From 865f6198e8f6e4750f6f8e4bf6e05e6579803e3d Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Fri, 8 May 2009 19:46:07 +0000 Subject: [PATCH] Add: /core/cookie.class.php for create and encrypt/decrypt cookie value with personnal key configured in conf.php with $dolibarr_main_cookie_cryptkey --- htdocs/main.inc.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 77cdf6af198..3657a9854ac 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -438,11 +438,17 @@ if (! isset($_SESSION["dol_login"])) // TODO Remove this as it is a security hole if ($conf->multicompany->enabled && isset($_POST["entity"])) { + include_once(DOL_DOCUMENT_ROOT . "/core/cookie.class.php"); + $entity = $_POST["entity"]; $entityCookieName = "DOLENTITYID_dolibarr"; + if (!isset($HTTP_COOKIE_VARS[$entityCookieName])) { - setcookie($entityCookieName, $entity, 0, "/", "", 0); + $entityCookie = new DolCookie($dolibarr_main_cookie_cryptkey); + $entityCookie->_setCookie($entityCookieName, $_POST["entity"]); + + //setcookie($entityCookieName, $entity, 0, "/", "", 0); } }