adam/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-06-01 20:04:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

fixes #2557 use pwg_get_cookie_var

Browse Source 
-Update cookie to use pwg_lang to avoid conflicts with other potential apps.
-Add cookie path to the pwg_lang cookie to help with conflicts also.
-Be less restrictive in load_cookie_language function
-We can't use pwg_set_cookie because it is set in js not PHP so we force it to be called pwg_lang
This commit is contained in:
HWFord
2026-05-06 08:53:44 +02:00
parent 29c7957054
commit f12323d1c9
9 changed files with 20 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files
identification.php
+2 -1
View File
@@ -135,7 +135,8 @@ foreach (get_languages() as $language_code => $language_name)
$template->assign(array(
'language_options' => $language_options,
'current_language' => $user['language']
'current_language' => $user['language'],
'COOKIE_PATH' => cookie_path(),
));
//Get link to doc
include/functions.inc.php
+5 -9
View File
@@ -1942,21 +1942,17 @@ function load_cookie_language($load_language=true, $update_user=false, $unset_co
global $user;
// Load language if cookie is set from login/register/password pages
if (isset($_COOKIE['lang']) and $user['language'] != $_COOKIE['lang'])
if (pwg_get_cookie_var('lang') and array_key_exists(pwg_get_cookie_var('lang'), get_languages()))
{
if (!array_key_exists($_COOKIE['lang'], get_languages()))
{
fatal_error('[Hacking attempt] the input parameter "'.htmlspecialchars($_COOKIE['lang']).'" is not valid');
}
$user['language'] = $_COOKIE['lang'];
$user['language'] = pwg_get_cookie_var('lang');
if ($update_user)
{
single_update(
USER_INFOS_TABLE,
array(
'language' => $_COOKIE['lang']
'language' => pwg_get_cookie_var('lang')
),
array(
'user_id' => $user_id ?? $user['id']
@@ -1974,7 +1970,7 @@ function load_cookie_language($load_language=true, $update_user=false, $unset_co
// We unset the lang cookie, if user has changed their language using interface
// we don't want to keep setting it back to what was chosen using standard
// pages lang switch
setcookie("lang", "", time() - 3600);
setcookie("pwg_lang", "", time() - 3600);
}
}
}
password.php
+2 -1
View File
@@ -499,7 +499,8 @@ foreach (get_languages() as $language_code => $language_name)
$template->assign(array(
'language_options' => $language_options,
'current_language' => $user['language']
'current_language' => $user['language'],
'COOKIE_PATH' => cookie_path(),
));
//Get link to doc
register.php
+1
View File
@@ -112,6 +112,7 @@ foreach (get_languages() as $language_code => $language_name)
$template->assign(array(
'language_options' => $language_options,
'current_language' => $user['language'],
'COOKIE_PATH' => cookie_path(),
));
//Get link to doc
themes/standard_pages/js/standard_pages.js
+4 -4
View File
@@ -88,8 +88,8 @@ function setCookie(cname, cvalue, exdays) {
const d = new Date();
d.setTime(d.getTime() + (exdays*24*60*60*1000));
let expires = "expires="+ d.toUTCString();
document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/";
if (cname == "lang")
document.cookie = cname + "=" + cvalue + ";" + expires + ";path="+cookie_path;
if (cname == "pwg_lang")
{
location.reload();
}
@@ -125,9 +125,9 @@ jQuery(".togglePassword").click(function(e){
jQuery("#other-languages a").click(function(e){
let clickedUrl = new URL(jQuery(e.target).attr('href'));
let selectedLang = clickedUrl.searchParams.get("lang");
let selectedLang = clickedUrl.searchParams.get("pwg_lang");
if (selectedLang) {
setCookie('lang',selectedLang,1);
setCookie('pwg_lang',selectedLang,1);
}
});
themes/standard_pages/template/identification.tpl
+3 -1
View File
@@ -5,6 +5,8 @@
var selected_language = `{$language_options[$current_language]}`;
var url_logo_light = `{$ROOT_URL}themes/standard_pages/images/piwigo_logo.svg`;
var url_logo_dark = `{$ROOT_URL}themes/standard_pages/images/piwigo_logo_dark.svg`;
var cookie_path = {$COOKIE_PATH};
</script>
{combine_script id='standard_pages_js' load='async' require='jquery' path='themes/standard_pages/js/standard_pages.js'}
@@ -109,7 +111,7 @@
<div id="lang-select">
<span id="other-languages">
{foreach from=$language_options key=code item=lang}
<span id="lang={$code}" onclick="setCookie('lang','{$code}',30)">{$lang}</span>
<span id="lang={$code}" onclick="setCookie('pwg_lang','{$code}',30)">{$lang}</span>
{/foreach}
</span>
<div id="selected-language-container">
themes/standard_pages/template/password.tpl
+1 -1
View File
@@ -166,7 +166,7 @@
<div id="lang-select">
<span id="other-languages">
{foreach from=$language_options key=code item=lang}
<span id="lang={$code}" onclick="setCookie('lang','{$code}',30)">{$lang}</span>
<span id="pwg_lang={$code}" onclick="setCookie('pwg_lang','{$code}',30)">{$lang}</span>
{/foreach}
</span>
<div id="selected-language-container">
themes/standard_pages/template/profile.tpl
+1 -1
View File
@@ -481,7 +481,7 @@ const str_must_not_empty = "{'must not be empty'|translate|escape:javascript}";
<div id="lang-select">
<span id="other-languages">
{foreach from=$language_options key=code item=lang}
<span id="lang={$code}" onclick="setCookie('lang','{$code}',30)">{$lang}</span>
<span id="pwg_lang={$code}" onclick="setCookie('pwg_lang','{$code}',30)">{$lang}</span>
{/foreach}
</span>
<div id="selected-language-container">
themes/standard_pages/template/register.tpl
+1 -1
View File
@@ -111,7 +111,7 @@
<div id="lang-select">
<span id="other-languages">
{foreach from=$language_options key=code item=lang}
<span id="lang={$code}" onclick="setCookie('lang','{$code}',30)">{$lang}</span>
<span id="pwg_lang={$code}" onclick="setCookie('pwg_lang','{$code}',30)">{$lang}</span>
{/foreach}
</span>
<div id="selected-language-container">