From e65afed4ffc61cc7ab0823a5ac0e7476e5158522 Mon Sep 17 00:00:00 2001 From: "Sameer D. Sahasrabuddhe" Date: Sat, 25 Jun 2005 10:22:04 +0200 Subject: separate cookies for multiple wikis on the same site auth.php now uses an md5 hash of the actual script location as cookie name. This way, multiple wikis on the same site will not smother each other's cookies. darcs-hash:20050625082204-4c533-a9a0a60a10eb20383e93cc76a7db88747dc0db32.gz --- inc/auth.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'inc/auth.php') diff --git a/inc/auth.php b/inc/auth.php index da3d770d1..30936d3d4 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -17,6 +17,8 @@ // load the the auth functions require_once(DOKU_INC.'inc/auth/'.$conf['authtype'].'.php'); + if (!defined('DOKU_COOKIE')) define('DOKU_COOKIE', md5($_SERVER['PHP_SELF'])); + // some ACL level defines define('AUTH_NONE',0); define('AUTH_READ',1); @@ -81,7 +83,7 @@ function auth_login($user,$pass,$sticky=false){ $pass = PMA_blowfish_encrypt($pass,auth_cookiesalt()); $cookie = base64_encode("$user|$sticky|$pass"); if($sticky) $time = time()+60*60*24*365; //one year - setcookie('DokuWikiAUTH',$cookie,$time,'/'); + setcookie(DOKU_COOKIE,$cookie,$time,'/'); // set session $_SESSION[$conf['title']]['auth']['user'] = $user; @@ -97,7 +99,7 @@ function auth_login($user,$pass,$sticky=false){ } }else{ // read cookie information - $cookie = base64_decode($_COOKIE['DokuWikiAUTH']); + $cookie = base64_decode($_COOKIE[DOKU_COOKIE]); list($user,$sticky,$pass) = split('\|',$cookie,3); // get session info $session = $_SESSION[$conf['title']]['auth']; @@ -181,7 +183,7 @@ function auth_logoff(){ unset($_SESSION[$conf['title']]['auth']['info']); unset($_SERVER['REMOTE_USER']); $USERINFO=null; //FIXME - setcookie('DokuWikiAUTH','',time()-600000,'/'); + setcookie(DOKU_COOKIE,'',time()-3600,'/'); } /** -- cgit v1.2.3