Juse send the cookies in the ownCloud directory

This commit is contained in:
Lukas Reschke 2013-04-06 00:16:52 +02:00
parent 6798b6dc34
commit fbffbe0170
2 changed files with 7 additions and 4 deletions

View File

@ -323,6 +323,9 @@ class OC {
// prevents javascript from accessing php session cookies
ini_set('session.cookie_httponly', '1;');
// set the cookie path to the ownCloud directory
ini_set('session.cookie_path', OC::$WEBROOT);
// set the session name to the instance id - which is unique
session_name(OC_Util::getInstanceId());
@ -354,7 +357,7 @@ class OC {
// session timeout
if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 60*60*24)) {
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time() - 42000, '/');
setcookie(session_name(), '', time() - 42000, OC::$WEBROOT);
}
session_unset();
session_destroy();

View File

@ -633,9 +633,9 @@ class OC_User {
public static function setMagicInCookie($username, $token) {
$secure_cookie = OC_Config::getValue("forcessl", false);
$expires = time() + OC_Config::getValue('remember_login_cookie_lifetime', 60*60*24*15);
setcookie("oc_username", $username, $expires, '', '', $secure_cookie);
setcookie("oc_token", $token, $expires, '', '', $secure_cookie, true);
setcookie("oc_remember_login", true, $expires, '', '', $secure_cookie);
setcookie("oc_username", $username, $expires, OC::$WEBROOT, '', $secure_cookie);
setcookie("oc_token", $token, $expires, OC::$WEBROOT, '', $secure_cookie, true);
setcookie("oc_remember_login", true, $expires, OC::$WEBROOT, '', $secure_cookie);
}
/**