never use full URL in cookie paths FS#1146

Introduces a DOKU_REL constant always pointing to the DokuWiki directory regardless of the used canonical setting. darcs-hash:20070603191451-7ad00-a5227a3632b3337f5da90551d3166d9b5db56638.gz
author: Andreas Gohr <andi@splitbrain.org> 2007-06-03 21:14:51 +0200
committer: Andreas Gohr <andi@splitbrain.org> 2007-06-03 21:14:51 +0200
commit: 4b1a4e046d9d5cf2cf918f4f73d48046648efdb8 (patch)
tree: b6e1987cfc16fd4d0cbde18a52fe376b68094444 /inc/auth.php
parent: 2d3d74fe83941849c0ffeeaaff3b93561fbfdc25 (diff)
download: rpg-4b1a4e046d9d5cf2cf918f4f73d48046648efdb8.tar.gz
rpg-4b1a4e046d9d5cf2cf918f4f73d48046648efdb8.tar.bz2
1 files changed, 2 insertions, 2 deletions
diff --git a/inc/auth.php b/inc/auth.php
index 6e9a2908f..2511516c2 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -131,7 +131,7 @@ function auth_login($user,$pass,$sticky=false,$silent=false){
       $pass   = PMA_blowfish_encrypt($pass,auth_cookiesalt());
       $cookie = base64_encode("$user|$sticky|$pass");
       if($sticky) $time = time()+60*60*24*365; //one year
-      setcookie(DOKU_COOKIE,$cookie,$time,'/');
+      setcookie(DOKU_COOKIE,$cookie,$time,DOKU_REL);
 
       // set session
       $_SESSION[DOKU_COOKIE]['auth']['user'] = $user;
@@ -240,7 +240,7 @@ function auth_logoff(){
   if(isset($_SERVER['REMOTE_USER']))
     unset($_SERVER['REMOTE_USER']);
   $USERINFO=null; //FIXME
-  setcookie(DOKU_COOKIE,'',time()-600000,'/');
+  setcookie(DOKU_COOKIE,'',time()-600000,DOKU_REL);
 
   if($auth && $auth->canDo('logoff')){
     $auth->logOff();
author	Andreas Gohr <andi@splitbrain.org>	2007-06-03 21:14:51 +0200
committer	Andreas Gohr <andi@splitbrain.org>	2007-06-03 21:14:51 +0200
commit	4b1a4e046d9d5cf2cf918f4f73d48046648efdb8 (patch)
tree	b6e1987cfc16fd4d0cbde18a52fe376b68094444 /inc/auth.php
parent	2d3d74fe83941849c0ffeeaaff3b93561fbfdc25 (diff)
download	rpg-4b1a4e046d9d5cf2cf918f4f73d48046648efdb8.tar.gz rpg-4b1a4e046d9d5cf2cf918f4f73d48046648efdb8.tar.bz2