Commit Graph

4 Commits

Author SHA1 Message Date
Kaifeng Lyu
9c21c957c9 fix(UOJContext.php): fix the bug that "page expires" occurs when accessing by localhost (#41)
To support subdomain cookies, an extra "." is added to the domain when setting the cookies.
However, this strategy fails on "localhost", because browsers do not recognize ".localhost".
So I add a check for this so that "localhost" is used as the cookie domain in this case.
2019-06-11 10:27:22 +08:00
Masco Skray
923e1e61f8 fix(uoj/1/app/models): session issue caused by wrong cookie domain
After we changed the detection of the real httpHost value, the token check will fail when register.
A long time ago we just simply added "Session_Start();" at the beginning of uoj/1/app/index.php.
It temporally solved the problem but caused another series of issues that we can't see outside.
There is also a session_start() when executing Session::init() at importing app/libs/uoj-lib.php.
So, when we add one more "Session_Start();" it will execute this one more time, just cause warning:
> session_name(): Cannot change session name when session is active
> PHP Warning:  ini_set(): A session is active. You cannot change the session module's ini settings at this time
And, the session name and session path, session domain will not be set so may cause other problems.
The reason is that using UOJContext::httpHost() as web hostname when default, it will add the port at the end.
When using IP the validateIP() will return false, or using domain with port the cookie domain will be set wrongly.
As a result the register process throws out the "Expired" error and refuses to register, and other uses token will fail too.
We made it cut out the port when setting cookie domain, and also changed the style of UOJContext::httpHost() to make it easier to read.
With this problem known and solved the "Session_Start();" in index.php will also say bye-bye, and there will be no multiple session_start()s.

NOTICE: If you have set all your information to yours in .config.php, and not using address with port other than 80, you may not face this problem.
But the warning of php will consistently shown in the error log file. So kick the annoying warning information out if you are angry with this ;-)
2018-10-11 18:46:58 +08:00
vfleaking
4d2b0735dc update: fetch commits from upstream
Update from vfleaking/uoj upstream, commit aa8a85c - 9f1302c.
Because of this repo's modify, also with the adaption of community version.
2018-09-20 19:34:38 +08:00
vfleaking
82ad3efce2 Initial commit 2018-09-20 17:21:40 +08:00