Project

General

Profile

Bug #22084 » 13470.patch

Administrator Admin, 2010-02-10 12:50

View differences:

t3lib/class.t3lib_userauth.php 2010-02-10 12:49:14.000000000 +0100
$mode = '';
$this->newSessionID = FALSE;
// $id is set to ses_id if cookie is present. Else set to false, which will start a new session
$id = isset($_COOKIE[$this->name]) ? stripslashes($_COOKIE[$this->name]) : '';
$id = $this->getCookie($this->name);
$this->hash_length = t3lib_div::intInRange($this->hash_length,6,32);
$this->svConfig = $TYPO3_CONF_VARS['SVCONF']['auth'];
......
}
/**
* Get a specific cookie.
*
* Use HTTP_COOKIE, if available, to avoid a IE8 bug where multiple
* cookies with the same name might be returned if the user accessed
* the site without "www." first and switched to "www." later:
* Cookie: fe_typo_user=AAA; fe_typo_user=BBB
* In this case PHP will set _COOKIE as the first cookie, when we
* would need the last one (which is what this function then does).
*
* @param string The cookie ID
* @return string The value stored in the cookie
*/
function getCookie($cookieName) {
if (isset($_SERVER['HTTP_COOKIE'])) {
$cookies = t3lib_div::trimExplode(';', $_SERVER['HTTP_COOKIE']);
foreach ($cookies as $cookie) {
list ($name, $value) = split('=', $cookie);
if ($name == $cookieName) {
// Use the last one
$cookieValue = stripslashes($value);
}
}
} else {
$cookieValue = isset($_COOKIE[$cookieName]) ? stripslashes($_COOKIE[$cookieName]) : '';
}
return $cookieValue;
}
/**
* Determine whether there's an according session record to a given session_id
* in the database. Don't care if session record is still valid or not.
*
(1-1/4)