diff --git a/dist/formulaires/login.html b/dist/formulaires/login.html
index 5ba7fc9e5ac10d35305a9654a475d969d97bbd18..911831b491bfc711788808ebbb5062af901b2a39 100644
--- a/dist/formulaires/login.html
+++ b/dist/formulaires/login.html
@@ -47,9 +47,11 @@ document.write("<p><:login_login:> <strong>[(#ENV{login_alt})]<" + "/strong
<p><label[ for="var_login_(#ENV{login})"]><:login_pass2:></label><br />
<input type="password" class="forml" name="session_password"[ id="var_login_(#ENV{login})"] value="" size="20" /></p>
+
+[(#ENV{rester_connecte})
<p><input type="checkbox" name="session_remember" id="session[_(#ENV{login})]" value="oui"[(#ENV*{prefs}|filtre_rester_connecte)checked="checked"]/>
<label for="session[_(#ENV{login})]"><:login_rester_identifie:></label></p>
-
+]
<input type="hidden" name="session_password_md5" value="" />
<input type="hidden" name="next_session_password_md5" value="" />
<input type="hidden" name="essai_login" value="oui" />
diff --git a/ecrire/action/converser.php b/ecrire/action/converser.php
index 31c9e17a82b09912461b15ff72fd37a655874d4b..5552d4f985f1b2d72267564d4497eb973189cb16 100644
--- a/ecrire/action/converser.php
+++ b/ecrire/action/converser.php
@@ -31,10 +31,11 @@ function action_converser_dist()
$GLOBALS['auteur_session']['lang'] = $lang;
$session = charger_fonction('session', 'inc');
if ($spip_session = $session($GLOBALS['auteur_session'])) {
- preg_match(',^[^/]*//[^/]*(.*)/$,',
- url_de_base(),
- $r);
- spip_setcookie('spip_session', $spip_session, time() + 3600 * 24 * 14, $r[1]);
+ spip_setcookie(
+ 'spip_session',
+ $spip_session,
+ time() + 3600 * 24 * 14
+ );
}
}
action_converser_post($lang, 'spip_lang_ecrire');
diff --git a/ecrire/action/cookie.php b/ecrire/action/cookie.php
index e09005b24df00dcc33efb27229f601d6ca8c1de4..7b7c7eda643eea75fa8b1f2b71394bc4590635ab 100644
--- a/ecrire/action/cookie.php
+++ b/ecrire/action/cookie.php
@@ -70,7 +70,8 @@ function action_cookie_dist() {
if (strpos($redirect,_DIR_RESTREINT_ABS)!==false)
$redirect = generer_url_public('login',
"var_login=$session_login", true);
- if (_request('session_password') OR _request('session_password_md5'))
+ if (_request('session_password')
+ OR _request('session_password_md5'))
$redirect = parametre_url($redirect, 'var_erreur', 'pass', '&');
$redirect .= '&url=' . rawurlencode($url);
spip_log("echec login: $session_login");
diff --git a/ecrire/balise/login_public.php b/ecrire/balise/login_public.php
index b0c5bc60012f46d09aa4056442376ca75d28b181..100faffe88fd3caf7b7cd4c5ed2c7f2d0e4b31c4 100644
--- a/ecrire/balise/login_public.php
+++ b/ecrire/balise/login_public.php
@@ -98,7 +98,7 @@ function login_pour_tous($login, $cible, $action) {
$echec_visiteur = _request('var_echec_visiteur')?' ':'';
- $pose_cookie = generer_url_public('spip_cookie');
+ $pose_cookie = generer_url_action('cookie');
$auth_http = '';
if ($echec_cookie AND !$ignore_auth_http) {
if (($GLOBALS['flag_sapi_name']
@@ -151,6 +151,10 @@ function login_pour_tous($login, $cible, $action) {
if (_request('var_erreur') == 'pass')
$erreur = _T('login_erreur_pass');
+ // Ne pas proposer de "rester connecte quelques jours"
+ // si la duree de l'alea est inferieure a 12 h (valeur par defaut)
+ $rester_connecte = (_RENOUVELLE_ALEA < 12*3600) ? '' : ' ';
+
// Appeler le squelette formulaire_login
return array('formulaires/login', $GLOBALS['delais'],
array_merge(
@@ -165,7 +169,8 @@ function login_pour_tous($login, $cible, $action) {
'echec_visiteur' => $echec_visiteur,
'login' => $login,
'login_alt' => (isset($login_alt) ? $login_alt : $login),
- 'self' => str_replace('&', '&', self())
+ 'self' => str_replace('&', '&', self()),
+ 'rester_connecte' => $rester_connecte
)
)
);
diff --git a/ecrire/exec/accueil.php b/ecrire/exec/accueil.php
index 4cbdec9028fbf0fd64597361fd2aa6372c2583d7..4b4bce9cb4f54ac79e0cea8a390db1b11228278b 100644
--- a/ecrire/exec/accueil.php
+++ b/ecrire/exec/accueil.php
@@ -191,7 +191,7 @@ function colonne_droite_neq4($id_rubrique, $activer_breves, $activer_sites, $art
if (!@$_COOKIE['spip_admin']) {
$cookie = rawurlencode("@$connect_login");
$retour = rawurlencode(_DIR_RESTREINT_ABS . _SPIP_ECRIRE_SCRIPT);
- $lien = generer_url_public('spip_cookie', "cookie_admin=$cookie&url=$retour");
+ $lien = generer_url_action('cookie', "cookie_admin=$cookie&url=$retour");
$gadget .= "<div> </div>".
