From 1a7e1ecef9e773a65f459c7c521445d47d2ad143 Mon Sep 17 00:00:00 2001
From: Fil <fil@rezo.net>
Date: Sat, 12 May 2007 20:22:43 +0000
Subject: [PATCH] poser les cookies a la racine du site afficher le message
erreur de mot de passe meme pour une autre langue que celle du site (c'etait
casse) passe l'alea par defaut a 12h, et supprime la case de 'rester
connecte' si c'est inferieur
---
dist/formulaires/login.html | 4 +++-
ecrire/action/converser.php | 9 +++++----
ecrire/action/cookie.php | 3 ++-
ecrire/balise/login_public.php | 9 +++++++--
ecrire/exec/accueil.php | 4 ++--
ecrire/inc/actions.php | 2 +-
ecrire/inc/auth.php | 9 ++++-----
ecrire/inc/config.php | 5 -----
ecrire/inc/cookie.php | 5 ++++-
ecrire/inc/lang.php | 7 +++++--
ecrire/inc/session.php | 10 +++++-----
ecrire/inc/utils.php | 2 +-
ecrire/inc_version.php | 3 +--
ecrire/prive.php | 5 +----
ecrire/public.php | 3 ++-
15 files changed, 43 insertions(+), 37 deletions(-)
diff --git a/dist/formulaires/login.html b/dist/formulaires/login.html
index 5ba7fc9e5a..911831b491 100644
--- a/dist/formulaires/login.html
+++ b/dist/formulaires/login.html
@@ -47,9 +47,11 @@ document.write("<p><:login_login:> <strong>[(#ENV{login_alt})]<" + "/strong
<p><label[ for="var_login_(#ENV{login})"]><:login_pass2:></label><br />
<input type="password" class="forml" name="session_password"[ id="var_login_(#ENV{login})"] value="" size="20" /></p>
+
+[(#ENV{rester_connecte})
<p><input type="checkbox" name="session_remember" id="session[_(#ENV{login})]" value="oui"[(#ENV*{prefs}|filtre_rester_connecte)checked="checked"]/>
<label for="session[_(#ENV{login})]"><:login_rester_identifie:></label></p>
-
+]
<input type="hidden" name="session_password_md5" value="" />
<input type="hidden" name="next_session_password_md5" value="" />
<input type="hidden" name="essai_login" value="oui" />
diff --git a/ecrire/action/converser.php b/ecrire/action/converser.php
index 31c9e17a82..5552d4f985 100644
--- a/ecrire/action/converser.php
+++ b/ecrire/action/converser.php
@@ -31,10 +31,11 @@ function action_converser_dist()
$GLOBALS['auteur_session']['lang'] = $lang;
$session = charger_fonction('session', 'inc');
if ($spip_session = $session($GLOBALS['auteur_session'])) {
- preg_match(',^[^/]*//[^/]*(.*)/$,',
- url_de_base(),
- $r);
- spip_setcookie('spip_session', $spip_session, time() + 3600 * 24 * 14, $r[1]);
+ spip_setcookie(
+ 'spip_session',
+ $spip_session,
+ time() + 3600 * 24 * 14
+ );
}
}
action_converser_post($lang, 'spip_lang_ecrire');
diff --git a/ecrire/action/cookie.php b/ecrire/action/cookie.php
index e09005b24d..7b7c7eda64 100644
--- a/ecrire/action/cookie.php
+++ b/ecrire/action/cookie.php
@@ -70,7 +70,8 @@ function action_cookie_dist() {
if (strpos($redirect,_DIR_RESTREINT_ABS)!==false)
$redirect = generer_url_public('login',
"var_login=$session_login", true);
- if (_request('session_password') OR _request('session_password_md5'))
+ if (_request('session_password')
+ OR _request('session_password_md5'))
$redirect = parametre_url($redirect, 'var_erreur', 'pass', '&');
$redirect .= '&url=' . rawurlencode($url);
spip_log("echec login: $session_login");
diff --git a/ecrire/balise/login_public.php b/ecrire/balise/login_public.php
index b0c5bc6001..100faffe88 100644
--- a/ecrire/balise/login_public.php
+++ b/ecrire/balise/login_public.php
@@ -98,7 +98,7 @@ function login_pour_tous($login, $cible, $action) {
$echec_visiteur = _request('var_echec_visiteur')?' ':'';
- $pose_cookie = generer_url_public('spip_cookie');
+ $pose_cookie = generer_url_action('cookie');
$auth_http = '';
if ($echec_cookie AND !$ignore_auth_http) {
if (($GLOBALS['flag_sapi_name']
@@ -151,6 +151,10 @@ function login_pour_tous($login, $cible, $action) {
if (_request('var_erreur') == 'pass')
$erreur = _T('login_erreur_pass');
+ // Ne pas proposer de "rester connecte quelques jours"
+ // si la duree de l'alea est inferieure a 12 h (valeur par defaut)
+ $rester_connecte = (_RENOUVELLE_ALEA < 12*3600) ? '' : ' ';
+
// Appeler le squelette formulaire_login
return array('formulaires/login', $GLOBALS['delais'],
array_merge(
@@ -165,7 +169,8 @@ function login_pour_tous($login, $cible, $action) {
'echec_visiteur' => $echec_visiteur,
'login' => $login,
'login_alt' => (isset($login_alt) ? $login_alt : $login),
- 'self' => str_replace('&', '&', self())
+ 'self' => str_replace('&', '&', self()),
+ 'rester_connecte' => $rester_connecte
)
)
);
diff --git a/ecrire/exec/accueil.php b/ecrire/exec/accueil.php
index 4cbdec9028..4b4bce9cb4 100644
--- a/ecrire/exec/accueil.php
+++ b/ecrire/exec/accueil.php
@@ -191,7 +191,7 @@ function colonne_droite_neq4($id_rubrique, $activer_breves, $activer_sites, $art
if (!@$_COOKIE['spip_admin']) {
$cookie = rawurlencode("@$connect_login");
$retour = rawurlencode(_DIR_RESTREINT_ABS . _SPIP_ECRIRE_SCRIPT);
- $lien = generer_url_public('spip_cookie', "cookie_admin=$cookie&url=$retour");
+ $lien = generer_url_action('cookie', "cookie_admin=$cookie&url=$retour");
$gadget .= "<div> </div>".
