { + global $config; + $full_name = $config->get_string('cookie_prefix','shm')."_".$name; + if(isset($_COOKIE[$full_name])) { + return $_COOKIE[$full_name]; + } + else { + return null; + } +} + +/** + * The counterpart for get_prefixed_cookie, this works like php's + * setcookie method, but prepends the site-wide cookie prefix to + * the $name argument before doing anything. + */ +function set_prefixed_cookie($name, $value, $time, $path) { + global $config; + $full_name = $config->get_string('cookie_prefix','shm')."_".$name; + setcookie($full_name, $value, $time, $path); +} + /** * Figure out the path to the shimmie install root. * @@ -709,8 +736,8 @@ function _get_page_request() { function _get_user() { global $config, $database; $user = null; - if(isset($_COOKIE["shm_user"]) && isset($_COOKIE["shm_session"])) { - $tmp_user = User::by_session($_COOKIE["shm_user"], $_COOKIE["shm_session"]); + if(get_prefixed_cookie("user") && get_prefixed_cookie("session")) { + $tmp_user = User::by_session(get_prefixed_cookie("user"), get_prefixed_cookie("session")); if(!is_null($tmp_user)) { $user = $tmp_user; } @@ -728,7 +755,12 @@ $_cache_memcache = false; $_cache_filename = null; function _cache_active() { - return ((CACHE_MEMCACHE || CACHE_DIR) && $_SERVER["REQUEST_METHOD"] == "GET" && !isset($_COOKIE["shm_session"]) && !isset($_COOKIE["shm_nocache"])); + return ( + (CACHE_MEMCACHE || CACHE_DIR) && + $_SERVER["REQUEST_METHOD"] == "GET" && + !get_prefixed_cookie("session") && + !get_prefixed_cookie("nocache") + ); } function _start_cache() { diff --git a/ext/setup/main.php b/ext/setup/main.php index b8376fb6..313c435b 100644 --- a/ext/setup/main.php +++ b/ext/setup/main.php @@ -165,6 +165,7 @@ class Setup extends SimpleExtension { $config->set_default_string("theme", "default"); $config->set_default_bool("use_autodate", true); $config->set_default_string("use_autodate", "F j, Y"); + $config->set_default_string("cookie_prefix", "shm"); } public function onPageRequest($event) { diff --git a/ext/user/main.php b/ext/user/main.php index dec2e894..4816db7e 100644 --- a/ext/user/main.php +++ b/ext/user/main.php @@ -72,7 +72,7 @@ class UserPage extends SimpleExtension { } } else if($event->get_arg(0) == "logout") { - setcookie("shm_session", "", time()+60*60*24*$config->get_int('login_memory'), "/"); + set_prefixed_cookie("session", "", time()+60*60*24*$config->get_int('login_memory'), "/"); log_info("user", "Logged out"); $page->set_mode("redirect"); $page->set_redirect(make_link()); @@ -275,9 +275,9 @@ class UserPage extends SimpleExtension { $addr = get_session_ip($config); $hash = md5(strtolower($name) . $pass); - setcookie("shm_user", $name, + set_prefixed_cookie("user", $name, time()+60*60*24*365, '/'); - setcookie("shm_session", md5($hash.$addr), + set_prefixed_cookie("session", md5($hash.$addr), time()+60*60*24*$config->get_int('login_memory'), '/'); } //}}}