Unified cookie path handling, added / to end of path (bug #1155373).

ChangeLog

@@ -22,6 +22,10 @@ $Source$
       libraries/display_export.lib.php, libraries/export/htmlword.php: Word
       export now can contain table structure and better handles more
       tables/databases export.
+    * db_operations.php, export.php, main.php, tbl_move_copy.php,
+      libraries/common.lib.php, libraries/select_theme.lib.php,
+      libraries/auth/cookie.auth.lib.php: Unified cookie path handling, added
+      / to end of path (bug #1155373).
 
 2005-03-06 Marc Delisle  <[email protected]>
     * libraries/relation.lib.php, /display_export.lib.php,

db_operations.php

@@ -47,10 +47,10 @@
         } else {
             $pma_uri_parts = parse_url($cfg['PmaAbsoluteUri']);
             if (isset($switch_to_new) && $switch_to_new == 'true') {
-                setcookie('pma_switch_to_new', 'true', 0, substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/')), '', ($pma_uri_parts['scheme'] == 'https'));
+                setcookie('pma_switch_to_new', 'true', 0, $GLOBALS['cookie_path'], '' , $GLOBALS['is_https']);
                 $db         = $newname;
             } else {
-                setcookie('pma_switch_to_new', '', 0, substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/')), '', ($pma_uri_parts['scheme'] == 'https'));
+                setcookie('pma_switch_to_new', '', 0, $GLOBALS['cookie_path'], '' , $GLOBALS['is_https']);
             }
         }
     }

export.php

@@ -187,23 +187,17 @@ function PMA_exportOutputHandler($line)
     $pma_uri_parts = parse_url($cfg['PmaAbsoluteUri']);
     if ($export_type == 'server') {
         if (isset($remember_template)) {
-            setcookie('pma_server_filename_template', $filename_template , 0,
-                substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/')),
-                '', ($pma_uri_parts['scheme'] == 'https'));
+            setcookie('pma_server_filename_template', $filename_template , 0, $GLOBALS['cookie_path'], '' , $GLOBALS['is_https']);
         }
         $filename = str_replace('__SERVER__', $GLOBALS['cfg']['Server']['host'], strftime($filename_template));
     } elseif ($export_type == 'database') {
         if (isset($remember_template)) {
-            setcookie('pma_db_filename_template', $filename_template , 0,
-                substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/')),
-                '', ($pma_uri_parts['scheme'] == 'https'));
+            setcookie('pma_db_filename_template', $filename_template , 0, $GLOBALS['cookie_path'], '' , $GLOBALS['is_https']);
         }
         $filename = str_replace('__DB__', $db, str_replace('__SERVER__', $GLOBALS['cfg']['Server']['host'], strftime($filename_template)));
     } else {
         if (isset($remember_template)) {
-            setcookie('pma_table_filename_template', $filename_template , 0,
-                substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/')),
-                '', ($pma_uri_parts['scheme'] == 'https'));
+            setcookie('pma_table_filename_template', $filename_template , 0, $GLOBALS['cookie_path'], '' , $GLOBALS['is_https']);
         }
         $filename = str_replace('__TABLE__', $table, str_replace('__DB__', $db, str_replace('__SERVER__', $GLOBALS['cfg']['Server']['host'], strftime($filename_template))));
     }

libraries/auth/cookie.auth.lib.php

@@ -15,10 +15,8 @@
 
 // Gets the default font sizes
 PMA_setFontSizes();
-// Defines the cookie path and whether the server is using https or not
-$pma_uri_parts = parse_url($cfg['PmaAbsoluteUri']);
-$cookie_path   = substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/'));
-$is_https      = (isset($pma_uri_parts['scheme']) && $pma_uri_parts['scheme'] == 'https') ? 1 : 0;
+
+// timestamp for login timeout
 $current_time  = time();
 
 // Uses faster mcrypt library if available
@@ -618,7 +616,7 @@ function PMA_auth_fails()
     if (isset($GLOBALS['allowDeny_forbidden']) && $GLOBALS['allowDeny_forbidden']) {
         $conn_error = $GLOBALS['strAccessDenied'];
     } else if (isset($GLOBALS['no_activity']) && $GLOBALS['no_activity']) {
-        $conn_error = sprintf($GLOBALS['strNoActivity'],$GLOBALS['cfg']['LoginCookieValidity']);  
+        $conn_error = sprintf($GLOBALS['strNoActivity'],$GLOBALS['cfg']['LoginCookieValidity']);
     } else if (PMA_DBI_getError()) {
         $conn_error = PMA_DBI_getError();
     } else if (isset($php_errormsg)) {

libraries/common.lib.php

@@ -1126,6 +1126,11 @@ function PMA_setFontSizes()
         }
     }
 
+    // some variables used mostly for cookies:
+    $pma_uri_parts = parse_url($cfg['PmaAbsoluteUri']);
+    $cookie_path   = substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/')) . '/';
+    $is_https      = (isset($pma_uri_parts['scheme']) && $pma_uri_parts['scheme'] == 'https') ? 1 : 0;
+
     $dblist       = array();
 