"<table width='95%'><tr>".
"<td style='width: 100%'>".
@@ -248,7 +248,7 @@ function personnel_accueil($coockcookie)
//
if ($coockcookie) {
- $lien = generer_url_public("spip_cookie", "cookie_admin=non&url=".rawurlencode(_DIR_RESTREINT_ABS . _SPIP_ECRIRE_SCRIPT));
+ $lien = generer_url_action('cookie', "cookie_admin=non&url=".rawurlencode(_DIR_RESTREINT_ABS . _SPIP_ECRIRE_SCRIPT));
$t = _T('icone_supprimer_cookie');
$t = icone_horizontale($t, $lien, "cookie-24.gif", "", false);
if ($GLOBALS['spip_display'] != 1)
diff --git a/ecrire/inc/actions.php b/ecrire/inc/actions.php
index aeacfb092baf7d36575dead9ba605a5581730355..c2a75325f3bc96b2dc483129efd07b8687cd3093 100644
--- a/ecrire/inc/actions.php
+++ b/ecrire/inc/actions.php
@@ -299,7 +299,7 @@ function ask_php_auth($pb, $raison, $retour, $url='', $re='', $lien='') {
$ici = generer_url_ecrire();
echo "<b>$pb</b><p>$raison</p>[<a href='$ici'>$retour</a>] ";
if ($url) {
- echo "[<a href='", generer_url_public('spip_cookie',"essai_auth_http=oui&$url"), "'>$re</a>]";
+ echo "[<a href='", generer_url_action('cookie',"essai_auth_http=oui&$url"), "'>$re</a>]";
}
if ($lien)
diff --git a/ecrire/inc/auth.php b/ecrire/inc/auth.php
index 9760956d3fbc751166a70e57aeed5c8e1d966716..88f76c281f9f324342252decfb06c6d3369110e7 100644
--- a/ecrire/inc/auth.php
+++ b/ecrire/inc/auth.php
@@ -171,12 +171,11 @@ function inc_auth_dist() {
$session = charger_fonction('session', 'inc');
if ($spip_session = $session($row)) {
include_spip('inc/cookie');
- preg_match(',^[^/]*//[^/]*(.*)/$,',
- url_de_base(),
- $r);
- spip_setcookie('spip_session',
+ spip_setcookie(
+ 'spip_session',
$_COOKIE['spip_session'] = $spip_session,
- time() + 3600 * 24 * 14, $r[1]);
+ time() + 3600 * 24 * 14
+ );
}
}
diff --git a/ecrire/inc/config.php b/ecrire/inc/config.php
index e6d0bed573476b183bb46fd72db07a79d7df96a3..4fb26b8ced878d98e4df04fae1205c13272e6a97 100644
--- a/ecrire/inc/config.php
+++ b/ecrire/inc/config.php
@@ -82,11 +82,6 @@ function init_config() {
$modifs = true;
}
- /*if (isset($GLOBALS['meta']['nouvelle_install']) && $GLOBALS['meta']['nouvelle_install'] == 'oui') {
- effacer_meta('nouvelle_install');
- $modifs = true;
- }*/
-
if ($modifs) ecrire_metas();
include_spip('inc/rubriques');
diff --git a/ecrire/inc/cookie.php b/ecrire/inc/cookie.php
index 7ae79a588a1434bf5beed5b12f4f01cedb824b86..6009d93aedbd5d964a022f6a888b7914d5982495 100644
--- a/ecrire/inc/cookie.php
+++ b/ecrire/inc/cookie.php
@@ -18,7 +18,10 @@ if (!defined("_ECRIRE_INC_VERSION")) return;
// http://doc.spip.org/@spip_setcookie
function spip_setcookie ($name='', $value='', $expire=0, $path='AUTO', $domain='', $secure='') {
$name = preg_replace ('/^spip_/', $GLOBALS['cookie_prefix'].'_', $name);
- if ($path == 'AUTO') $path=$GLOBALS['cookie_path'];
+ if ($path == 'AUTO')
+ $path = preg_replace(',^\w+://[^/]*,', '', url_de_base());
+
+spip_log("path cookie = $path");
if ($secure)
@setcookie ($name, $value, $expire, $path, $domain, $secure);
diff --git a/ecrire/inc/lang.php b/ecrire/inc/lang.php
index e27ae337952e9c291b70529cd0191c141aba93b4..fa7f731609c5a1fcf420e8b0b6943c66a7202404 100644
--- a/ecrire/inc/lang.php
+++ b/ecrire/inc/lang.php
@@ -203,8 +203,11 @@ function verifier_lang_url() {
AND changer_langue($lang_demandee)
AND $lang_demandee != @$_GET['lang']) {
$destination = parametre_url(self(),'lang', $lang_demandee, '&');
- if (isset($GLOBALS['var_mode']))
