makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 14:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

re-check cookie_secure value within generate_board_url() for those users having it enabled but not running on a SSL connection (which of course results in server errors). This should (hopefully) further minimize support requests. ;)

Browse source 
Thanks again to aninhill for giving me full access to his board to be able to spot this error.


git-svn-id: file:///svn/phpbb/trunk@6147 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2006-07-05 15:48:43 +00:00
parent bfb26c8a4a
commit 0050879825
2 changed files with 7 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
phpBB/includes/functions.php
View file

@ -1165,8 +1165,6 @@ function generate_board_url($without_script_path = false)
$server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME');
$server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT');
$url = (($config['cookie_secure']) ? 'https://' : 'http://') . $server_name;
// Forcing server vars is the only way to specify/override the protocol
if ($config['force_server_vars'] || !$server_name)
{
@ -1176,6 +1174,12 @@ function generate_board_url($without_script_path = false)
$url = $server_protocol . $server_name;
}
else
{
// Do not rely on cookie_secure, users seem to think that it means a secured cookie instead of an encrypted connection
$cookie_secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0;
$url = (($cookie_secure) ? 'https://' : 'http://') . $server_name;
}
if ($server_port && (($config['cookie_secure'] && $server_port <> 443) || (!$config['cookie_secure'] && $server_port <> 80)))
{

2
phpBB/language/en/acp/board.php
View file

@ -246,7 +246,7 @@ $lang = array_merge($lang, array(
'COOKIE_NAME' => 'Cookie name',
'COOKIE_PATH' => 'Cookie path',
'COOKIE_SECURE' => 'Cookie secure',
'COOKIE_SECURE_EXPLAIN' => 'If your server is running via SSL set this to enabled else leave as disabled',
'COOKIE_SECURE_EXPLAIN' => 'If your server is running via SSL set this to enabled else leave as disabled. Having this enabled and not running via SSL will result in server errors during redirects.',
'ONLINE_LENGTH' => 'View online time span',
'ONLINE_LENGTH_EXPLAIN' => 'Time in minutes after which inactive users will not appear in viewonline listings, lower equals less processing.',
'SESSION_LENGTH' => 'Session length',