From a0d19ffb7241a1c7a4b85e6d0fd58fbb2f718468 Mon Sep 17 00:00:00 2001 From: Zach Prezkuta Date: Sun, 6 Jan 2013 14:42:51 -0700 Subject: implement Smarty3 --- index.php | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index d5739f39e..cc6249256 100644 --- a/index.php +++ b/index.php @@ -96,13 +96,6 @@ if((x($_GET,'zid')) && (! $install)) { if((x($_SESSION,'authenticated')) || (x($_POST,'auth-params')) || ($a->module === 'login')) require("auth.php"); -/* - * Create the page head after setting the language - * and getting any auth credentials - */ - -$a->init_pagehead(); - if(! x($_SESSION,'sysmsg')) $_SESSION['sysmsg'] = array(); @@ -280,18 +273,28 @@ if($a->module_loaded) { if(! $a->error) { + // If a theme has defined an _aside() function, run that first + // + // If the theme function doesn't exist, see if this theme extends another, + // and see if that other theme has an _aside() function--if it does, run it + // + // If $aside_default is not False after the theme _aside() function, run the + // module's _aside() function too + // + // This gives themes more control over how the left sidebar looks + $aside_default = true; call_hooks($a->module . '_mod_aside',$placeholder); if(function_exists(str_replace('-','_',current_theme()) . '_' . $a->module . '_aside')) { $func = str_replace('-','_',current_theme()) . '_' . $a->module . '_aside'; $aside_default = $func($a); } - elseif(x($a->theme_info,"extends") && $aside_default + elseif($aside_default && x($a->theme_info,"extends") && (function_exists(str_replace('-','_',$a->theme_info["extends"]) . '_' . $a->module . '_aside'))) { $func = str_replace('-','_',$a->theme_info["extends"]) . '_' . $a->module . '_aside'; $aside_default = $func($a); } - elseif(function_exists($a->module . '_aside') && $aside_default) { + if($aside_default && function_exists($a->module . '_aside')) { $func = $a->module . '_aside'; $func($a); } @@ -329,7 +332,6 @@ if(stristr( implode("",$_SESSION['sysmsg']), t('Permission denied'))) { call_hooks('page_end', $a->page['content']); - construct_page($a); session_write_close(); -- cgit v1.2.3 From b86277b0ff7aa7ea5e04a646b628785fc31f0c3e Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 11 Mar 2013 16:13:09 -0700 Subject: dangerous typo that removes all your hublocs, fix reshare formatting --- index.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index cc6249256..8d59a8a8e 100644 --- a/index.php +++ b/index.php @@ -29,7 +29,6 @@ $install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? false $a->language = get_best_language(); -load_translation_table($a->language); /** * @@ -53,9 +52,17 @@ if(! $install) { require_once("session.php"); load_hooks(); call_hooks('init_1'); + + load_translation_table($a->language); +} +else { + // load translations but do not check plugins as we have no database + load_translation_table($a->language,true); } + + /** * * Important stuff we always need to do. -- cgit v1.2.3 From abd58bce6899aff274be2e24db08cca46c4b135b Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 26 Mar 2013 19:37:33 -0700 Subject: set hidden flags on new directory entries, not just existing ones --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index 8d59a8a8e..95b7c78a9 100644 --- a/index.php +++ b/index.php @@ -288,7 +288,7 @@ if($a->module_loaded) { // If $aside_default is not False after the theme _aside() function, run the // module's _aside() function too // - // This gives themes more control over how the left sidebar looks + // This gives themes more control over how the sidebar looks $aside_default = true; call_hooks($a->module . '_mod_aside',$placeholder); -- cgit v1.2.3 From 552f03122c9ec066f5728fc4629d155937fd3620 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 22 Apr 2013 20:02:21 -0700 Subject: db abstraction layer --- index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 95b7c78a9..d8be14888 100644 --- a/index.php +++ b/index.php @@ -36,10 +36,10 @@ $a->language = get_best_language(); * */ -require_once("dba.php"); +require_once("include/dba/dba_driver.php"); if(! $install) { - $db = new dba($db_host, $db_user, $db_pass, $db_data, $install); + $db = dba_factory($db_host, $db_user, $db_pass, $db_data, $install); unset($db_host, $db_user, $db_pass, $db_data); /** -- cgit v1.2.3 From d4c07930d51244c8ae5014344c9502d010954448 Mon Sep 17 00:00:00 2001 From: fabrixxm Date: Fri, 10 May 2013 06:13:24 -0400 Subject: add $db_port to .htconfig.php and $a->config['syste]['smarty3_folder'] for compiled templates --- index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) mode change 100644 => 100755 index.php (limited to 'index.php') diff --git a/index.php b/index.php old mode 100644 new mode 100755 index d8be14888..7e3fd0ef1 --- a/index.php +++ b/index.php @@ -39,8 +39,8 @@ $a->language = get_best_language(); require_once("include/dba/dba_driver.php"); if(! $install) { - $db = dba_factory($db_host, $db_user, $db_pass, $db_data, $install); - unset($db_host, $db_user, $db_pass, $db_data); + $db = dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data, $install); + unset($db_host, $db_port, $db_user, $db_pass, $db_data); /** * Load configs from db. Overwrite configs from .htconfig.php -- cgit v1.2.3 From b866cc26fa95c6fc1df98bef2994350b9eb07231 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 3 Jun 2013 18:16:00 -0700 Subject: templatise alt_pager --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index 7e3fd0ef1..cf9262bf7 100755 --- a/index.php +++ b/index.php @@ -2,7 +2,7 @@ /** * - * Friendica Red + * Red Matrix * */ -- cgit v1.2.3 From 765d6e0a97f135755d6ec1322f6e3272bc0ae620 Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 14 Jun 2013 16:54:58 -0700 Subject: push refresh messages, performance work on conversations and configs, doc updates --- index.php | 1 + 1 file changed, 1 insertion(+) (limited to 'index.php') diff --git a/index.php b/index.php index cf9262bf7..08943e4b7 100755 --- a/index.php +++ b/index.php @@ -48,6 +48,7 @@ if(! $install) { load_config('config'); load_config('system'); + load_config('feature'); require_once("session.php"); load_hooks(); -- cgit v1.2.3 From fbdee83dca4aa9e5d66488f32121d8c62e378316 Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 3 Jul 2013 20:37:39 -0700 Subject: some object/thing tweaks --- index.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 08943e4b7..14b8ca856 100755 --- a/index.php +++ b/index.php @@ -118,8 +118,11 @@ if(! x($_SESSION,'sysmsg_info')) */ -if($install) - $a->module = 'setup'; +if($install) { + /* Allow an exception for the view module so that pcss will be interpreted during installation */ + if($a->module != 'view') + $a->module = 'setup'; +} else check_config($a); -- cgit v1.2.3 From ef414ba94c134ffb6a0ac6d81eafec76519e2bda Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 15 Aug 2013 05:20:23 -0700 Subject: fix homebase variable --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index 14b8ca856..d93c73233 100755 --- a/index.php +++ b/index.php @@ -328,7 +328,7 @@ if($a->module_loaded) { if(x($_SESSION,'visitor_home')) $homebase = $_SESSION['visitor_home']; elseif(local_user()) - $homebase = $a->get_baseurl() . '/channel/' . $a->user['nickname']; + $homebase = $a->get_baseurl() . '/channel/' . $a->channel['channel_address']; if(isset($homebase)) $a->page['content'] .