diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2006-02-05 02:22:16 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2006-02-05 02:22:16 +0000 |
| commit | 7473285c742ff94b3f5575453f35fb2e2a661889 (patch) | |
| tree | 365ddf5055fcc61016eed2a9d7324f7a4dfefe79 | |
| parent | 1e7684528e28aea6f30e31fa3f674d61e282df30 (diff) | |
| download | ampache-7473285c742ff94b3f5575453f35fb2e2a661889.tar.gz ampache-7473285c742ff94b3f5575453f35fb2e2a661889.tar.bz2 ampache-7473285c742ff94b3f5575453f35fb2e2a661889.zip | |
fixed session code
| -rwxr-xr-x | docs/CHANGELOG | 3 | ||||
| -rw-r--r-- | login.php | 1 | ||||
| -rw-r--r-- | modules/init.php | 2 | ||||
| -rw-r--r-- | modules/vauth/session.lib.php | 36 |
4 files changed, 29 insertions, 13 deletions
diff --git a/docs/CHANGELOG b/docs/CHANGELOG index a3751163..5c2d174b 100755 --- a/docs/CHANGELOG +++ b/docs/CHANGELOG @@ -4,6 +4,9 @@ -------------------------------------------------------------------------- v.3.3.2-Beta2 + - Fixed cookie code to account for violation of RFC's by IIS 5 where + in IIS 5 fails to send cookie header on a header redirect + (Thx Paul Webb) - Fixed verification of Batch Downloading, if ZLIB isn't detected it will not even give you the link - Added remember_length which defines the length that a 'remember me' @@ -28,6 +28,7 @@ $no_session = true; require_once("modules/init.php"); +vauth_session_cookie(); set_site_preferences(); /* Check for posted username and password */ diff --git a/modules/init.php b/modules/init.php index 71192f6a..5c830c64 100644 --- a/modules/init.php +++ b/modules/init.php @@ -80,7 +80,7 @@ if (!$results['allow_stream_playback']) { $results['raw_web_path'] = $results['web_path']; $results['web_path'] = $http_type . $_SERVER['HTTP_HOST'] . $results['web_path']; -$results['version'] = '3.3.2-Beta2 (Build 004)'; +$results['version'] = '3.3.2-Beta2 (Build 005)'; $results['catalog_file_pattern']= 'mp3|mpc|m4p|m4a|mp4|aac|ogg|rm|wma|asf|flac|spx|ra'; $results['http_port'] = $_SERVER['SERVER_PORT']; if (!$results['prefix']) { diff --git a/modules/vauth/session.lib.php b/modules/vauth/session.lib.php index fc935497..e27060a9 100644 --- a/modules/vauth/session.lib.php +++ b/modules/vauth/session.lib.php @@ -165,6 +165,28 @@ function vauth_get_session($key) { } // vauth_get_session +/** + * vauth_session_cookie + * This is seperated into it's own cookie because of some flaws in specific + * webservers *cough* IIS *cough* which prevent us from setting at cookie + * at the same time as a header redirect. As such on login view a cookie is set + */ +function vauth_session_cookie() { + + /* Set the Cookies Paramaters, this is very very important */ + $cookie_life = vauth_conf('cookie_life'); + $cookie_path = vauth_conf('cookie_path'); + $cookie_domain = vauth_conf('cookie_domain'); + $cookie_secure = vauth_conf('cookkie_secure'); + + session_set_cookie_params($cookie_life,$cookie_path,$cookie_domain,$cookie_secure); + + session_name(vauth_conf('session_name')); + + /* Start the Session */ + session_start(); + +} // vauth_session_cookie /** * vauth_session_create @@ -174,18 +196,8 @@ function vauth_get_session($key) { */ function vauth_session_create($data) { - /* Set the Cookies Paramaters, this is very very important */ - $cookie_life = vauth_conf('cookie_life'); - $cookie_path = vauth_conf('cookie_path'); - $cookie_domain = vauth_conf('cookie_domain'); - $cookie_secure = vauth_conf('cookkie_secure'); - - session_set_cookie_params($cookie_life,$cookie_path,$cookie_domain,$cookie_secure); - - session_name(vauth_conf('session_name')); - - /* Start the Session */ - session_start(); + /* function that creates the cookie for us */ + vauth_session_cookie(); /* Before a refresh we don't have the cookie, so use session_id() */ $key = session_id(); |