diff --git a/workflow/engine/methods/login/authentication.php b/workflow/engine/methods/login/authentication.php index 1e74266b2..12e72498b 100644 --- a/workflow/engine/methods/login/authentication.php +++ b/workflow/engine/methods/login/authentication.php @@ -16,7 +16,7 @@ try { } if (!$RBAC->singleSignOn) { - setcookie("singleSignOn", '0', time() + (24 * 60 * 60), '/'); + setcookie("singleSignOn", '0', time() + (24 * 60 * 60), '/', '', G::is_https()); if (!isset($_POST['form']) ) { G::SendTemporalMessage ('ID_USER_HAVENT_RIGHTS_SYSTEM', 'error'); G::header('Location: login'); @@ -181,7 +181,7 @@ try { EnterpriseClass::enterpriseSystemUpdate($loginInfo); initUserSession($uid, $usr); } else { - setcookie("singleSignOn", '1', time() + (24 * 60 * 60), '/'); + setcookie("singleSignOn", '1', time() + (24 * 60 * 60), '/', '', G::is_https()); $uid = $RBAC->userObj->fields['USR_UID']; $usr = $RBAC->userObj->fields['USR_USERNAME']; initUserSession($uid, $usr); @@ -416,7 +416,7 @@ try { $configS = System::getSystemConfiguration('', '', config("system.workspace")); $activeSession = isset($configS['session_block']) ? !(int)$configS['session_block']:true; if ($activeSession){ - setcookie("PM-TabPrimary", 101010010, time() + (24 * 60 * 60), '/'); + setcookie("PM-TabPrimary", 101010010, time() + (24 * 60 * 60), '/', '', G::is_https()); } // Update the User's last login date diff --git a/workflow/engine/methods/login/authenticationSso.php b/workflow/engine/methods/login/authenticationSso.php index 10a7b3c14..e1750c3f8 100644 --- a/workflow/engine/methods/login/authenticationSso.php +++ b/workflow/engine/methods/login/authenticationSso.php @@ -82,7 +82,7 @@ try { } /*----------------------------------********---------------------------------*/ - setcookie('singleSignOn', '1', time() + (24 * 60 * 60), '/'); + setcookie('singleSignOn', '1', time() + (24 * 60 * 60), '/', '', G::is_https()); initUserSession( $_SESSION['__USER_LOGGED_SSO__'], diff --git a/workflow/engine/methods/login/login.php b/workflow/engine/methods/login/login.php index e30db7ac5..fe11e77c7 100644 --- a/workflow/engine/methods/login/login.php +++ b/workflow/engine/methods/login/login.php @@ -182,11 +182,7 @@ if (isset($_SESSION['USER_LOGGED'])) { session_start(); session_regenerate_id(); -if (PHP_VERSION < 5.2) { - setcookie("workspaceSkin", SYS_SKIN, time() + (24 * 60 * 60), "/sys" . config("system.workspace"), "; HttpOnly"); -} else { - setcookie("workspaceSkin", SYS_SKIN, time() + (24 * 60 * 60), "/sys" . config("system.workspace"), null, false, true); -} +setcookie("workspaceSkin", SYS_SKIN, time() + (24 * 60 * 60), "/sys" . config("system.workspace"), null, G::is_https(), true); if (strlen($msg) > 0) { $_SESSION['G_MESSAGE'] = $msg; @@ -323,14 +319,14 @@ $flagForgotPassword = isset($oConf->aConfig['login_enableForgotPassword']) ? $oConf->aConfig['login_enableForgotPassword'] : 'off'; -setcookie('PM-Warning', trim(G::LoadTranslation('ID_BLOCKER_MSG'), '*'), time() + (24 * 60 * 60), SYS_URI); +setcookie('PM-Warning', trim(G::LoadTranslation('ID_BLOCKER_MSG'), '*'), time() + (24 * 60 * 60), SYS_URI, '', G::is_https()); $configS = System::getSystemConfiguration('', '', config("system.workspace")); $activeSession = isset($configS['session_block']) ? !(int)$configS['session_block'] : true; if ($activeSession) { - setcookie("PM-TabPrimary", 101010010, time() + (24 * 60 * 60), '/'); + setcookie("PM-TabPrimary", 101010010, time() + (24 * 60 * 60), '/', '', G::is_https()); } else { - setcookie("PM-TabPrimary", uniqid(), time() + (24 * 60 * 60), '/'); + setcookie("PM-TabPrimary", uniqid(), time() + (24 * 60 * 60), '/', '', G::is_https()); } $oHeadPublisher->addScriptCode("var flagForgotPassword = '$flagForgotPassword';"); diff --git a/workflow/engine/methods/login/sysLogin.php b/workflow/engine/methods/login/sysLogin.php index ff86c8520..a51dd038e 100644 --- a/workflow/engine/methods/login/sysLogin.php +++ b/workflow/engine/methods/login/sysLogin.php @@ -169,8 +169,8 @@ switch (WS_IN_LOGIN) { $fileLogin = 'login/sysLogin'; break; } -setcookie("PM-Warning", trim(G::LoadTranslation('ID_BLOCKER_MSG'), '*'), time() + (24 * 60 * 60), SYS_CURRENT_URI); -setcookie("PM-TabPrimary", uniqid(), time() + (24 * 60 * 60), '/'); +setcookie("PM-Warning", trim(G::LoadTranslation('ID_BLOCKER_MSG'), '*'), time() + (24 * 60 * 60), SYS_CURRENT_URI, '', G::is_https()); +setcookie("PM-TabPrimary", uniqid(), time() + (24 * 60 * 60), '/', '', G::is_https()); $oHeadPublisher = headPublisher::getSingleton(); $oHeadPublisher->addScriptFile('/jscore/src/PM.js'); $oHeadPublisher->addScriptFile('/jscore/src/Sessions.js'); diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Light.php b/workflow/engine/src/ProcessMaker/BusinessModel/Light.php index 84c169b05..b6cdbf47a 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/Light.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/Light.php @@ -874,7 +874,7 @@ class Light session_start(); session_regenerate_id(); - setcookie("workspaceSkin", SYS_SKIN, time() + (24 * 60 * 60), "/sys" . config("system.workspace"), null, false, + setcookie("workspaceSkin", SYS_SKIN, time() + (24 * 60 * 60), "/sys" . config("system.workspace"), null, G::is_https(), true); if (strlen($msg) > 0) { diff --git a/workflow/public_html/pmGmail/sso.php b/workflow/public_html/pmGmail/sso.php index 03da58904..f98d5cde1 100644 --- a/workflow/public_html/pmGmail/sso.php +++ b/workflow/public_html/pmGmail/sso.php @@ -98,11 +98,7 @@ if (!isset($_SESSION['USER_LOGGED']) || $_SESSION['USER_LOGGED'] != $decodedResp session_start(); session_regenerate_id(); - if (PHP_VERSION < 5.2) { - setcookie("workspaceSkin", $enviroment, time() + (24 * 60 * 60), "/sys" . $enviroment, "; HttpOnly"); - } else { - setcookie("workspaceSkin", $enviroment, time() + (24 * 60 * 60), "/sys" . $enviroment, null, false, true); - } + setcookie("workspaceSkin", $enviroment, time() + (24 * 60 * 60), "/sys" . $enviroment, null, G::is_https(), true); $_SESSION = array(); $_SESSION['__EE_INSTALLATION__'] = 2;