= ''; -- cgit v1.2.3 From ff56e95c6e907f05ecd18f40a372aa98b1b24926 Mon Sep 17 00:00:00 2001 From: dsp1986 Date: Tue, 17 Sep 2013 09:41:48 +0200 Subject: fix include paths --- index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index d93c73233..fe09e88fc 100755 --- a/index.php +++ b/index.php @@ -50,7 +50,7 @@ if(! $install) { load_config('system'); load_config('feature'); - require_once("session.php"); + require_once("include/session.php"); load_hooks(); call_hooks('init_1'); @@ -102,7 +102,7 @@ if((x($_GET,'zid')) && (! $install)) { } if((x($_SESSION,'authenticated')) || (x($_POST,'auth-params')) || ($a->module === 'login')) - require("auth.php"); + require("include/auth.php"); if(! x($_SESSION,'sysmsg')) -- cgit v1.2.3 From f3d351621d8f098524ccbfcad82863beafab5393 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 1 Oct 2013 19:54:22 -0700 Subject: Saved searches on the matrix/network page just got a lot more interesting. Hint: it's all about autocomplete --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index fe09e88fc..1953dd5cd 100755 --- a/index.php +++ b/index.php @@ -1,4 +1,4 @@ - Date: Mon, 9 Dec 2013 13:30:00 +0100 Subject: set JS cookie --- index.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'index.php') diff --git a/index.php b/index.php index 1953dd5cd..adfa6534f 100755 --- a/index.php +++ b/index.php @@ -245,6 +245,12 @@ if (file_exists($theme_info_file)){ if(! x($a->page,'content')) $a->page['content'] = ''; +/* set JS cookie */ +if($_COOKIE['jsAvailable'] != 1) { + $a->page['content'] .= ''; +} + + if(! $install) call_hooks('page_content_top',$a->page['content']); -- cgit v1.2.3 From 475b24ca9e758b257bde6f81c727178ae8b64bec Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 3 Jan 2014 01:44:25 -0800 Subject: more dav work --- index.php | 2 -- 1 file changed, 2 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index adfa6534f..640a2b6a1 100755 --- a/index.php +++ b/index.php @@ -62,8 +62,6 @@ else { } - - /** * * Important stuff we always need to do. -- cgit v1.2.3 From 1280a9abfa94156aad2dc8953ced30effb9bf875 Mon Sep 17 00:00:00 2001 From: zottel Date: Thu, 16 Jan 2014 14:22:59 +0100 Subject: prevent reload loop if JS is active, but no cookies accepted --- index.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index 640a2b6a1..6ffef19cb 100755 --- a/index.php +++ b/index.php @@ -245,7 +245,11 @@ if(! x($a->page,'content')) /* set JS cookie */ if($_COOKIE['jsAvailable'] != 1) { - $a->page['content'] .= ''; + $a->page['content'] .= ''; + /* emulate JS cookie if cookies are not accepted */ + if ($_GET['JS'] == 1) { + $_COOKIE['jsAvailable'] = 1; + } } -- cgit v1.2.3 From 0a2b2a139080b41c10bbc7fc0f3b24129f2c3c38 Mon Sep 17 00:00:00 2001 From: Michael Meer Date: Thu, 30 Jan 2014 10:39:09 +0100 Subject: attempt with fix URL for testing works --- index.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 6ffef19cb..15fa264bd 100755 --- a/index.php +++ b/index.php @@ -19,7 +19,7 @@ $a = new App; /** * * Load the configuration file which contains our DB credentials. - * Ignore errors. If the file doesn't exist or is empty, we are running in installation mode. + * Ignore errors. If the file doesnt exist or is empty, we are running in installation mode. * */ @@ -181,7 +181,8 @@ if(strlen($a->module)) { * If the site has a custom module to over-ride the standard module, use it. * Otherwise, look for the standard program module in the 'mod' directory */ - + logger('Index.php', LOGGER_DEBUG); + //logger('Index.php array ' . print_r($a,true), LOGGER_DEBUG); if(! $a->module_loaded) { if(file_exists("custom/{$a->module}.php")) { -- cgit v1.2.3 From c5ac5544cb02aa3194c5cab2b3ab736a2e19e6eb Mon Sep 17 00:00:00 2001 From: Michael Meer Date: Thu, 30 Jan 2014 11:04:20 +0100 Subject: clean up logger commands. Placed apostrophs at the end from some comments to keep the syntax highlighting in vi working --- index.