- $destination = parametre_url($destination, 'var_mode', $GLOBALS['var_mode'], '&');
+ // ici on a besoin des var_truc
+ foreach ($_GET as $var => $val) {
+ if (!strncmp('var_', $var, 4))
+ $destination = parametre_url($destination, $var, $val, '&');
+ }
include_spip('inc/headers');
redirige_par_entete($destination);
}
diff --git a/ecrire/inc/session.php b/ecrire/inc/session.php
index 7e101721d4e8a3fae61d54f81812eb4f492e4263..8dbe19578bd8b69cd2b5ac8fe685aa63dd0b9023 100644
--- a/ecrire/inc/session.php
+++ b/ecrire/inc/session.php
@@ -69,11 +69,11 @@ function ajouter_session($auteur) {
redirige_par_entete(generer_test_dirs(_DIR_SESSIONS,true));
} else {
include_spip('inc/cookie');
- preg_match(',^[^/]*//[^/]*(.*)/.*/$,', url_de_base(), $r);
-
- spip_setcookie('spip_session', $_COOKIE['spip_session'],
- time() + 20 * _RENOUVELLE_ALEA,
- $r[1]);
+ spip_setcookie(
+ 'spip_session',
+ $_COOKIE['spip_session'],
+ time() + 20 * _RENOUVELLE_ALEA
+ );
spip_log("ajoute session $fichier_session");
return $_COOKIE['spip_session'];
}
diff --git a/ecrire/inc/utils.php b/ecrire/inc/utils.php
index 321f8aa0752d33b25a830d1245655a8d25dd9514..c6f2f64f364999a09845f955c3e9c51d232f8a81 100644
--- a/ecrire/inc/utils.php
+++ b/ecrire/inc/utils.php
@@ -1247,7 +1247,7 @@ function spip_initialisation($pi=NULL, $pa=NULL, $ti=NULL, $ta=NULL) {
include_once _DIR_RESTREINT . 'inc/flock.php';
// Duree de validite de l'alea pour les cookies et ce qui s'ensuit.
- define('_RENOUVELLE_ALEA', 4 * 3600);
+ define('_RENOUVELLE_ALEA', 12 * 3600);
// Lire les meta cachees et init noyau (espace public uniquement)
diff --git a/ecrire/inc_version.php b/ecrire/inc_version.php
index 988614e93ea294a00dc55c7fd7407e3438197950..31686cbbc2d70f1013bca64c59a09635c45186c3 100644
--- a/ecrire/inc_version.php
+++ b/ecrire/inc_version.php
@@ -93,10 +93,9 @@ $taille_des_logs = 100;
// (a modifier pour avoir plusieurs sites SPIP dans une seule base)
$table_prefix = "spip";
-// Prefixe et chemin des cookies
+// Prefixe des cookies
// (a modifier pour installer des sites SPIP dans des sous-repertoires)
$cookie_prefix = "spip";
-$cookie_path = "";
// Dossier des squelettes
// (a modifier si l'on veut passer rapidement d'un jeu de squelettes a un autre)
diff --git a/ecrire/prive.php b/ecrire/prive.php
index 5ccd9feac495cd165b3b281497c0f9dac1b439e4..b22f98b7690893709b76527c032ff099ee052416 100644
--- a/ecrire/prive.php
+++ b/ecrire/prive.php
@@ -24,10 +24,7 @@ if ($auth) {
include_spip('inc/headers');
if ($auth == '6forum') {
$auth = '../?' . $_SERVER['QUERY_STRING'];
- preg_match(',^[^/]*//[^/]*(.*)/.*/$,',
- url_de_base(),
- $r);
- spip_setcookie('spip_session', $_COOKIE['spip_session'], time() + 3600 * 24 * 14, $r[1]);
+ spip_setcookie('spip_session', $_COOKIE['spip_session'], time() + 3600 * 24 * 14);
} else
$auth = generer_url_public('login',
"url=" .
diff --git a/ecrire/public.php b/ecrire/public.php
index 27c7cb659c6f6ae9c6fbcfd76a9a7aea66c53c59..88406b7e6a29a2434a6417314b8e85cf054d576c 100644
--- a/ecrire/public.php
+++ b/ecrire/public.php
@@ -60,7 +60,8 @@ if (defined('_INC_PUBLIC')) {
redirige_par_entete(urldecode($redirect));
else if (!headers_sent()) {
http_status(204);
- spip_log("action $action renvoie status 204");
+ # trop verbeux : chaque cron() provoque un 204
+ # spip_log("action $action renvoie status 204");
} else {
spip_log("action $action renvoie du contenu");
}