summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYorhel <git@yorhel.nl>2011-01-27 10:11:52 +0100
committerYorhel <git@yorhel.nl>2011-01-27 10:11:52 +0100
commit08d3dffe2dc6b955f2e10629079d5ae5c32f7183 (patch)
tree4a2c8f5a2fa52f73b94d4cab610f71ab3234a3c6
parent01c4028bfa067546af572de06789cc4121b1ffbc (diff)
TUWF: Replaced resHeader('Set-Cookie', ..) with resCookie()
Way more convenient. This also fixes several bugs with the previous commit, since the cookie_prefix wasn't used for *all* cookies. Since it is now, the 'l10n' cookie now also respects the configured prefix, which means some people will have to set their default language again. Configuration changes: 'cookie_domain' option has been removed, the 'cookie_defaults' option of TUWF should now be used.
-rw-r--r--data/global.pl7
-rw-r--r--lib/VNDB/Handler/Misc.pm6
-rw-r--r--lib/VNDB/Util/Auth.pm18
-rwxr-xr-xutil/vndb.pl3
4 files changed, 13 insertions, 21 deletions
diff --git a/data/global.pl b/data/global.pl
index 7b6a4154..971db80a 100644
--- a/data/global.pl
+++ b/data/global.pl
@@ -9,7 +9,11 @@ our %O = (
db_login => [ 'dbi:Pg:dbname=vndb', 'vndb', 'passwd' ],
debug => 1,
logfile => $ROOT.'/data/log/vndb.log',
- cookie_prefix => 'vndb_',
+ cookie_prefix => 'vndb_',
+ cookie_defaults => {
+ domain => '.vndb.org',
+ path => '/',
+ },
);
@@ -19,7 +23,6 @@ our %S = (%S,
url => 'http://vndb.org',
url_static => 'http://s.vndb.org',
skin_default => 'angel',
- cookie_domain => '.vndb.org',
global_salt => 'any-private-string-here',
form_salt => 'a-different-private-string-here',
regen_static => 0,
diff --git a/lib/VNDB/Handler/Misc.pm b/lib/VNDB/Handler/Misc.pm
index 2e1e0e11..426de785 100644
--- a/lib/VNDB/Handler/Misc.pm
+++ b/lib/VNDB/Handler/Misc.pm
@@ -354,9 +354,7 @@ sub setlang {
if($lang ne $self->{l10n}->language_tag()) {
$self->authInfo->{id}
? $self->authPref(l10n => $lang eq $browser ? undef : $lang)
- : $self->resHeader('Set-Cookie', sprintf 'l10n=%s; expires=%s; path=/; domain=%s',
- $lang, $lang eq $browser ? 'Sat, 01-Jan-2000 00:00:00 GMT' : 'Sat, 01-Jan-2030 00:00:00 GMT',
- $self->{cookie_domain});
+ : $self->resCookie(l10n => $lang eq $browser ? undef : $lang, expires => time()+31536000);
}
}
@@ -384,7 +382,7 @@ sub iemessage {
(my $ref = $self->reqHeader('Referer') || '/') =~ s/^\Q$self->{url}//;
$ref = '/' if $ref eq '/we-dont-like-ie';
$self->resRedirect($ref, 'temp');
- $self->resHeader('Set-Cookie', "ie-sucks=1; path=/; domain=$self->{cookie_domain}");
+ $self->resCookie('ie_sucks' => 1);
return;
}
diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm
index 996752f4..88e68edc 100644
--- a/lib/VNDB/Util/Auth.pm
+++ b/lib/VNDB/Util/Auth.pm
@@ -24,13 +24,13 @@ sub authInit {
my $cookie = $self->reqCookie('auth');
return 0 if !$cookie;
- return _rmcookie($self) if length($cookie) < 41;
+ return $self->resCookie(auth => undef) if length($cookie) < 41;
my $token = substr($cookie, 0, 40);
my $uid = substr($cookie, 40);
$self->{_auth} = $uid =~ /^\d+$/ && $self->dbUserGet(uid => $uid, session => $token, what => 'extended notifycount prefs')->[0];
# update the sessions.lastused column if lastused < now()'6 hours'
$self->dbSessionUpdateLastUsed($uid, $token) if $self->{_auth} && $self->{_auth}{session_lastused} < time()-6*3600;
- return _rmcookie($self) if !$self->{_auth};
+ return $self->resCookie(auth => undef) if !$self->{_auth};
}
@@ -47,9 +47,8 @@ sub authLogin {
my $cookie = $token . $self->{_auth}{id};
$self->dbSessionAdd($self->{_auth}{id}, $token);
- my $expstr = strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime(time + 31536000)); # keep the cookie for 1 year
$self->resRedirect($to, 'post');
- $self->resHeader('Set-Cookie', "$self->{cookie_prefix}auth=$cookie; expires=$expstr; path=/; domain=$self->{cookie_domain}");
+ $self->resCookie(auth => $cookie, expires => time + 31536000); # keep the cookie for 1 year
return 1;
}
@@ -69,11 +68,11 @@ sub authLogout {
}
$self->resRedirect('/', 'temp');
- _rmcookie($self);
+ $self->resCookie(auth => undef);
# set l10n cookie if the user has a preferred language set
my $l10n = $self->authPref('l10n');
- $self->resHeader('Set-Cookie', "l10n=$l10n; expires=Sat, 01-Jan-2030 00:00:00 GMT; path=/; domain=$self->{cookie_domain}") if $l10n;
+ $self->resCookie(l10n => $l10n, expires => time()+31536000) if $l10n; # keep 1 year
}
@@ -141,13 +140,6 @@ sub authPreparePass{
}
-# removes the vndb_auth cookie
-sub _rmcookie {
- $_[0]->resHeader('Set-Cookie',
- "$_[0]->{cookie_prefix}auth= ; expires=Sat, 01-Jan-2000 00:00:00 GMT; path=/; domain=$_[0]->{cookie_domain}");
-}
-
-
# Generate a code to be used later on to validate that the form was indeed
# submitted from our site and by the same user/visitor. Not limited to
# logged-in users.
diff --git a/util/vndb.pl b/util/vndb.pl
index 790a17a3..0bdb49d1 100755
--- a/util/vndb.pl
+++ b/util/vndb.pl
@@ -93,8 +93,7 @@ sub reqinit {
$rmcookie = 1 if $cookie && $cookie eq $browser;
$handle = VNDB::L10N->get_handle($cookie) if $cookie && $browser ne $cookie;
}
- $self->resHeader('Set-Cookie', "l10n= ; expires=Sat, 01-Jan-2000 00:00:00 GMT; path=/; domain=$self->{cookie_domain}")
- if $rmcookie;
+ $self->resCookie(l10n => undef) if $rmcookie;
$self->{l10n} = $handle;
# check for IE