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 15fa264bd..c2421bc0e 100755 --- a/index.php +++ b/index.php @@ -19,7 +19,7 @@ $a = new App; /** * * Load the configuration file which contains our DB credentials. - * Ignore errors. If the file doesnt exist or is empty, we are running in installation mode. + * Ignore errors. If the file doesn't exist or is empty, we are running in installation mode.' * */ @@ -181,8 +181,6 @@ if(strlen($a->module)) { * If the site has a custom module to over-ride the standard module, use it. * Otherwise, look for the standard program module in the 'mod' directory */ - logger('Index.php', LOGGER_DEBUG); - //logger('Index.php array ' . print_r($a,true), LOGGER_DEBUG); if(! $a->module_loaded) { if(file_exists("custom/{$a->module}.php")) { -- cgit v1.2.3 From b39c0d54c07c1a89aa1e4ecaef134b96e4ed4b8a Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 2 Feb 2014 14:06:36 -0800 Subject: some windows fixes --- index.php | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index c2421bc0e..a9264fee7 100755 --- a/index.php +++ b/index.php @@ -242,18 +242,22 @@ if (file_exists($theme_info_file)){ if(! x($a->page,'content')) $a->page['content'] = ''; -/* set JS cookie */ -if($_COOKIE['jsAvailable'] != 1) { - $a->page['content'] .= ''; - /* emulate JS cookie if cookies are not accepted */ - if ($_GET['JS'] == 1) { - $_COOKIE['jsAvailable'] = 1; + + +if(! $install) { + /* set JS cookie */ + if($_COOKIE['jsAvailable'] != 1) { + $a->page['content'] .= ''; + /* emulate JS cookie if cookies are not accepted */ + if ($_GET['JS'] == 1) { + $_COOKIE['jsAvailable'] = 1; + } } + call_hooks('page_content_top',$a->page['content']); } -if(! $install) - call_hooks('page_content_top',$a->page['content']); + /** * Call module functions -- cgit v1.2.3 From 02e4527de682042562dccac83899ef562c4b1e05 Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 2 Feb 2014 14:09:09 -0800 Subject: better check for setup module --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index a9264fee7..0012798a6 100755 --- a/index.php +++ b/index.php @@ -244,7 +244,7 @@ if(! x($a->page,'content')) -if(! $install) { +if(! ($a->module === 'setup')) { /* set JS cookie */ if($_COOKIE['jsAvailable'] != 1) { $a->page['content'] .= ''; -- cgit v1.2.3 From baf3b052f645d7826ada25a05c742d1e5d4a0b51 Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 2 Feb 2014 18:18:22 -0800 Subject: don't load any configs from DB if installing - especially in style.pcss --- index.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 0012798a6..736918661 100755 --- a/index.php +++ b/index.php @@ -23,7 +23,7 @@ $a = new App; * */ -$install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? false : true); +$a->install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? false : true); @include(".htconfig.php"); @@ -38,8 +38,8 @@ $a->language = get_best_language(); require_once("include/dba/dba_driver.php"); -if(! $install) { - $db = dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data, $install); +if(! $a->install) { + $db = dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data, $a->install); unset($db_host, $db_port, $db_user, $db_pass, $db_data); /** @@ -91,7 +91,7 @@ if((x($_SESSION,'language')) && ($_SESSION['language'] !== $lang)) { load_translation_table($a->language); } -if((x($_GET,'zid')) && (! $install)) { +if((x($_GET,'zid')) && (! $a->install)) { $a->query_string = preg_replace('/[\?&]zid=(.*?)([\?&]|$)/is','',$a->query_string); if(! local_user()) { $_SESSION['my_address'] = $_GET['zid']; @@ -116,7 +116,7 @@ if(! x($_SESSION,'sysmsg_info')) */ -if($install) { +if($a->install) { /* Allow an exception for the view module so that pcss will be interpreted during installation */ if($a->module != 'view') $a->module = 'setup'; -- cgit v1.2.3 From ebd52368bb134e57a54d853732b5b4970a8ce02b Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 16 Feb 2014 14:13:26 -0800 Subject: strip hard-wired zids from posted links as they will have the wrong identity when somebody tries to view the link --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index 736918661..24d54d829 100755 --- a/index.php +++ b/index.php @@ -92,7 +92,7 @@ if((x($_SESSION,'language')) && ($_SESSION['language'] !== $lang)) { } if((x($_GET,'zid')) && (! $a->install)) { - $a->query_string = preg_replace('/[\?&]zid=(.*?)([\?