From: Matteo Nastasi (mop) <nastasi@alternativeoutput.it>
Date: Sat, 10 Nov 2012 16:50:43 +0000 (+0100)
Subject: set cookies via http header done
X-Git-Tag: v4.0.0~6
X-Git-Url: http://mop.ddnsfree.com/gitweb/?a=commitdiff_plain;h=9ffc7e5dc05fdd25cc273661ba8dc394c5d5518b;p=brisk.git
set cookies via http header done
---
diff --git a/TODO.txt b/TODO.txt
index 851f265..b60234c 100644
--- a/TODO.txt
+++ b/TODO.txt
@@ -5,12 +5,12 @@
-------+
- BUG: pari + 72 non fa 4x ma attualmente fa 3x, da correggere
- BUG: some connection to the named socket fails
- - WIP: (half tested) manage and test cross forwarder between table and room
- log_legal address fix
- - setcookie (for tables only and persist prefs)
+
MINOR |
-------+
+ - try to be more antivirus-friendly
- centralize all '<script ...' incapsulation to allow multiple transport system.
- packetize and automatize php-ancillary and apache module
- parametrizations:
@@ -20,6 +20,7 @@
- DISABLED_TO_FIX: DNS access (perform blocking dns requests, must be fixed)
+
DONE |
------+
@@ -28,6 +29,8 @@
DONE/FROZEN - problem with getpeer (HOSTADDR)
+ DONE - manage and test cross forwarder between table and room
+ DONE - setcookie (for tables only and persist prefs)
DONE - images flickering on slow windows: try to poll stream every 300 ms (seems to be download problem)
DONE - database connection fails after a while, check close and try PGSQL_CONNECT_FORCE_NEW.
DONE - unneeded garbage_time.expired access
diff --git a/web/Obj/hardban.phh b/web/Obj/hardban.phh
index 7efb252..bcc983d 100644
--- a/web/Obj/hardban.phh
+++ b/web/Obj/hardban.phh
@@ -163,7 +163,7 @@ class Hardbans {
log_main("ftok failed");
break;
}
-
+ fprintf(STDERR, "hardpans: %x\n", $tok);
if (($shm_sz = sharedmem_sz($tok)) == -1) {
log_main("shmop_open failed");
}
diff --git a/web/Obj/sac-a-push.phh b/web/Obj/sac-a-push.phh
index 527d9b7..d582a10 100644
--- a/web/Obj/sac-a-push.phh
+++ b/web/Obj/sac-a-push.phh
@@ -105,32 +105,39 @@ function gpcs_var($name, $get, $post, $cookie)
function headers_render($header, $len)
{
- $s = "";
- if (isset($header['Location'])) {
- return sprintf("HTTP/1.1 302 OK\r\nLocation: %s\r\n\r\n", $header['Location']);
- }
- else {
- $s .= "HTTP/1.1 200 OK\r\n";
- }
- if (!isset($header['Date']))
- $s .= sprintf("Date: %s\r\n", date(DATE_RFC822));
- if (!isset($header['Connection']))
- $s .= "Connection: close\r\n";
- if (!isset($header['Content-Type']))
- $s .= "Content-Type: text/html\r\n";
- foreach($header as $key => $value) {
- $s .= sprintf("%s: %s\r\n", $key, $value);
+ $cookies = "";
+
+ if (isset($header['cookies'])) {
+ $cookies = $header['cookies']->render();
+ unset($header['cookies']);
}
- if ($len >= 0) {
- $s .= sprintf("Content-Length: %d\r\n", $len);
+ if (isset($header['Location'])) {
+ $s = sprintf("HTTP/1.1 302 OK\r\n%sLocation: %s\r\n", $cookies, $header['Location']);
}
else {
- $s .= "Cache-Control: no-cache, must-revalidate\r\n";
- $s .= "Expires: Mon, 26 Jul 1997 05:00:00 GMT\r\n";
- if (!isset($header['Content-Encoding'])) {
- $s .= "Content-Encoding: chunked\r\n";
+ $s = "HTTP/1.1 200 OK\r\n";
+
+ if (!isset($header['Date']))
+ $s .= sprintf("Date: %s\r\n", date(DATE_RFC822));
+ if (!isset($header['Connection']))
+ $s .= "Connection: close\r\n";
+ if (!isset($header['Content-Type']))
+ $s .= "Content-Type: text/html\r\n";
+ foreach($header as $key => $value) {
+ $s .= sprintf("%s: %s\r\n", $key, $value);
}
- $s .= "Transfer-Encoding: chunked\r\n";
+ if ($len >= 0) {
+ $s .= sprintf("Content-Length: %d\r\n", $len);
+ }
+ else {
+ $s .= "Cache-Control: no-cache, must-revalidate\r\n";
+ $s .= "Expires: Mon, 26 Jul 1997 05:00:00 GMT\r\n";
+ if (!isset($header['Content-Encoding'])) {
+ $s .= "Content-Encoding: chunked\r\n";
+ }
+ $s .= "Transfer-Encoding: chunked\r\n";
+ }
+ $s .= $cookies;
}
$s .= "\r\n";
@@ -189,6 +196,104 @@ function get_encoding($header)
return ($enc);
}
+class Cookie {
+ var $attr;
+ // Set-Cookie: reg_fb_gate=deleted; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Domain=.foo.com; HttpOnly