"<table width='95%'><tr>".
"<td style='width: 100%'>".
@@ -248,7 +248,7 @@ function personnel_accueil($coockcookie)
//
if ($coockcookie) {
- $lien = generer_url_public("spip_cookie", "cookie_admin=non&url=".rawurlencode(_DIR_RESTREINT_ABS . _SPIP_ECRIRE_SCRIPT));
+ $lien = generer_url_action('cookie', "cookie_admin=non&url=".rawurlencode(_DIR_RESTREINT_ABS . _SPIP_ECRIRE_SCRIPT));
$t = _T('icone_supprimer_cookie');
$t = icone_horizontale($t, $lien, "cookie-24.gif", "", false);
if ($GLOBALS['spip_display'] != 1)
diff --git a/ecrire/inc/actions.php b/ecrire/inc/actions.php
index aeacfb092b..c2a75325f3 100644
--- a/ecrire/inc/actions.php
+++ b/ecrire/inc/actions.php
@@ -299,7 +299,7 @@ function ask_php_auth($pb, $raison, $retour, $url='', $re='', $lien='') {
$ici = generer_url_ecrire();
echo "<b>$pb</b><p>$raison</p>[<a href='$ici'>$retour</a>] ";
if ($url) {
- echo "[<a href='", generer_url_public('spip_cookie',"essai_auth_http=oui&$url"), "'>$re</a>]";
+ echo "[<a href='", generer_url_action('cookie',"essai_auth_http=oui&$url"), "'>$re</a>]";
}
if ($lien)
diff --git a/ecrire/inc/auth.php b/ecrire/inc/auth.php
index 9760956d3f..88f76c281f 100644
--- a/ecrire/inc/auth.php
+++ b/ecrire/inc/auth.php
@@ -171,12 +171,11 @@ function inc_auth_dist() {
$session = charger_fonction('session', 'inc');
if ($spip_session = $session($row)) {
include_spip('inc/cookie');
- preg_match(',^[^/]*//[^/]*(.*)/$,',
- url_de_base(),
- $r);
- spip_setcookie('spip_session',
+ spip_setcookie(
+ 'spip_session',
$_COOKIE['spip_session'] = $spip_session,
- time() + 3600 * 24 * 14, $r[1]);
+ time() + 3600 * 24 * 14
+ );
}
}
diff --git a/ecrire/inc/config.php b/ecrire/inc/config.php
index e6d0bed573..4fb26b8ced 100644
--- a/ecrire/inc/config.php
+++ b/ecrire/inc/config.php
@@ -82,11 +82,6 @@ function init_config() {
$modifs = true;
}
- /*if (isset($GLOBALS['meta']['nouvelle_install']) && $GLOBALS['meta']['nouvelle_install'] == 'oui') {
- effacer_meta('nouvelle_install');
- $modifs = true;
- }*/
-
if ($modifs) ecrire_metas();
include_spip('inc/rubriques');
diff --git a/ecrire/inc/cookie.php b/ecrire/inc/cookie.php
index 7ae79a588a..6009d93aed 100644
--- a/ecrire/inc/cookie.php
+++ b/ecrire/inc/cookie.php
@@ -18,7 +18,10 @@ if (!defined("_ECRIRE_INC_VERSION")) return;
// http://doc.spip.org/@spip_setcookie
function spip_setcookie ($name='', $value='', $expire=0, $path='AUTO', $domain='', $secure='') {
$name = preg_replace ('/^spip_/', $GLOBALS['cookie_prefix'].'_', $name);
- if ($path == 'AUTO') $path=$GLOBALS['cookie_path'];
+ if ($path == 'AUTO')
+ $path = preg_replace(',^\w+://[^/]*,', '', url_de_base());
+
+spip_log("path cookie = $path");
if ($secure)
@setcookie ($name, $value, $expire, $path, $domain, $secure);
diff --git a/ecrire/inc/lang.php b/ecrire/inc/lang.php
index e27ae33795..fa7f731609 100644
--- a/ecrire/inc/lang.php
+++ b/ecrire/inc/lang.php
@@ -203,8 +203,11 @@ function verifier_lang_url() {
AND changer_langue($lang_demandee)
AND $lang_demandee != @$_GET['lang']) {
$destination = parametre_url(self(),'lang', $lang_demandee, '&');
- if (isset($GLOBALS['var_mode']))
