Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

* Remove unused OutputPage::addCookie()

Browse source 
* Set cookies to secure mode based on use of HTTPS or $wgCookieSecure
Note; this currently doesn't override the session cookie params. Set separately
This commit is contained in:
Brion Vibber 2005-12-26 10:29:22 +00:00
parent d4265580de
commit 0f3e2091d1
6 changed files with 16 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
RELEASE-NOTES
View file

@ -360,6 +360,8 @@ fully support the editing toolbar, but was found to be too confusing.
1.6 dev behavior.
* Add 'GetInternalURL' hook to match the GetFullURL and GetLocalURL ones
* (bug 4389) Fix math options on zh-hk and zh-tw (but not localized)
* Remove unused OutputPage::addCookie()
* Set cookies to secure mode based on use of HTTPS or $wgCookieSecure
=== Caveats ===

2
includes/DefaultSettings.php
View file

@ -66,7 +66,6 @@ if( isset( $_SERVER['SERVER_PORT'] )
$wgServer .= ":" . $_SERVER['SERVER_PORT'];
}
unset($wgProto);
/**
@ -1005,6 +1004,7 @@ $wgHTCPMulticastTTL = 1;
*/
$wgCookieDomain = '';
$wgCookiePath = '/';
$wgCookieSecure = ($wgProto == 'https');
$wgDisableCookieCheck = false;
/** Whether to allow inline image pointing to other websites */

12
includes/OutputPage.php
View file

@ -17,7 +17,7 @@ if($wgUseTeX) require_once( 'Math.php' );
* @package MediaWiki
*/
class OutputPage {
var $mHeaders, $mCookies, $mMetatags, $mKeywords;
var $mHeaders, $mMetatags, $mKeywords;
var $mLinktags, $mPagetitle, $mBodytext, $mDebugtext;
var $mHTMLtitle, $mRobotpolicy, $mIsarticle, $mPrintable;
var $mSubtitle, $mRedirect, $mStatusCode;
@ -39,7 +39,7 @@ class OutputPage {
* Initialise private variables
*/
function OutputPage() {
$this->mHeaders = $this->mCookies = $this->mMetatags =
$this->mHeaders = $this->mMetatags =
$this->mKeywords = $this->mLinktags = array();
$this->mHTMLtitle = $this->mPagetitle = $this->mBodytext =
$this->mRedirect = $this->mLastModified =
@ -59,7 +59,6 @@ class OutputPage {
}
function addHeader( $name, $val ) { array_push( $this->mHeaders, $name.': '.$val ) ; }
function addCookie( $name, $val ) { array_push( $this->mCookies, array( $name, $val ) ); }
function redirect( $url, $responsecode = '302' ) { $this->mRedirect = $url; $this->mRedirectCode = $responsecode; }
function setStatusCode( $statusCode ) { $this->mStatusCode = $statusCode; }
@ -422,7 +421,7 @@ class OutputPage {
* the object, let's actually output it:
*/
function output() {
global $wgUser, $wgCookieExpiration, $wgOutputEncoding;
global $wgUser, $wgOutputEncoding;
global $wgContLanguageCode, $wgDebugRedirects, $wgMimeType, $wgProfiler;
if( $this->mDoNothing ){
@ -523,11 +522,6 @@ class OutputPage {
header( "Content-type: $wgMimeType; charset={$wgOutputEncoding}" );
header( 'Content-language: '.$wgContLanguageCode );
$exp = time() + $wgCookieExpiration;
foreach( $this->mCookies as $name => $val ) {
setcookie( $name, $val, $exp, '/' );
}
if ($this->mArticleBodyOnly) {
$this->out($this->mBodytext);
} else {

4
includes/SpecialUserlogin.php
View file

@ -381,7 +381,7 @@ class LoginForm {
* @access private
*/
function mailPasswordInternal( $u ) {
global $wgDBname, $wgCookiePath, $wgCookieDomain;
global $wgDBname, $wgCookiePath, $wgCookieDomain, $wgCookieSecure;
if ( '' == $u->getEmail() ) {
return wfMsg( 'noemail', $u->getName() );
@ -390,7 +390,7 @@ class LoginForm {
$np = $u->randomPassword();
$u->setNewpassword( $np );
setcookie( "{$wgDBname}Token", '', time() - 3600, $wgCookiePath, $wgCookieDomain );
setcookie( "{$wgDBname}Token", '', time() - 3600, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
$u->saveSettings();

1
includes/SpecialUserlogout.php
View file

@ -17,7 +17,6 @@ function wfSpecialUserlogout() {
wfRunHooks('UserLogoutComplete', array(&$wgUser));
$wgOut->mCookies = array();
$wgOut->setRobotpolicy( 'noindex,nofollow' );
$wgOut->addHTML( wfMsg( 'logouttext' ) );
$wgOut->returnToMain();

16
includes/User.php
View file

@ -1302,20 +1302,20 @@ class User {
}
function setCookies() {
global $wgCookieExpiration, $wgCookiePath, $wgCookieDomain, $wgDBname;
global $wgCookieExpiration, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $wgDBname;
if ( 0 == $this->mId ) return;
$this->loadFromDatabase();
$exp = time() + $wgCookieExpiration;
$_SESSION['wsUserID'] = $this->mId;
setcookie( $wgDBname.'UserID', $this->mId, $exp, $wgCookiePath, $wgCookieDomain );
setcookie( $wgDBname.'UserID', $this->mId, $exp, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
$_SESSION['wsUserName'] = $this->getName();
setcookie( $wgDBname.'UserName', $this->getName(), $exp, $wgCookiePath, $wgCookieDomain );
setcookie( $wgDBname.'UserName', $this->getName(), $exp, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
$_SESSION['wsToken'] = $this->mToken;
if ( 1 == $this->getOption( 'rememberpassword' ) ) {
setcookie( $wgDBname.'Token', $this->mToken, $exp, $wgCookiePath, $wgCookieDomain );
setcookie( $wgDBname.'Token', $this->mToken, $exp, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
} else {
setcookie( $wgDBname.'Token', '', time() - 3600 );
}
@ -1326,17 +1326,17 @@ class User {
* It will clean the session cookie
*/
function logout() {
global $wgCookiePath, $wgCookieDomain, $wgDBname;
global $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $wgDBname;
$this->loadDefaults();
$this->setLoaded( true );
$_SESSION['wsUserID'] = 0;
setcookie( $wgDBname.'UserID', '', time() - 3600, $wgCookiePath, $wgCookieDomain );
setcookie( $wgDBname.'Token', '', time() - 3600, $wgCookiePath, $wgCookieDomain );
setcookie( $wgDBname.'UserID', '', time() - 3600, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
setcookie( $wgDBname.'Token', '', time() - 3600, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
# Remember when user logged out, to prevent seeing cached pages
setcookie( $wgDBname.'LoggedOut', wfTimestampNow(), time() + 86400, $wgCookiePath, $wgCookieDomain );
setcookie( $wgDBname.'LoggedOut', wfTimestampNow(), time() + 86400, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
}
/**