From: stekkel Date: Sun, 13 Nov 2005 19:29:48 +0000 (+0000) Subject: Remove double Path from set-cookie header, add expires value because php use X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=6f9fa51aafde8824af161595c85895ba21609e00;p=squirrelmail.git Remove double Path from set-cookie header, add expires value because php use it too in the setcookie function. git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@10362 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- diff --git a/functions/global.php b/functions/global.php index 610a9b2e..59b3fc96 100644 --- a/functions/global.php +++ b/functions/global.php @@ -226,6 +226,9 @@ function sqsession_destroy() { if (!empty( $sessid )) { $_SESSION = array(); @session_destroy(); + session_regenerate_id(true); + sqsetcookie(session_name(), '', 0, $base_uri); + session_write_close(); } } @@ -278,13 +281,16 @@ function sqsession_start() { function sqsetcookie($sName,$sValue,$iExpire=false,$sPath="",$sDomain="",$bSecure=false,$bHttpOnly=true) { $sHeader = "Set-Cookie: $sName=$sValue"; if ($sPath) { - $sHeader .= "; Path=\"$sPath\""; + $sHeader .= "; path=$sPath"; } - if ($iExpire !==false) { + if ($iExpire !== false) { $sHeader .= "; Max-Age=$iExpire"; - } - if ($sPath) { - $sHeader .= "; Path=$sPath"; + // php uses Expire header, also add the expire header + if ($iExpire === 0) { + $sHeader .= "; expires=". date("r",time() - 3600); + } else { + $sHeader .= "; expires=". date("r",$iExpire); + } } if ($sDomain) { $sHeader .= "; Domain=$sDomain"; @@ -295,11 +301,51 @@ function sqsetcookie($sName,$sValue,$iExpire=false,$sPath="",$sDomain="",$bSecur if ($bHttpOnly) { $sHeader .= "; HttpOnly"; } - $sHeader .= "; Version=1"; + // $sHeader .= "; Version=1"; header($sHeader); } +function php_combined_lcg() { + $tv = gettimeofday(); + $lcg['s1'] = $tv['sec'] ^ (~$tv['usec']); + $lcg['s2'] = posix_getpid(); + + $q = (int) ($lcg['s1'] / 53668); + $lcg['s1'] = (int) (40014 * ($lcg['s1'] - 53668 * $q) - 12211 * $q); + if ($lcg['s1'] < 0) + $lcg['s1'] += 2147483563; + + $q = (int) ($lcg['s2'] / 52774); + $lcg['s2'] = (int) (40692 * ($lcg['s2'] - 52774 * $q) - 3791 * $q); + if ($lcg['s2'] < 0) + $lcg['s2'] += 2147483399; + + $z = (int) ($lcg['s1'] - $lcg['s2']); + if ($z < 1) { + $z += 2147483562; + } + + return $z * 4.656613e-10; +} + + +if (!function_exists('session_regenerate_id')) { + + function session_regenerate_id() { + global $base_uri; + + $tv = gettimeofday(); + $buf = sprintf("%.15s%ld%ld%0.8f", $_SERVER['REMOTE_ADDR'], $tv['sec'], $tv['usec'], php_combined_lcg() * 10); + $sessid = session_id(md5($buf)); + if (ini_get('session.use_cookies')) { + if (isset($_COOKIE[session_name()])) sqsetcookie(session_name(), $sessid, 0, $base_uri); + } + return true; + } +} + + /** * php_self *