- $destination = parametre_url($destination, 'var_mode', $GLOBALS['var_mode'], '&');
+ // ici on a besoin des var_truc
+ foreach ($_GET as $var => $val) {
+ if (!strncmp('var_', $var, 4))
+ $destination = parametre_url($destination, $var, $val, '&');
+ }
include_spip('inc/headers');
redirige_par_entete($destination);
}
diff --git a/ecrire/inc/session.php b/ecrire/inc/session.php
index 7e101721d4..8dbe19578b 100644
--- a/ecrire/inc/session.php
+++ b/ecrire/inc/session.php
@@ -69,11 +69,11 @@ function ajouter_session($auteur) {
redirige_par_entete(generer_test_dirs(_DIR_SESSIONS,true));
} else {
include_spip('inc/cookie');
- preg_match(',^[^/]*//[^/]*(.*)/.*/$,', url_de_base(), $r);
-
- spip_setcookie('spip_session', $_COOKIE['spip_session'],
- time() + 20 * _RENOUVELLE_ALEA,
- $r[1]);
+ spip_setcookie(
+ 'spip_session',
+ $_COOKIE['spip_session'],
+ time() + 20 * _RENOUVELLE_ALEA
+ );
spip_log("ajoute session $fichier_session");
return $_COOKIE['spip_session'];
}
diff --git a/ecrire/inc/utils.php b/ecrire/inc/utils.php
index 321f8aa075..c6f2f64f36 100644
--- a/ecrire/inc/utils.php
+++ b/ecrire/inc/utils.php
@@ -1247,7 +1247,7 @@ function spip_initialisation($pi=NULL, $pa=NULL, $ti=NULL, $ta=NULL) {
include_once _DIR_RESTREINT . 'inc/flock.php';
// Duree de validite de l'alea pour les cookies et ce qui s'ensuit.
- define('_RENOUVELLE_ALEA', 4 * 3600);
+ define('_RENOUVELLE_ALEA', 12 * 3600);
// Lire les meta cachees et init noyau (espace public uniquement)
diff --git a/ecrire/inc_version.php b/ecrire/inc_version.php
index 988614e93e..31686cbbc2 100644
--- a/ecrire/inc_version.php
+++ b/ecrire/inc_version.php
@@ -93,10 +93,9 @@ $taille_des_logs = 100;
// (a modifier pour avoir plusieurs sites SPIP dans une seule base)
$table_prefix = "spip";
-// Prefixe et chemin des cookies
+// Prefixe des cookies
// (a modifier pour installer des sites SPIP dans des sous-repertoires)
$cookie_prefix = "spip";
-$cookie_path = "";
// Dossier des squelettes
// (a modifier si l'on veut passer rapidement d'un jeu de squelettes a un autre)
diff --git a/ecrire/prive.php b/ecrire/prive.php
index 5ccd9feac4..b22f98b769 100644
--- a/ecrire/prive.php
+++ b/ecrire/prive.php
@@ -24,10 +24,7 @@ if ($auth) {
include_spip('inc/headers');
if ($auth == '6forum') {
$auth = '../?' . $_SERVER['QUERY_STRING'];
- preg_match(',^[^/]*//[^/]*(.*)/.*/$,',
- url_de_base(),
- $r);
- spip_setcookie('spip_session', $_COOKIE['spip_session'], time() + 3600 * 24 * 14, $r[1]);
+ spip_setcookie('spip_session', $_COOKIE['spip_session'], time() + 3600 * 24 * 14);
} else
$auth = generer_url_public('login',
"url=" .
diff --git a/ecrire/public.php b/ecrire/public.php
index 27c7cb659c..88406b7e6a 100644
--- a/ecrire/public.php
+++ b/ecrire/public.php
@@ -60,7 +60,8 @@ if (defined('_INC_PUBLIC')) {
redirige_par_entete(urldecode($redirect));
else if (!headers_sent()) {
http_status(204);
- spip_log("action $action renvoie status 204");
+ # trop verbeux : chaque cron() provoque un 204
+ # spip_log("action $action renvoie status 204");
} else {
spip_log("action $action renvoie du contenu");
}
--
GitLab