- Timestamp:
- Mar 14, 2023 6:24:45 PM (14 months ago)
- Location:
- trunk
- Files:
-
- 3 edited
-
lib/App.inc.php (modified) (5 diffs)
-
lib/Utilities.inc.php (modified) (1 diff)
-
services/login.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/App.inc.php
r784 r785 429 429 $this->setParam(array('db_pass' => $_SERVER['DB_PASS'])); 430 430 } 431 unset($_SERVER['DB_SERVER'], $_SERVER['DB_NAME'], $_SERVER['DB_USER'], $_SERVER['DB_PASS'], $_SERVER['SIGNING_KEY']); 431 432 432 433 // DB credentials for CLI scripts stored in a JSON file with read rights given only to the user who will be executing the scripts: -r-------- … … 594 595 if ($this->getParam('http_cache_headers') > 0) { 595 596 // Allow HTTP caching, for this many seconds. 596 header(sprintf('Cache-Control: no-transform, public,max-age=%d', $this->getParam('http_cache_headers')));597 header(sprintf('Cache-Control: max-age=%d', $this->getParam('http_cache_headers'))); 597 598 header('Vary: Accept-Encoding'); 598 599 } else { … … 643 644 } 644 645 } 645 646 // Unset environment variables we're done with.647 unset($_SERVER['DB_SERVER'], $_SERVER['DB_NAME'], $_SERVER['DB_USER'], $_SERVER['DB_PASS'], $_SERVER['SIGNING_KEY']);648 646 649 647 $this->running = true; … … 1839 1837 1840 1838 /* 1839 * Delete a cookie previously created by setCookie(). 1840 * 1841 * @access public 1842 * @param string $name The name of the cookie. 1843 * @return bool True on success, false on error. 1844 * @author Quinn Comendant <quinn@strangecode.com> 1845 * @since 14 Mar 2023 12:12:15 1846 */ 1847 public function unsetCookie($name) 1848 { 1849 $ret = setcookie($name, '', 1); 1850 if (false === $ret) { 1851 $this->logMsg(sprintf('Failed to unset cookie (%s) probably due to output before headers.', $name), LOG_NOTICE, __FILE__, __LINE__); 1852 } 1853 return $ret; 1854 } 1855 1856 /* 1841 1857 * Set timezone used internally by PHP. See full list at https://www.php.net/manual/en/timezones.php 1842 1858 * … … 1910 1926 $format = $format ?: $this->getParam('lc_date_format'); 1911 1927 if ($format && mb_strpos($format, '%') !== false) { 1912 // The dat aformat is localized for strftime(). It only accepts a timestamp, which are always in UTC, so we hack this by offering the date from the user's timezone in a format without a TZ specified, which is used to a make a timestamp for strftime (we can't use DaateTime->format('U') because that would convert the date back to UTC).1928 // The date format is localized for strftime(). It only accepts a timestamp, which are always in UTC, so we hack this by offering the date from the user's timezone in a format without a TZ specified, which is used to a make a timestamp for strftime (we can't use DaateTime->format('U') because that would convert the date back to UTC). 1913 1929 return strftime($format, strtotime($dt->format('Y-m-d H:i:s'))); 1914 1930 } else { -
trunk/lib/Utilities.inc.php
r783 r785 230 230 { 231 231 $app =& App::getInstance(); 232 233 if ('' == $text) { 234 return ''; 235 } 232 236 233 237 $search = array(); -
trunk/services/login.php
r784 r785 33 33 // We may want to use the add/edit interface from another script, so this 34 34 // allows us to remember which page we came from so we can go back there. 35 if (getFormData('boomerang', false) && isset($_SERVER['HTTP_REFERER']) || preg_match('!^(https?://\w+|/\w+)!', getFormData('boomerang'))) {36 $url = preg_match('!^( https?://\w+|/\w+)!', getFormData('boomerang')) ? getFormData('boomerang') : $_SERVER['HTTP_REFERER'];35 if (getFormData('boomerang', false) && (isset($_SERVER['HTTP_REFERER']) || preg_match('!^(?:https?:/)?/\w!', getFormData('boomerang')))) { 36 $url = preg_match('!^(?:https?:/)?/\w!', getFormData('boomerang')) ? getFormData('boomerang') : $_SERVER['HTTP_REFERER']; 37 37 $app->setBoomerangURL($url, 'login'); 38 38 }
Note: See TracChangeset
for help on using the changeset viewer.
