View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001159 | OXID eShop (all versions) | 1. ----- eShop frontend ----- | public | 2009-07-31 16:19 | 2012-12-10 14:38 |
| Reporter | Moehlis | Assigned To | |||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Product Version | 4.1.3 revision 19918 | ||||
| Fixed in Version | 4.1.6 revision 22740 | ||||
| Summary | 0001159: cookie domain not set | ||||
| Description | when setting cookies, the shop always sets "/" as cookie domain. in most cases this works fine but as example if you have multiple shops in multiple directories on the same domain, you can only log in one shop at the time. | ||||
| Tags | No tags attached. | ||||
| Theme | |||||
| Browser | Opera | ||||
| PHP Version | 5.2.6 | ||||
| Database Version | 5.0.33 | ||||
|
|
Reminder sent to: Moehlis Can you give an example how you setup your shop .htaccess file or something? thnx |
|
|
.htaccess file is oxid standard: <IfModule mod_rewrite.c> Options +FollowSymLinks RewriteEngine On RewriteCond %{REQUEST_URI} !(\/core\/|\/export\/|\/modules\/|\/out\/|\/setup\/|\/tmp\/|\/views\/) RewriteRule admin/test\.php$ admin/test.php?mod_rewrite=1 RewriteCond %{REQUEST_URI} !(\/admin\/|\/core\/|\/export\/|\/modules\/|\/out\/|\/setup\/|\/tmp\/|\/views\/) RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule !(\.html|\/|\.jpg|\.css|\.pdf|\.doc|\.gif|\.png|\.js)$ %{REQUEST_URI}/ [R=301,L] RewriteCond %{REQUEST_URI} !(\/admin\/|\/core\/|\/export\/|\/modules\/|\/out\/|\/setup\/|\/tmp\/|\/views\/) RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule (\.html|\/)$ oxseo.php </IfModule> Options -Indexes in the root dir is an adittionali .htaccess file: Options +Indexes |
|
|
directories are: /oxid/ /oxid/ce413/ /oxid/pe413/ /oxid/ee413/ its just the case that the directory restriction is not set, so every shop can access the others shop cookies |
|
|
Reminder sent to: Moehlis you have different shop versions in subfolders and want that if you login e.g. to CE you are logged in to EE or PE either? |
|
|
i just installed v 4.1.4 and reproduce it with this version here is the scenario: - we have 2 shops (maybe two ce, or, ce and pe, it doesnt matter) - both shops have the same administrator username/password - we log into shop A with the user "[email protected]" - now we log into shop B with the "admin" user - unfortunately we are now logged in with admin user in BOTH shops this time i testet in mozilla, so its no browser problem, its just the cookiedomain that is not set. |
|
|
i'm a bit confused - now you write - "unfortunately we are now logged in with admin user in BOTH shops", and previously you wrote "you can only log in one shop at the time".. Anyway you can setup cookies according to your needs by writing a module for oxUtilsServer::_getCookiePath() method (so you can override current "/" to your folders). In next release we will include possibility to define config parameter like it is now in oxUtilsServer::_getCookieDomain() |
|
|
Added possibility to define path on the server in which the cookie will be available on; parameter in config.inc.php should be added: $this->sCookiePath = '/dev/urandom'; Please check php documentation for details about possible this parameter values. |
