fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-04 17:21:39 +09:00
Code Issues Projects Releases Packages Wiki Activity

Revert "Example of the cookie option"

Browse source 
This reverts commit 93a35c251b.
This commit is contained in:
Min-Soo Kim 2018-08-02 00:35:52 +09:00
parent 93a35c251b
commit 25d2e4892a
10 changed files with 4 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

17
classes/context/Context.class.php
View file

@ -306,7 +306,7 @@ class Context
{
if($_COOKIE['lang_type'] !== $lang_type)
{
setcookie('lang_type', $lang_type, time() + 86400 * 365, '/', null, self::isCookieSSL());
setcookie('lang_type', $lang_type, time() + 86400 * 365, '/', null, self::isAlwaysSSL());
}
}
elseif($_COOKIE['lang_type'])
@ -639,21 +639,6 @@ class Context
return $ssl_only;
}
/**
* Return Cookie SSL status
*
* @param boolen $purge_cache Set true to get uncached SSL_enforce value.
* @return boolean (true|false)
*/
public static function isCookieSSL($purge_cache = false)
{
static $ssl_only = null;
if(is_null($ssl_only) || $purge_cache === true)
{
$ssl_only = (self::isAlwaysSSL() && config('session.use_ssl_cookie'));
}
return $ssl_only;
}
/**
* Return default URL

2
classes/mobile/Mobile.class.php
View file

@ -73,7 +73,7 @@ class Mobile
$uatype = $uahash . ':' . (self::$_ismobile ? '1' : '0');
if ($cookie !== $uatype)
{
setcookie('rx_uatype', $uatype, 0, null, null, Context::isCookieSSL());
setcookie('rx_uatype', $uatype, 0, null, null, Context::isAlwaysSSL());
$_COOKIE['rx_uatype'] = $uatype;
}

2
common/js/common.js
View file

@ -1056,7 +1056,7 @@ function setCookie(name, value, expire, path) {
var s_cookie = name + "=" + escape(value) +
((!expire) ? "" : ("; expires=" + expire.toGMTString())) +
"; path=" + ((!path) ? "/" : path) +
((cookie_ssl) ? ";secure" : "");
((enforce_ssl) ? ";secure" : "");
document.cookie = s_cookie;
}

1
common/tpl/common_layout.html
View file

@ -56,7 +56,6 @@
var http_port = {Context::get("_http_port") ?: 'null'};
var https_port = {Context::get("_https_port") ?: 'null'};
var enforce_ssl = {Context::get('_use_ssl') === 'always' ? 'true' : 'false'};
var cookie_ssl = {Context::isCookieSSL() ? 'true' : 'false'};
var ssl_actions = {json_encode(array_keys(Context::getSSLActions()))};
var xeVid = null;
</script>

1
modules/admin/admin.admin.controller.php
View file

@ -826,7 +826,6 @@ class adminAdminController extends admin
Rhymix\Framework\Config::set('session.use_db', $vars->use_db_session === 'Y');
Rhymix\Framework\Config::set('session.use_keys', $vars->use_session_keys === 'Y');
Rhymix\Framework\Config::set('session.use_ssl', $vars->use_session_ssl === 'Y');
Rhymix\Framework\Config::set('session.use_ssl_cookie', $vars->use_cookie_ssl === 'Y');
Rhymix\Framework\Config::set('view.minify_scripts', $vars->minify_scripts ?: 'common');
Rhymix\Framework\Config::set('view.concat_scripts', $vars->concat_scripts ?: 'none');
Rhymix\Framework\Config::set('view.server_push', $vars->use_server_push === 'Y');

2
modules/admin/admin.admin.view.php
View file

@ -540,7 +540,6 @@ class adminAdminView extends admin
Context::set('delay_session', Rhymix\Framework\Config::get('session.delay'));
Context::set('use_session_keys', Rhymix\Framework\Config::get('session.use_keys'));
Context::set('use_session_ssl', Rhymix\Framework\Config::get('session.use_ssl'));
Context::set('use_cookie_ssl', Rhymix\Framework\Config::get('session.use_ssl_cookie'));
Context::set('use_db_session', Rhymix\Framework\Config::get('session.use_db'));
Context::set('minify_scripts', Rhymix\Framework\Config::get('view.minify_scripts'));
Context::set('concat_scripts', Rhymix\Framework\Config::get('view.concat_scripts'));
@ -780,7 +779,6 @@ class adminAdminView extends admin
$info['session.use_db'] = config('session.use_db') ? 'true' : 'false';
$info['session.use_keys'] = config('session.use_keys') ? 'true' : 'false';
$info['session.use_ssl'] = config('session.use_ssl') ? 'true' : 'false';
$info['session.use_ssl_cookie'] = config('session.use_ssl_cookie') ? 'true' : 'false';
$info['view.concat_scripts'] = config('view.concat_scripts');
$info['view.minify_scripts'] = config('view.minify_scripts');
$info['use_rewrite'] = config('use_rewrite') ? 'true' : 'false';

