Patch HTTP-host cookies and basepath detection, by Rob

diff --git a/include/functions_config.inc.php b/include/functions_config.inc.php
index 2933872654a259b35995600009c88906a6501209..abbd5584d0bf92287bb053f8e6156f980b00ca0c 100644 (file)
--- a/include/functions_config.inc.php
+++ b/include/functions_config.inc.php
@@ -587,12 +587,16 @@ function serendipity_JSsetCookie($name, $value) {
 function serendipity_setCookie($name, $value, $securebyprot = true) {
     global $serendipity;
 
+    $host = $_SERVER['HTTP_HOST'];
     if ($securebyprot) {
         $secure = (strtolower($_SERVER['HTTPS']) == 'on') ? true : false;
+        if ($pos = strpos($host, ":")) {
+            $host = substr($host, 0, $pos);
+        }
     } else {
         $secure = false;
     }
-    setcookie("serendipity[$name]", $value, time()+60*60*24*30, $serendipity['serendipityHTTPPath'], $_SERVER['HTTP_HOST'], $secure);
+    setcookie("serendipity[$name]", $value, time()+60*60*24*30, $serendipity['serendipityHTTPPath'], $host, $secure);
     $_COOKIE[$name] = $value;
     $serendipity['COOKIE'][$name] = $value;
 }

diff --git a/include/functions_entries.inc.php b/include/functions_entries.inc.php
index 8394dba86540f6ca64a352a06b1f63dfc41ce7db..e1ccb9c9bcea0ca87017f3c7ca67b8c815c41c8c 100644 (file)
--- a/include/functions_entries.inc.php
+++ b/include/functions_entries.inc.php
@@ -742,7 +742,6 @@ function &serendipity_searchEntries($term, $limit = '') {
 
     $cond['and'] = " AND isdraft = 'false' " . (!serendipity_db_bool($serendipity['showFutureEntries']) ? " AND timestamp <= " . serendipity_db_time() : '');
     serendipity_plugin_api::hook_event('frontend_fetchentries', $cond, array('source' => 'search', 'term' => $term));
-
     serendipity_ACL_SQL($cond, 'limited');
 
     $serendipity['fullCountQuery'] = "

diff --git a/serendipity_config.inc.php b/serendipity_config.inc.php
index 18c9f2b31e2a7805fcdaccae1bbd5ef63d8609f8..d180bd1c8995cc7147c26d46765bb80b759dce15 100644 (file)
--- a/serendipity_config.inc.php
+++ b/serendipity_config.inc.php
@@ -272,6 +272,10 @@ if (defined('USE_MEMSNAP')) {
 serendipity_load_configuration();
 $serendipity['lang'] = serendipity_getSessionLanguage();
 
+if ( (isset($serendipity['autodetect_baseURL']) && serendipity_db_bool($serendipity['autodetect_baseURL'])) ||
+     (isset($serendipity['embed']) && serendipity_db_bool($serendipity['embed'])) ) {
+    $serendipity['baseURL'] = 'http' . (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? 's' : '') . '://' . $_SERVER['HTTP_HOST'] . (!strstr($_SERVER['HTTP_HOST'], ':') && !empty($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] != '80' ? ':' . $_SERVER['SERVER_PORT'] : '') . $serendipity['serendipityHTTPPath'];
+}
 /*
  * If a user is logged in, fetch his preferences. He possibly wants to have a different language
  */
@@ -354,12 +358,6 @@ $serendipity['permissionLevels'] = array(USERLEVEL_EDITOR => USERLEVEL_EDITOR_DE
                                          USERLEVEL_CHIEF => USERLEVEL_CHIEF_DESC,
                                          USERLEVEL_ADMIN => USERLEVEL_ADMIN_DESC);
 
-
-if ( (isset($serendipity['autodetect_baseURL']) && serendipity_db_bool($serendipity['autodetect_baseURL'])) ||
-     (isset($serendipity['embed']) && serendipity_db_bool($serendipity['embed'])) ) {
-    $serendipity['baseURL'] = 'http' . (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? 's' : '') . '://' . $_SERVER['HTTP_HOST'] . (!strstr($_SERVER['HTTP_HOST'], ':') && !empty($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] != '80' ? ':' . $_SERVER['SERVER_PORT'] : '') . $serendipity['serendipityHTTPPath'];
-}
-
 /*
  *  Check if the installed version is higher than the version of the config
  */