Project

General

Profile

Bug #484

Login failed on site with multiple sudomains

Added by Anonymous over 7 years ago. Updated over 7 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
December 10, 2012
Due date:
% Done:

100%

Estimated time:

Description

If the script is installed to a site with multiple sudomains logging in is not possible.

History

#1

Updated by Anonymous over 7 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

commit:be69d73

To avoid the problem replace the code in system.php:

if (isset($_SERVER['HTTP_HOST']) && strpos($_SERVER['HTTP_HOST'], '.') && !filter_var($_SERVER['HTTP_HOST'], FILTER_VALIDATE_IP))
{
    $domain = $_SERVER['HTTP_HOST'];
    $chunks = array_reverse(explode('.', $domain));
    if (count($chunks) > 2)
    {
        if (!in_array($chunks[1], array('co', 'com', 'net', 'org', 'gov', 'ltd', 'ac', 'edu')))
        {
            $domain = implode('.', array($chunks[1], $chunks[0]));
        }
        elseif ($chunks[2] != 'www')
        {
            $domain = implode('.', array($chunks[2], $chunks[1], $chunks[0]));
        }
    }
    $domain = '.' . $domain;
    session_set_cookie_params(0, '/', $domain);
}

with:

if (isset($_SERVER['HTTP_HOST']) && strpos($_SERVER['HTTP_HOST'], '.') && !filter_var($_SERVER['HTTP_HOST'], FILTER_VALIDATE_IP))
{
    $domain = $_SERVER['HTTP_HOST'];
    $chunks = array_reverse(explode('.', $domain));
    if (count($chunks) > 2)
    {
        if (!in_array($chunks[1], array('co', 'com', 'net', 'org', 'gov', 'ltd', 'ac', 'edu')))
        {
            $domain = implode('.', array($chunks[1], $chunks[0]));

            if ($chunks[2] != 'www')
            {
                $domain = implode('.', array($chunks[2], $chunks[1], $chunks[0]));
            }
        }
    }
    $domain = '.' . $domain;

    session_set_cookie_params(0, '/', $domain);
}

Also available in: Atom PDF