Changeset 2757


Ignore:
Timestamp:
Oct 16, 2008, 2:38:26 AM (16 years ago)
Author:
rvelices
Message:

merge 2755 and 2756 from branch 2.0 to trunk

Location:
trunk
Files:
6 edited

Legend:

Unmodified
Added
Removed

  • trunk/comments.php

    r2299 r2757  
    6666$page['sort_by'] = 'date';
    6767// if the form was submitted, it overloads default behaviour
    68 if (isset($_GET['sort_by']))
     68if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
    6969{
    7070  $page['sort_by'] = $_GET['sort_by'];
     
    7575$page['sort_order'] = 'DESC';
    7676// if the form was submitted, it overloads default behaviour
    77 if (isset($_GET['sort_order']))
     77if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
    7878{
    7979  $page['sort_order'] = $_GET['sort_order'];

  • trunk/include/functions_session.inc.php

    r2521 r2757  
    6767    ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
    6868    ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid']));
     69    ini_set('session.cookie_httponly', 1);
    6970  }
    7071  session_name($conf['session_name']);

  • trunk/include/functions_user.inc.php

    r2752 r2757  
    10141014    {
    10151015      $cookie = $user_id.'-'.$now.'-'.$key;
    1016       setcookie($conf['remember_me_name'],
     1016      if (version_compare(PHP_VERSION, '5.2', '>=') )
     1017      {
     1018        setcookie($conf['remember_me_name'],
    10171019            $cookie,
    10181020            time()+$conf['remember_me_length'],
    1019             cookie_path()
     1021            cookie_path(),ini_get('session.cookie_domain'),ini_get('session.cookie_secure'),
     1022            ini_get('session.cookie_httponly')
    10201023          );
     1024      }
     1025      else
     1026      {
     1027        setcookie($conf['remember_me_name'],
     1028            $cookie,
     1029            time()+$conf['remember_me_length'],
     1030            cookie_path(),ini_get('session.cookie_domain'),ini_get('session.cookie_secure')
     1031          );
     1032      }
    10211033    }
    10221034  }
    10231035  else
    10241036  { // make sure we clean any remember me ...
    1025     setcookie($conf['remember_me_name'], '', 0, cookie_path());
     1037    setcookie($conf['remember_me_name'], '', 0, cookie_path(),ini_get('session.cookie_domain'));
    10261038  }
    10271039  if ( session_id()!="" )
     
    10631075      }
    10641076    }
    1065     setcookie($conf['remember_me_name'], '', 0, cookie_path());
     1077    setcookie($conf['remember_me_name'], '', 0, cookie_path(),ini_get('session.cookie_domain'));
    10661078  }
    10671079  return false;
     
    10911103  trigger_action('login_failure', $username);
    10921104  return false;
     1105}
     1106
     1107/** Performs all the cleanup on user logout */
     1108function logout_user()
     1109{
     1110  global $conf;
     1111  $_SESSION = array();
     1112  session_unset();
     1113  session_destroy();
     1114  setcookie(session_name(),'',0,
     1115      ini_get('session.cookie_path'),
     1116      ini_get('session.cookie_domain')
     1117    );
     1118  setcookie($conf['remember_me_name'], '', 0, cookie_path(),ini_get('session.cookie_domain'));
    10931119}
    10941120

  • trunk/include/user.inc.php

    r2425 r2757  
    3030  if (isset($_GET['act']) and $_GET['act'] == 'logout')
    3131  { // logout
    32     $_SESSION = array();
    33     session_unset();
    34     session_destroy();
    35     setcookie(session_name(),'',0,
    36         ini_get('session.cookie_path'),
    37         ini_get('session.cookie_domain')
    38       );
    39     setcookie($conf['remember_me_name'], '', 0, cookie_path());
     32    logout_user();
    4033    redirect(make_index_url());
    4134  }

  • trunk/include/ws_functions.inc.php

    r2683 r2757  
    11881188function ws_session_logout($params, &$service)
    11891189{
    1190   global $user, $conf;
    11911190  if (!is_a_guest())
    11921191  {
    1193     $_SESSION = array();
    1194     session_unset();
    1195     session_destroy();
    1196     setcookie(session_name(),'',0,
    1197         ini_get('session.cookie_path'),
    1198         ini_get('session.cookie_domain')
    1199       );
    1200     setcookie($conf['remember_me_name'], '', 0, cookie_path());
     1192    logout_user();
    12011193  }
    12021194  return true;
     
    14361428
    14371429  invalidate_user_cache();
    1438  
     1430
    14391431  return $creation_output;
    14401432}
     
    14741466    PREG_SPLIT_NO_EMPTY
    14751467    );
    1476  
     1468
    14771469  $query = '
    14781470SELECT
     
    14801472    md5sum
    14811473  FROM '.IMAGES_TABLE.'
    1482   WHERE md5sum IN (\''.implode("','", $md5sums).'\') 
     1474  WHERE md5sum IN (\''.implode("','", $md5sums).'\')
    14831475;';
    14841476  $id_of_md5 = simple_hash_from_query($query, 'md5sum', 'id');
    14851477
    14861478  $result = array();
    1487  
     1479
    14881480  foreach ($md5sums as $md5sum)
    14891481  {

  • trunk/plugins/event_tracer/event_list.php

    r2254 r2757  
    1717          {
    1818            $files = array_merge($files, get_php_files($path.'/'.$node, $to_ignore));
    19            
     19
    2020          }
    2121          if ( is_file($path.'/'.$node) )
     
    4444  $code = preg_replace( '#\/\*.*\*\/#m', '', $code);
    4545  $code = preg_replace( '#\/\/.*#', '', $code);
    46  
     46
    4747  $count = preg_match_all(
    4848    '#[^a-zA-Z_$-]trigger_(action|event)\s*\(\s*([^,)]+)#m',
     
    5858}
    5959
    60 $sort= isset($_GET['sort']) ? $_GET['sort'] : 1;
     60$sort= isset($_GET['sort']) ? (int)$_GET['sort'] : 1;
    6161usort(
    6262  $events,
Note: See TracChangeset for help on using the changeset viewer.