From 8a0702074adb2ca2fac3ea814926a833b8041ea0 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Fri, 18 Sep 2020 02:02:45 +0200 Subject: [PATCH 1/2] FIX Yogosha report 4465 (backport) --- htdocs/core/lib/security2.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/security2.lib.php b/htdocs/core/lib/security2.lib.php index 0e0d4a37946..475b6b4c083 100644 --- a/htdocs/core/lib/security2.lib.php +++ b/htdocs/core/lib/security2.lib.php @@ -187,7 +187,7 @@ if (! function_exists('dol_loginfunction')) // Set cookie for timeout management $prefix=dol_getprefix(''); $sessiontimeout='DOLSESSTIMEOUT_'.$prefix; - if (! empty($conf->global->MAIN_SESSION_TIMEOUT)) setcookie($sessiontimeout, $conf->global->MAIN_SESSION_TIMEOUT, 0, "/", null, false, true); + if (! empty($conf->global->MAIN_SESSION_TIMEOUT)) setcookie($sessiontimeout, $conf->global->MAIN_SESSION_TIMEOUT, 0, "/", null, (empty($dolibarr_main_force_https) ? false : true), true); if (GETPOST('urlfrom', 'alpha')) $_SESSION["urlfrom"]=GETPOST('urlfrom', 'alpha'); else unset($_SESSION["urlfrom"]); From df28a2844fcc6c6299b7532584eb3174b9793420 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Fri, 18 Sep 2020 02:07:44 +0200 Subject: [PATCH 2/2] Fix missing global --- htdocs/core/lib/security2.lib.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/lib/security2.lib.php b/htdocs/core/lib/security2.lib.php index 475b6b4c083..82110197a40 100644 --- a/htdocs/core/lib/security2.lib.php +++ b/htdocs/core/lib/security2.lib.php @@ -131,8 +131,8 @@ if (! function_exists('dol_loginfunction')) */ function dol_loginfunction($langs, $conf, $mysoc) { - global $dolibarr_main_demo, $db; - global $hookmanager; + global $dolibarr_main_demo, $dolibarr_main_force_https; + global $db, $hookmanager; $langs->loadLangs(array("main","other","help","admin"));