2
modules/admin/lang/en.php
View file

@ -163,8 +163,6 @@ $lang->use_session_keys = 'Use session security keys';
$lang->about_use_session_keys = 'Use additional security keys to guard against session theft. This setting is highly recommended if you don\'t use SSL-only sessions.<br>This setting may cause some users to become logged out.';
$lang->use_session_ssl = 'Use SSL-only session';
$lang->about_use_session_ssl = 'Prevent the session from being used on non-SSL pages.<br>This helps improve security if your site always uses SSL and your server is configured to redirect all non-SSL pages to SSL.';
$lang->use_cookie_ssl = 'Use SSL-only cookie';
$lang->about_use_cookie_ssl = 'Prevent the cooike from being used on non-SSL pages.<br>This helps improve security if your site always uses SSL and your server is configured to redirect all non-SSL pages to SSL.';
$lang->use_object_cache = 'Use Cache';
$lang->cache_default_ttl = 'Cache default TTL';
$lang->cache_host = 'Host';

2
modules/admin/lang/ko.php
View file

@ -164,8 +164,6 @@ $lang->use_session_keys = '세션 보안키 사용';
$lang->about_use_session_keys = '세션 탈취를 방지하기 위한 보안키를 사용합니다. SSL 전용 세션을 사용하지 않을 경우 반드시 보안키를 사용하시기를 권장합니다.<br>사용자 환경에 따라 로그인이 풀리는 문제가 발생할 수 있습니다.';
$lang->use_session_ssl = 'SSL 전용 세션 사용';
$lang->about_use_session_ssl = '세션을 SSL 전용으로 지정하여 SSL이 아닌 페이지에서 사용할 수 없도록 합니다.<br>SSL을 항상 사용하고, SSL이 아닌 페이지 방문시 자동으로 SSL 페이지로 리다이렉트되도록 서버가 설정되어 있는 경우<br>이 옵션을 사용하면 보안이 향상됩니다. (애드온 등을 사용하여 리다이렉트하는 경우 제외)';
$lang->use_cookie_ssl = 'SSL 전용 쿠키 사용';
$lang->about_use_cookie_ssl = '쿠키를 SSL 전용으로 지정하여 SSL이 아닌 페이지에서 사용할 수 없도록 합니다.<br>SSL을 항상 사용하고, SSL이 아닌 페이지 방문시 자동으로 SSL 페이지로 리다이렉트되도록 서버가 설정되어 있는 경우<br>이 옵션을 사용하면 보안이 향상됩니다. (애드온 등을 사용하여 리다이렉트하는 경우 제외)';
$lang->use_object_cache = '캐시 사용';
$lang->cache_default_ttl = '캐시 기본 TTL';
$lang->cache_host = '호스트';

9
modules/admin/tpl/config_advanced.html
View file

@ -123,15 +123,6 @@
<p class="x_help-block">{$lang->about_use_session_ssl}</p>
</div>
</div>
<div class="x_control-group">
<label class="x_control-label">{$lang->use_cookie_ssl}</label>
<div class="x_controls">
<label for="use_cookie_ssl_y" class="x_inline"><input type="radio" name="use_cookie_ssl" id="use_cookie_ssl_y" value="Y" checked="checked"|cond="$use_cookie_ssl && $use_ssl === 'always'" disabled="disabled"|cond="$use_ssl !== 'always'" /> {$lang->cmd_yes}</label>
<label for="use_cookie_ssl_n" class="x_inline"><input type="radio" name="use_cookie_ssl" id="use_cookie_ssl_n" value="N" checked="checked"|cond="!$use_cookie_ssl || $use_ssl !== 'always'" disabled="disabled"|cond="$use_ssl !== 'always'" /> {$lang->cmd_no}</label>
<br />
<p class="x_help-block">{$lang->about_use_cookie_ssl}</p>
</div>
</div>
<div class="x_control-group">
<label class="x_control-label">{$lang->thumbnail_target}</label>
<div class="x_controls">

2
widgets/login_info/skins/ncenter_login/js/ncenter.js
View file

@ -8,7 +8,7 @@
dt.setTime(dt.getTime() + (d * 24 * 60 * 60000));
e = "; expires=" + dt.toGMTString();
}
document.cookie = n + "=" + v + e + "; path=/" + ((cookie_ssl) ? ";secure" : "");
document.cookie = n + "=" + v + e + "; path=/" + ((enforce_ssl) ? ";secure" : "");
}
var n = $('#nc_container');