Bug #22084 » 13470.patch
| t3lib/class.t3lib_userauth.php 2010-02-10 12:49:14.000000000 +0100 | ||
|---|---|---|
|
$mode = '';
|
||
|
$this->newSessionID = FALSE;
|
||
|
// $id is set to ses_id if cookie is present. Else set to false, which will start a new session
|
||
|
$id = isset($_COOKIE[$this->name]) ? stripslashes($_COOKIE[$this->name]) : '';
|
||
|
$id = $this->getCookie($this->name);
|
||
|
$this->hash_length = t3lib_div::intInRange($this->hash_length,6,32);
|
||
|
$this->svConfig = $TYPO3_CONF_VARS['SVCONF']['auth'];
|
||
| ... | ... | |
|
}
|
||
|
/**
|
||
|
* Get a specific cookie.
|
||
|
*
|
||
|
* Use HTTP_COOKIE, if available, to avoid a IE8 bug where multiple
|
||
|
* cookies with the same name might be returned if the user accessed
|
||
|
* the site without "www." first and switched to "www." later:
|
||
|
* Cookie: fe_typo_user=AAA; fe_typo_user=BBB
|
||
|
* In this case PHP will set _COOKIE as the first cookie, when we
|
||
|
* would need the last one (which is what this function then does).
|
||
|
*
|
||
|
* @param string The cookie ID
|
||
|
* @return string The value stored in the cookie
|
||
|
*/
|
||
|
function getCookie($cookieName) {
|
||
|
if (isset($_SERVER['HTTP_COOKIE'])) {
|
||
|
$cookies = t3lib_div::trimExplode(';', $_SERVER['HTTP_COOKIE']);
|
||
|
foreach ($cookies as $cookie) {
|
||
|
list ($name, $value) = split('=', $cookie);
|
||
|
if ($name == $cookieName) {
|
||
|
// Use the last one
|
||
|
$cookieValue = stripslashes($value);
|
||
|
}
|
||
|
}
|
||
|
} else {
|
||
|
$cookieValue = isset($_COOKIE[$cookieName]) ? stripslashes($_COOKIE[$cookieName]) : '';
|
||
|
}
|
||
|
return $cookieValue;
|
||
|
}
|
||
|
/**
|
||
|
* Determine whether there's an according session record to a given session_id
|
||
|
* in the database. Don't care if session record is still valid or not.
|
||
|
*
|
||