&]|$)/is','',$a->query_string); + $a->query_string = strip_zids($a->query_string); if(! local_user()) { $_SESSION['my_address'] = $_GET['zid']; zid_init($a); -- cgit v1.2.3 From f0653ace2295063692de3001c271532a90d59383 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 5 May 2014 18:35:02 -0700 Subject: improved cookie security --- index.php | 1 + 1 file changed, 1 insertion(+) (limited to 'index.php') diff --git a/index.php b/index.php index 24d54d829..7e83197b8 100755 --- a/index.php +++ b/index.php @@ -73,6 +73,7 @@ else { * */ +session_set_cookie_params(300,'/',$a->get_hostname(),(($_SERVER['HTTPS']) ? true : false),true); session_start(); /** -- cgit v1.2.3 From 294903046132d5cec6ae4a9c4a62f40b32b6d056 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 5 May 2014 18:38:11 -0700 Subject: revert --- index.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index 7e83197b8..ef2d19ff0 100755 --- a/index.php +++ b/index.php @@ -73,7 +73,8 @@ else { * */ -session_set_cookie_params(300,'/',$a->get_hostname(),(($_SERVER['HTTPS']) ? true : false),true); +// FIXME - doesn't work +// session_set_cookie_params(300,'/',$a->get_hostname(),(($_SERVER['HTTPS']) ? true : false),true); session_start(); /** -- cgit v1.2.3 From 1fa8bc12e54147cd7ed0dc816cdc2d32892326ed Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 5 May 2014 18:49:58 -0700 Subject: try again --- index.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index ef2d19ff0..93dbd1a54 100755 --- a/index.php +++ b/index.php @@ -73,8 +73,15 @@ else { * */ -// FIXME - doesn't work -// session_set_cookie_params(300,'/',$a->get_hostname(),(($_SERVER['HTTPS']) ? true : false),true); +// Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start(). + +$arr = session_get_cookie_params(); +session_set_cookie_params( + $arr['lifetime'], + $arr['path'], + $arr['domain'], + (($_SERVER['HTTPS']) ? true : false), + $arr['httponly']); session_start(); /** -- cgit v1.2.3 From 1ca8584390fcfcd75f0a66fb458310d059a29f7d Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 7 May 2014 16:31:54 -0700 Subject: Do our best to provide sane cookie defaults. --- index.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 93dbd1a54..6019cecd3 100755 --- a/index.php +++ b/index.php @@ -77,11 +77,11 @@ else { $arr = session_get_cookie_params(); session_set_cookie_params( - $arr['lifetime'], - $arr['path'], - $arr['domain'], - (($_SERVER['HTTPS']) ? true : false), - $arr['httponly']); + ((isset($arr['lifetime'])) ? $arr['lifetime'] : 60*5), + ((isset($arr['path'])) ? $arr['path'] : '/'), + ((isset($arr['domain'])) ? $arr['domain'] : $a->get_hostname()), + ((isset($_SERVER['HTTPS'])) ? true : false), + ((isset($arr['httponly'])) ? $arr['httponly'] : true)); session_start(); /** -- cgit v1.2.3 From d4e00c7bde1ea3e2b6e590767f7e380561cb4dae Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 8 May 2014 16:28:40 -0700 Subject: turn off ssl cookie protection by default since nobody that has problems with it is apparently able to debug it. PLEASE turn it on by util/config system ssl_cookie_protection 1 if you use SSL. Please debug it if you have a problem and have any basic technical skills at all and tell us why it doesn't work so we can fix it and turn this on by default because it is very very very important. --- index.php | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 6019cecd3..36ff74169 100755 --- a/index.php +++ b/index.php @@ -55,6 +55,17 @@ if(! $a->install) { call_hooks('init_1'); load_translation_table($a->language); + // Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start(). + + if((! $a->install) && intval($a->config['system']['ssl_cookie_protection'])) { + $arr = session_get_cookie_params(); + session_set_cookie_params( + ((isset($arr['lifetime'])) ? $arr['lifetime'] : 60*5), + ((isset($arr['path'])) ? $arr['path'] : '/'), + ((isset($arr['domain'])) ? $arr['domain'] : $a->get_hostname()), + ((isset($_SERVER['HTTPS'])) ? true : false), + ((isset($arr['httponly'])) ? $arr['httponly'] : true)); + } } else { // load translations but do not check plugins as we have no database @@ -73,15 +84,6 @@ else { * */ -// Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start(). - -$arr = session_get_cookie_params(); -session_set_cookie_params( - ((isset($arr['lifetime'])) ? $arr['lifetime'] : 60*5), - ((isset($arr['path'])) ? $arr['path'] : '/'), - ((isset($arr['domain'])) ? $arr['domain'] : $a->get_hostname()), - ((isset($_SERVER['HTTPS'])) ? true : false), - ((isset($arr['httponly'])) ? $arr['httponly'] : true)); session_start(); /** -- cgit v1.2.3 From c410406922f23688459f7279b01e89897725f8a2 Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 8 May 2014 16:33:35 -0700 Subject: remove the redundant install check --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index 36ff74169..ed3c25f07 100755 --- a/index.php +++ b/index.php @@ -57,7 +57,7 @@ if(! $a->install) { load_translation_table($a->language); // Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start(). - if((! $a->install) && intval($a->config['system']['ssl_cookie_protection'])) { + if(intval($a->config['system']['ssl_cookie_protection'])) { $arr = session_get_cookie_params(); session_set_cookie_params( ((isset($arr['lifetime'])) ? $arr['lifetime'] : 60*5), -- cgit v1.2.3 From 4cf684a701fcf175bf2104bef66f91ac7549818f Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 8 May 2014 18:50:33 -0700 Subject: better checking for SSL servers, even though it probably doesn't fix the cookie bug --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index ed3c25f07..a07c1a633 100755 --- a/index.php +++ b/index.php @@ -63,7 +63,7 @@ if(! $a->install) { ((isset($arr['lifetime'])) ? $arr['lifetime'] : 60*5), ((isset($arr['path'])) ? $arr['path'] : '/'), ((isset($arr['domain'])) ? $arr['domain'] : $a->get_hostname()), - ((isset($_SERVER['HTTPS'])) ? true : false), + ((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false), ((isset($arr['httponly'])) ? $arr['httponly'] : true)); } } -- cgit v1.2.3 From b3cc05c41dd11e245d262ede40b1ba8635953fb9 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 12 May 2014 17:04:03 -0700 Subject: try to fix random logouts --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index a07c1a633..5f0ff9834 100755 --- a/index.php +++ b/index.php @@ -60,7 +60,7 @@ if(! $a->install) { if(intval($a->config['system']['ssl_cookie_protection'])) { $arr = session_get_cookie_params(); session_set_cookie_params( - ((isset($arr['lifetime'])) ? $arr['lifetime'] : 60*5), + ((isset($arr['lifetime'])) ? $arr['lifetime'] : 0), ((isset($arr['path'])) ? $arr['path'] : '/'), ((isset($arr['domain'])) ? $arr['domain'] : $a->get_hostname()), ((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false), -- cgit v1.2.3 From bc389ff9341d8efec367b2b07c2d1b55be11b8d0 Mon Sep 17 00:00:00 2001 From: Alexandre Hannud Abdo Date: Fri, 23 May 2014 10:16:03 -0300 Subject: Language selection: case-insensitive and system language Fixed ignoring HTTP_ACCEPT_LANGUAGE tags that had uppercase characters. Fixed defining a->language too soon to ever get the system lang --- index.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 5f0ff9834..5a9ec1026 100755 --- a/index.php +++ b/index.php @@ -27,9 +27,6 @@ $a->install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? fal @include(".htconfig.php"); -$a->language = get_best_language(); - - /** * * Try to open the database; @@ -54,6 +51,7 @@ if(! $a->install) { load_hooks(); call_hooks('init_1'); + $a->language = get_best_language(); load_translation_table($a->language); // Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start(). @@ -69,6 +67,7 @@ if(! $a->install) { } else { // load translations but do not check plugins as we have no database + $a->language = get_best_language(); load_translation_table($a->language,true); } -- cgit v1.2.3