From: skodak <skodak>
Date: Sun, 28 Oct 2007 14:20:20 +0000 (+0000)
Subject: MDL-11927 fixed cookiepaths; patch by Kevin
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=1504e261358ff0750ddc0ba9775aaf29129c7b66;p=moodle.git

MDL-11927 fixed cookiepaths; patch by Kevin
---

diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index edd3286f6f..ed5fe40881 100644
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -2552,8 +2552,8 @@ function set_moodle_cookie($thing) {
     $days = 60;
     $seconds = DAYSECS*$days;
 
-    setCookie($cookiename, '', time() - HOURSECS, '/');
-    setCookie($cookiename, rc4encrypt($thing), time()+$seconds, '/');
+    setCookie($cookiename, '', time() - HOURSECS, $CFG->sessioncookiepath);
+    setCookie($cookiename, rc4encrypt($thing), time()+$seconds, $CFG->sessioncookiepath);
 }
 
 /**
diff --git a/lib/setup.php b/lib/setup.php
index 3fd5267580..b3535cd07d 100644
--- a/lib/setup.php
+++ b/lib/setup.php
@@ -382,10 +382,13 @@ global $HTTPSPAGEREQUIRED;
             require_once($CFG->libdir. '/adodb/session/adodb-session2.php');
         }
     }
-/// Set sessioncookie variable if it isn't already
+/// Set sessioncookie and sessioncookiepath variable if it isn't already
     if (!isset($CFG->sessioncookie)) {
         $CFG->sessioncookie = '';
     }
+    if (!isset($CFG->sessioncookiepath)) {
+        $CFG->sessioncookiepath = '/';
+    }
 
 /// Configure ampersands in URLs
 
@@ -495,6 +498,7 @@ global $HTTPSPAGEREQUIRED;
 
     if (empty($nomoodlecookie)) {
         session_name('MoodleSession'.$CFG->sessioncookie);
+        session_set_cookie_params(0, $CFG->sessioncookiepath);
         @session_start();
         if (! isset($_SESSION['SESSION'])) {
             $_SESSION['SESSION'] = new object;
@@ -502,7 +506,7 @@ global $HTTPSPAGEREQUIRED;
             if (!empty($_COOKIE['MoodleSessionTest'.$CFG->sessioncookie])) {
                 $_SESSION['SESSION']->has_timed_out = true;
             }
-            setcookie('MoodleSessionTest'.$CFG->sessioncookie, $_SESSION['SESSION']->session_test, 0, '/');
+            setcookie('MoodleSessionTest'.$CFG->sessioncookie, $_SESSION['SESSION']->session_test, 0, $CFG->sessioncookiepath);
             $_COOKIE['MoodleSessionTest'.$CFG->sessioncookie] = $_SESSION['SESSION']->session_test;
         }
         if (! isset($_SESSION['USER']))    {