[interchange-cvs] interchange - jon modified lib/Vend/Config.pm
interchange-cvs at icdevgroup.org
interchange-cvs at icdevgroup.org
Thu Apr 7 21:42:52 EDT 2005
User: jon
Date: 2005-04-08 01:42:52 GMT
Modified: lib/Vend Config.pm
Log:
When using mv_force_session argument, avoid confusing situation for user
if he was logged out on one site, and goes to another site and gets logged
in automatically by a cookie. (This makes sense given the primary use of
mv_force_session to have one session span multiple domains, and thus need
to work around cookies' visibility in one domain only.)
Revision Changes Path
2.159 +9 -2 interchange/lib/Vend/Config.pm
rev 2.159, prev_rev 2.158
Index: Config.pm
===================================================================
RCS file: /var/cvs/interchange/lib/Vend/Config.pm,v
retrieving revision 2.158
retrieving revision 2.159
diff -u -u -r2.158 -r2.159
--- Config.pm 7 Apr 2005 22:51:33 -0000 2.158
+++ Config.pm 8 Apr 2005 01:42:52 -0000 2.159
@@ -1,6 +1,6 @@
# Vend::Config - Configure Interchange
#
-# $Id: Config.pm,v 2.158 2005/04/07 22:51:33 jon Exp $
+# $Id: Config.pm,v 2.159 2005/04/08 01:42:52 jon Exp $
#
# Copyright (C) 2002-2003 Interchange Development Group
# Copyright (C) 1996-2002 Red Hat, Inc.
@@ -49,7 +49,7 @@
use Vend::File;
use Vend::Data;
-$VERSION = substr(q$Revision: 2.158 $, 10);
+$VERSION = substr(q$Revision: 2.159 $, 10);
my %CDname;
my %CPname;
@@ -2371,6 +2371,13 @@
#::logDebug("Doing CookieLogin dispatch....");
if(! $Vend::Session->{logged_in}) {
COOKIELOGIN: {
+ # Clear password cookie and don't allow automatic login
+ # if mv_force_session is overriding the session cookie,
+ # since user may be coming from a sister site where he
+ # was logged out.
+ (Vend::Util::read_cookie('MV_PASSWORD')
+ and Vend::Util::set_cookie('MV_PASSWORD')), last COOKIELOGIN
+ if $CGI::values{mv_force_session};
my $username;
my $password;
last COOKIELOGIN
More information about the interchange-cvs
mailing list