+ // string $name [, string $value [, int $expire = 0 [, string $path [, string $domain [, bool $secure = false [, bool $httponly = false ]]]]]] )
+ function Cookie()
+ {
+ $this->attr = array();
+ }
+
+ static function create($name)
+ {
+ $thiz = new Cookie();
+
+ $thiz->attr[$name] = "";
+
+ $argc = func_num_args();
+ for ($i = 1 ; $i < $argc ; $i++) {
+ $arg = func_get_arg($i);
+ switch ($i) {
+ case 1:
+ $thiz->attr[$name] = urlencode($arg);
+ break;
+ case 2:
+ $thiz->attr['Expires'] = gmdate('D, d M Y H:i:s \G\M\T', $arg); // RFC 1211 format
+ break;
+ case 3:
+ $thiz->attr['Path'] = $arg;
+ break;
+ case 4:
+ $thiz->attr['Domain'] = $arg;
+ break;
+ case 5:
+ if ($arg == TRUE) {
+ $thiz->attr['Secure'] = NULL;
+ }
+ break;
+ case 6:
+ if ($arg == TRUE) {
+ $thiz->attr['HttpOnly'] = NULL;
+ }
+ break;
+ default:
+ return FALSE;
+ }
+ }
+
+ return $thiz;
+ }
+
+ function render()
+ {
+ $r = "Set-Cookie: ";
+ $isfirst = TRUE;
+
+ foreach ($this->attr as $k => $v) {
+ if ($v == NULL) {
+ $r .= sprintf("%s%s", ($isfirst ? "" : "; "), $k);
+ }
+ else {
+ $r .= sprintf("%s%s=%s", ($isfirst ? "" : "; "), $k, $v);
+ }
+ $isfirst = FALSE;
+ }
+ $r .= "\r\n";
+
+ return $r;
+ }
+}
+
+class Cookies {
+ var $cookies;
+
+ function Cookies()
+ {
+ $this->cookies = array();
+ }
+
+ function add($name)
+ {
+ if (($cookie = call_user_func_array("Cookie::create", func_get_args())) == FALSE)
+ return (FALSE);
+
+ array_push($this->cookies, $cookie);
+
+ return (TRUE);
+ }
+
+ function render()
+ {
+ $r = "";
+ foreach ($this->cookies as $cookie) {
+ $r .= $cookie->render();
+ }
+
+ return ($r);
+ }
+}
+
class Sac_a_push {
static $fixed_fd = 2;
diff --git a/web/briskin5/Obj/briskin5.phh b/web/briskin5/Obj/briskin5.phh
index 72c9a26..22b75d1 100644
--- a/web/briskin5/Obj/briskin5.phh
+++ b/web/briskin5/Obj/briskin5.phh
@@ -1412,20 +1412,24 @@ class Bin5 {
break;
case "index_wr.php":
- $bri = $s_a_p->app->match_get($table_idx, $table_token);
- ob_start();
- bin5_index_wr_main($bri, $addr, $get, $post, $cookie);
- $content = ob_get_contents();
- ob_end_clean();
-
+ if (isset($table_idx) && isset($table_token)) {
+ if (($bri = $s_a_p->app->match_get($table_idx, $table_token)) != FALSE) {
+ ob_start();
+ bin5_index_wr_main($bri, $addr, $get, $post, $cookie);
+ $content = ob_get_contents();
+ ob_end_clean();
+ }
+ }
$s_a_p->pgflush_try_add($enc, $new_socket, 20, $header_out, $content);
return TRUE;
break;
case "index_rd_ifra.php":
do {
- if (($bri = $s_a_p->app->match_get($table_idx, $table_token)) == NULL
+ if (!isset($table_idx)
+ || !isset($table_token)
|| !isset($cookie['sess'])
+ || ($bri = $s_a_p->app->match_get($table_idx, $table_token)) == NULL
|| (($user = $bri->get_user($cookie['sess'], $idx)) == FALSE)) {
$content = Bin5_user::stream_fini($s_a_p->rndstr, TRUE);
diff --git a/web/index.php b/web/index.php
index 563bb3a..390bc78 100644
--- a/web/index.php
+++ b/web/index.php
@@ -260,8 +260,10 @@ function index_main(&$room, &$header_out, $addr, $get, $post, $cookie)
if (($user = &$room->get_user($sess, &$idx)) != FALSE) {
log_main("user stat: ".$user->stat);
if ($user->stat == "table") {
- setcookie("table_token", $user->table_token, $curtime + 31536000);
- setcookie("table_idx", $user->table, $curtime + 31536000);
+ $cookies = new Cookies();
+ $cookies->add("table_token", $user->table_token, $curtime + 31536000);
+ $cookies->add("table_idx", $user->table, $curtime + 31536000);
+ $header_out['cookies'] = $cookies;
$header_out['Location'] = "briskin5/index.php";
return TRUE;
}
@@ -291,8 +293,10 @@ function index_main(&$room, &$header_out, $addr, $get, $post, $cookie)
// recovery lost game
if ($user->stat == "table") {
- setcookie("table_token", $user->table_token, $curtime + 31536000);
- setcookie("table_idx", $user->table, $curtime + 31536000);
+ $cookies = new Cookies();
+ $cookies->add("table_token", $user->table_token, $curtime + 31536000);
+ $cookies->add("table_idx", $user->table, $curtime + 31536000);
+ $header_out['cookies'] = $cookies;
$header_out['Location'] = "Location: briskin5/index.php";
return TRUE;
}