[TYPO3-core] RFC: #10266: Bugfix: No user authentication for >1 TYPO3 installation under one domain
Marcus Krause
marcus#exp2009 at t3sec.info
Sun Mar 22 09:41:15 CET 2009
Oliver Hader schrieb am 03/21/2009 03:29 PM Uhr:
> Hi Marcus,
>
> Marcus Krause schrieb:
>> Hi,
>>
>> This is SVN patch request.
>>
>> Type: Bugfix
>>
>> Bugtracker references:
>> http://bugs.typo3.org/view.php?id=10266
>
> +1 on reading with the addition to misc/phpcheck/incfile.php Christian
> pointed out.
Attached is v3 which implements Benjamin's suggestion to apply the
result directly to variable $retVal.
@existing cookies:
The client (browser) does not send the cookie path along with the cookie
values. So, the server won't notice any change due to this bugfix for
existing sessions.
For new ones, the new path is then limited to a sub-directory of a host
if necessary. I don't see any possible problems here.
> However, the test-case is a bit weak... It just tells if the result is
> not empty and has slashes - but it's important that sessions really work
> with the path that is expected...
The test is covering only one case of t3lib_div::getIndpEnv() but should
be fine.
Regarding session behavior at all:
If it's broken, you won't probably mind of unit tests as you are unable
to execute tests at all, at least in the backend.
Nonetheless, if there are suggestions for session behaviour unit tests,
don't hesitate to post them here. However, I personally don't like to
put any further efforts into this issue.
Marcus.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 10266_v3.diff
Type: text/x-diff
Size: 6265 bytes
Desc: not available
Url : http://lists.netfielders.de/pipermail/typo3-team-core/attachments/20090322/7451dcce/attachment.diff
More information about the TYPO3-team-core
mailing list