From cfca05c8972c9cc7dab56ea0fbf90f10b9e35c38 Mon Sep 17 00:00:00 2001
From: Kijin Sung <kijin@kijinsung.com>
Date: Mon, 23 Apr 2018 00:42:12 +0900
Subject: [PATCH] Revert "Fix httpOnly flag by mistake.... (#1032)"

This reverts commit 0347bb7053bff392ec17552661a989213d588700.
---
 classes/context/Context.class.php | 4 ++--
 classes/mobile/Mobile.class.php   | 2 +-
 common/framework/session.php      | 2 +-
 modules/member/member.view.php    | 2 +-
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/classes/context/Context.class.php b/classes/context/Context.class.php
index 1b6714972..6abac9e71 100644
--- a/classes/context/Context.class.php
+++ b/classes/context/Context.class.php
@@ -300,7 +300,7 @@ class Context
 		{
 			if($_COOKIE['lang_type'] !== $lang_type)
 			{
-				setcookie('lang_type', $lang_type, 0, '/', null, RX_SSL);
+				setcookie('lang_type', $lang_type, time() + 86400, '/', null, RX_SSL, true);
 			}
 		}
 		elseif($_COOKIE['lang_type'])
@@ -316,7 +316,7 @@ class Context
 					if(!strncasecmp($lang_code, $_SERVER['HTTP_ACCEPT_LANGUAGE'], strlen($lang_code)))
 					{
 						$lang_type = $lang_code;
-						setcookie('lang_type', $lang_type, 0, '/', null, RX_SSL);
+						setcookie('lang_type', $lang_type, time() + 86400, '/', null, RX_SSL, true);
 					}
 				}
 			}
diff --git a/classes/mobile/Mobile.class.php b/classes/mobile/Mobile.class.php
index f6ab48069..d9c1a325b 100644
--- a/classes/mobile/Mobile.class.php
+++ b/classes/mobile/Mobile.class.php
@@ -73,7 +73,7 @@ class Mobile
 		$uatype = $uahash . ':' . (self::$_ismobile ? '1' : '0');
 		if ($cookie !== $uatype)
 		{
-			setcookie('rx_uatype', $uatype, 0, null, null, RX_SSL);
+			setcookie('rx_uatype', $uatype, 0, null, null, RX_SSL, true);
 			$_COOKIE['rx_uatype'] = $uatype;
 		}
 		
diff --git a/common/framework/session.php b/common/framework/session.php
index 8c19813c9..89eb58431 100644
--- a/common/framework/session.php
+++ b/common/framework/session.php
@@ -297,7 +297,7 @@ class Session
 			$ssl_only = (\RX_SSL && config('session.use_ssl')) ? true : false;
 			
 			// Set sso cookie to prevent multiple simultaneous SSO validation requests.
-			setcookie('sso', md5($current_domain), 0, '/', null, null, $ssl_only);
+			setcookie('sso', md5($current_domain), 0, '/', null, null, $ssl_only, true);
 			
 			// Redirect to the default site.
 			$sso_request = Security::encrypt($current_url);
diff --git a/modules/member/member.view.php b/modules/member/member.view.php
index 2876ed8f6..aad6675b4 100644
--- a/modules/member/member.view.php
+++ b/modules/member/member.view.php
@@ -194,7 +194,7 @@ class memberView extends member
 		$ssl_only = (\RX_SSL && config('session.use_ssl')) ? true : false;
 
 		//setcookie for redirect url in case of going to member sign up
-		setcookie("XE_REDIRECT_URL", $_SERVER['HTTP_REFERER'], 0, null, null, $ssl_only);
+		setcookie("XE_REDIRECT_URL", $_SERVER['HTTP_REFERER'], 0, null, null, $ssl_only, true);
 
 		$member_config = $this->member_config;