Merge pull request #19 from gbirke/master

Make cookie path configurable

6 files changed, 13 insertions, 7 deletions

diff --git a/inc/auth.php b/inc/auth.php
index a480a4a8a..eff984b36 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -348,10 +348,11 @@ function auth_logoff($keepbc=false){
         unset($_SERVER['REMOTE_USER']);
     $USERINFO=null; //FIXME
 
+    $cookieDir = empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir'];
     if (version_compare(PHP_VERSION, '5.2.0', '>')) {
-        setcookie(DOKU_COOKIE,'',time()-600000,DOKU_REL,'',($conf['securecookie'] && is_ssl()),true);
+        setcookie(DOKU_COOKIE,'',time()-600000,$cookieDir,'',($conf['securecookie'] && is_ssl()),true);
     }else{
-        setcookie(DOKU_COOKIE,'',time()-600000,DOKU_REL,'',($conf['securecookie'] && is_ssl()));
+        setcookie(DOKU_COOKIE,'',time()-600000,$cookieDir,'',($conf['securecookie'] && is_ssl()));
     }
 
     if($auth) $auth->logOff();
@@ -977,11 +978,12 @@ function auth_setCookie($user,$pass,$sticky) {
 
     // set cookie
     $cookie = base64_encode($user).'|'.((int) $sticky).'|'.base64_encode($pass);
+    $cookieDir = empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir'];
     $time = $sticky ? (time()+60*60*24*365) : 0; //one year
     if (version_compare(PHP_VERSION, '5.2.0', '>')) {
-        setcookie(DOKU_COOKIE,$cookie,$time,DOKU_REL,'',($conf['securecookie'] && is_ssl()),true);
+        setcookie(DOKU_COOKIE,$cookie,$time,$cookieDir,'',($conf['securecookie'] && is_ssl()),true);
     }else{
-        setcookie(DOKU_COOKIE,$cookie,$time,DOKU_REL,'',($conf['securecookie'] && is_ssl()));
+        setcookie(DOKU_COOKIE,$cookie,$time,$cookieDir,'',($conf['securecookie'] && is_ssl()));
     }
     // set session
     $_SESSION[DOKU_COOKIE]['auth']['user'] = $user;
diff --git a/inc/init.php b/inc/init.php
index 819d92bdc..dfa25f8b1 100644
--- a/inc/init.php
+++ b/inc/init.php
@@ -146,10 +146,11 @@ if ($conf['gzip_output'] &&
 // init session
 if (!headers_sent() && !defined('NOSESSION')){
     session_name("DokuWiki");
+    $cookieDir = empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir'];
     if (version_compare(PHP_VERSION, '5.2.0', '>')) {
-        session_set_cookie_params(0,DOKU_REL,'',($conf['securecookie'] && is_ssl()),true);
+        session_set_cookie_params(0,$cookieDir,'',($conf['securecookie'] && is_ssl()),true);
     }else{
-        session_set_cookie_params(0,DOKU_REL,'',($conf['securecookie'] && is_ssl()));
+        session_set_cookie_params(0,$cookieDir,'',($conf['securecookie'] && is_ssl()));
     }
     session_start();
 
diff --git a/lib/plugins/config/lang/de/lang.php b/lib/plugins/config/lang/de/lang.php
index cf9dca13a..b4746d757 100644
--- a/lib/plugins/config/lang/de/lang.php
+++ b/lib/plugins/config/lang/de/lang.php
@@ -50,6 +50,7 @@ $lang['dmode']                 = 'Rechte für neue Verzeichnisse';
 $lang['lang']                  = 'Sprache';
 $lang['basedir']               = 'Installationsverzeichnis';
 $lang['baseurl']               = 'Installationspfad (URL)';
+$lang['cookiedir']             = 'Cookiepfad. Frei lassen, um den gleichen Pfad wie "baseurl" zu benutzen.';
 $lang['savedir']               = 'Speicherverzeichnis';
 $lang['start']                 = 'Startseitenname';
 $lang['title']                 = 'Titel des Wikis';
diff --git a/lib/plugins/config/lang/en/lang.php b/lib/plugins/config/lang/en/lang.php
index e5dd4707a..8609e278f 100644
--- a/lib/plugins/config/lang/en/lang.php
+++ b/lib/plugins/config/lang/en/lang.php
@@ -58,6 +58,7 @@ $lang['lang']        = 'Interface language';
 $lang['basedir']     = 'Server path (eg. <code>/dokuwiki/</code>). Leave blank for autodetection.';
 $lang['baseurl']     = 'Server URL (eg. <code>http://www.yourserver.com</code>). Leave blank for autodetection.';
 $lang['savedir']     = 'Directory for saving data';
+$lang['cookiedir']   = 'Cookie path. Leave blank for using baseurl.';
 $lang['start']       = 'Start page name';
 $lang['title']       = 'Wiki title';
 $lang['template']    = 'Template';
diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php
index 71e9a7ebc..54fe2ad9c 100644
--- a/lib/plugins/config/settings/config.class.php
+++ b/lib/plugins/config/settings/config.class.php
@@ -341,7 +341,7 @@ if (!class_exists('setting')) {
     var $_input = NULL;             // only used by those classes which error check
 
     var $_cautionList = array(
-        'basedir' => 'danger', 'baseurl' => 'danger', 'savedir' => 'danger', 'useacl' => 'danger', 'authtype' => 'danger', 'superuser' => 'danger', 'userewrite' => 'danger',
+        'basedir' => 'danger', 'baseurl' => 'danger', 'savedir' => 'danger', 'cookiedir' => 'danger', 'useacl' => 'danger', 'authtype' => 'danger', 'superuser' => 'danger', 'userewrite' => 'danger',
         'start' => 'warning', 'camelcase' => 'warning', 'deaccent' => 'warning', 'sepchar' => 'warning', 'compression' => 'warning', 'xsendfile' => 'warning', 'renderer_xhtml' => 'warning', 'fnencode' => 'warning',
         'allowdebug' => 'security', 'htmlok' => 'security', 'phpok' => 'security', 'iexssprotect' => 'security', 'xmlrpc' => 'security', 'fullpath' => 'security'
     );
diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php
index abea1be1c..5f2c32ea7 100644
--- a/lib/plugins/config/settings/config.metadata.php
+++ b/lib/plugins/config/settings/config.metadata.php
@@ -95,6 +95,7 @@ $meta['license']  = array('license');
 $meta['savedir']  = array('savedir');
 $meta['basedir']  = array('string');
 $meta['baseurl']  = array('string');
+$meta['cookiedir'] = array('string');
 $meta['dmode']    = array('numeric','_pattern' => '/0[0-7]{3,4}/'); // only accept octal representation
 $meta['fmode']    = array('numeric','_pattern' => '/0[0-7]{3,4}/'); // only accept octal representation
 $meta['allowdebug']  = array('onoff');