From: Nik Okuntseff <support@anuko.com>
Date: Wed, 13 Feb 2019 22:59:26 +0000 (+0000)
Subject: Removed unreliable PHP session path check, added cookies check instead.
X-Git-Tag: timetracker_1.19-1~337
X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=16e71d9c6e94475534579b79a53f7c2ee0de4192;p=timetracker.git

Removed unreliable PHP session path check, added cookies check instead.
---

diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl
index 090e872b..d99e7789 100644
--- a/WEB-INF/templates/footer.tpl
+++ b/WEB-INF/templates/footer.tpl
@@ -12,7 +12,7 @@
       <br>
       <table cellspacing="0" cellpadding="4" width="100%" border="0">
         <tr>
-          <td align="center">&nbsp;Anuko Time Tracker 1.18.37.4717 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+          <td align="center">&nbsp;Anuko Time Tracker 1.18.37.4718 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
             <a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
             <a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
             <a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>
diff --git a/dbinstall.php b/dbinstall.php
index d1b67d89..a8c0d0b2 100644
--- a/dbinstall.php
+++ b/dbinstall.php
@@ -50,6 +50,16 @@ function ttExecute($sql) {
 if ($request->isGet()) {
   echo('<h2>Environment Checks</h2>');
 
+  // Determine if cookies are enabled in browser.
+  // session_start(); // already called in initialize.php.
+  $session_id1 = session_id();
+  session_destroy();
+  session_start();
+  $session_id2 = session_id();
+  if ($session_id1 != $session_id2) {
+    echo('<font color="red">Error: browser cookies are off.</font><br>');
+  }
+
   // Check if WEB-INF/templates_c dir is writable.
   if (is_writable(APP_DIR.'/WEB-INF/templates_c/')) {
     echo('WEB-INF/templates_c/ directory is writable.<br>');
@@ -92,11 +102,6 @@ if ($request->isGet()) {
     echo('<font color="red">Error: PHP version is not high enough: '.phpversion().'. Required: '.$required_version.'.</font><br>');
   }
 
-  // Check if PHP session path is writeable.
-  if (!is_writable(session_save_path())) {
-    echo('<font color="red">Error: PHP session path '.session_save_path().' is not writable.</font><br>');
-  }
-
   // Depending on DSN, require either mysqli or mysql extensions.
   if (strrpos(DSN, 'mysqli://', -strlen(DSN)) !== FALSE) {
     if (extension_loaded('mysqli')) {