     /**
@@ -1536,7 +1541,7 @@ function PMA_whichCrlf()
      * @param   string   the current database name
      * @param   string   the current table name
      * @param   boolean  whether to retain or to displays the result
-     * @param   boolean  whether to force an exact count 
+     * @param   boolean  whether to force an exact count
      *
      * @return  mixed    the number of records if retain is required, true else
      *
@@ -2518,7 +2523,7 @@ function PMA_generateAlterTable($oldcol, $newcol, $full_field_type, $collation,
             . $full_field_type;
         if (PMA_MYSQL_INT_VERSION >= 40100 && !empty($collation) && $collation != 'NULL' && preg_match('@^(TINYTEXT|TEXT|MEDIUMTEXT|LONGTEXT|VARCHAR|CHAR)$@i', $full_field_type)) {
             $query .= PMA_generateCharsetQueryPart($collation);
-        } 
+        }
         if (!empty($default)) {
             if (strtoupper($default) == 'NULL') {
                 $query .= ' DEFAULT NULL';

libraries/select_theme.lib.php

@@ -77,31 +77,25 @@
     closedir($handleThemes);
 } // end themeManger
 
-if (!isset($pma_uri_parts)) { // cookie-setup if needed
-    $pma_uri_parts = parse_url($cfg['PmaAbsoluteUri']);
-    $cookie_path   = substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/'));
-    $is_https      = (isset($pma_uri_parts['scheme']) && $pma_uri_parts['scheme'] == 'https') ? 1 : 0;
-} // end cookie setup
-
 if (isset($set_theme)) { // if user submit a theme
-    setcookie('pma_theme', $set_theme, time() + 60*60*24*30, $cookie_path, '', $is_https);
+    setcookie('pma_theme', $set_theme, time() + 60*60*24*30, $GLOBALS['cookie_path'], '', $GLOBALS['is_https']);
 } else { // else check if user have a theme cookie
     if (!isset($_COOKIE['pma_theme']) || empty($_COOKIE['pma_theme'])) {
         if ($PMA_ThemeDefault == TRUE) {
             if (basename($PHP_SELF) == 'index.php') {
-                setcookie('pma_theme', $cfg['ThemeDefault'], time() + 60*60*24*30, $cookie_path, '', $is_https);
+                setcookie('pma_theme', $cfg['ThemeDefault'], time() + 60*60*24*30, $GLOBALS['cookie_path'], '', $GLOBALS['is_https']);
             }
             $pmaTheme=$cfg['ThemeDefault'];
         }else{
             if (basename($PHP_SELF) == 'index.php') {
-                setcookie('pma_theme', 'original', time() + 60*60*24*30, $cookie_path, '', $is_https);
+                setcookie('pma_theme', 'original', time() + 60*60*24*30, $GLOBALS['cookie_path'], '', $GLOBALS['is_https']);
             }
             $pmaTheme='original';
         }
     } else {
         $pmaTheme=$_COOKIE['pma_theme'];
         if (basename($PHP_SELF) == 'index.php') {
-            setcookie('pma_theme', $pmaTheme, time() + 60*60*24*30, $cookie_path, '', $is_https);
+            setcookie('pma_theme', $pmaTheme, time() + 60*60*24*30, $GLOBALS['cookie_path'], '', $GLOBALS['is_https']);
         }
     }
 } // end if

main.php

@@ -12,12 +12,6 @@
  */
 require_once('./libraries/grab_globals.lib.php');
 require_once('./libraries/common.lib.php');
-// Puts the language to use in a cookie that will expire in 30 days
-if (!isset($pma_uri_parts)) {
-    $pma_uri_parts = parse_url($cfg['PmaAbsoluteUri']);
-    $cookie_path   = substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/'));
-    $is_https      = (isset($pma_uri_parts['scheme']) && $pma_uri_parts['scheme'] == 'https') ? 1 : 0;
-}
 setcookie('pma_lang', $lang, time() + 60*60*24*30, $cookie_path, '', $is_https);
 if (isset($convcharset)) {
     setcookie('pma_charset', $convcharset, time() + 60*60*24*30, $cookie_path, '', $is_https);

tbl_move_copy.php

@@ -44,11 +44,11 @@
         } else {
             $pma_uri_parts = parse_url($cfg['PmaAbsoluteUri']);
             if (isset($switch_to_new) && $switch_to_new == 'true') {
-                setcookie('pma_switch_to_new', 'true', 0, substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/')), '', ($pma_uri_parts['scheme'] == 'https'));
+                setcookie('pma_switch_to_new', 'true', 0, $GLOBALS['cookie_path'], '' , $GLOBALS['is_https']);
                 $db        = $target_db;
                 $table     = $new_name;
             } else {
-                setcookie('pma_switch_to_new', '', 0, substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/')), '', ($pma_uri_parts['scheme'] == 'https'));
+                setcookie('pma_switch_to_new', '', 0, $GLOBALS['cookie_path'], '' , $GLOBALS['is_https']);
             }
         }
     }