- fixed conflict with cookies of other products (Eugene)

git-svn-id: svn://svn.zabbix.com/trunk@3693 97f52cf1-0a1b-0410-bd0e-c28be96e8082

8 files changed, 131 insertions, 82 deletions

diff --git a/frontends/php/include/config.inc.php b/frontends/php/include/config.inc.php
index b97e12c5..a091b107 100644
--- a/frontends/php/include/config.inc.php
+++ b/frontends/php/include/config.inc.php
@@ -24,6 +24,7 @@ function VDP($var, $msg=null) { echo "DEBUG DUMP: "; if(isset($msg)) echo '"'.$m
 
 ?>
 <?php
+	require_once 	"include/defines.inc.php";
 	require_once 	"include/html.inc.php";
 	require_once	"include/copt.lib.php";
 
@@ -34,14 +35,6 @@ function VDP($var, $msg=null) { echo "DEBUG DUMP: "; if(isset($msg)) echo '"'.$m
 	$USER_RIGHTS	= array();
 // END OF GLOBALS
 
-// if magic quotes on then get rid of them
-	if (get_magic_quotes_gpc()) {
-		$_GET    = zbx_stripslashes($_GET);
-		$_POST	 = zbx_stripslashes($_POST);
-		$_COOKIE = zbx_stripslashes($_COOKIE);
-		$_REQUEST= zbx_stripslashes($_REQUEST);
-	}
-
 // Include Classes
 	require_once("include/classes/ctag.inc.php");
 	require_once("include/classes/cvar.inc.php");
@@ -69,7 +62,6 @@ function VDP($var, $msg=null) { echo "DEBUG DUMP: "; if(isset($msg)) echo '"'.$m
 
 // Include Tactical Overview modules
 
-	require_once 	"include/defines.inc.php";
 	require_once 	"include/locales.inc.php";
 
 	include_once("include/classes/chostsinfo.mod.php");
@@ -160,7 +152,7 @@ function VDP($var, $msg=null) { echo "DEBUG DUMP: "; if(isset($msg)) echo '"'.$m
 
 		if(!defined('ZBX_PAGE_NO_AUTHERIZATION') && ZBX_DISTRIBUTED)
 		{
-			$ZBX_CURNODEID = get_cookie('current_nodeid', $ZBX_LOCALNODEID); // Selected node
+			$ZBX_CURNODEID = get_cookie('zbx_current_nodeid', $ZBX_LOCALNODEID); // Selected node
 			if(isset($_REQUEST['switch_node']))
 			{
 				if($node_data = DBfetch(DBselect("select * from nodes where nodeid=".$_REQUEST['switch_node'])))
@@ -182,7 +174,7 @@ function VDP($var, $msg=null) { echo "DEBUG DUMP: "; if(isset($msg)) echo '"'.$m
 				$ZBX_CURMASTERID = $ZBX_LOCMASTERID;
 			}
 			
-			zbx_setcookie("current_nodeid",$ZBX_CURNODEID);
+			zbx_set_post_cookie('zbx_current_nodeid',$ZBX_CURNODEID);
 		}
 		else
 		{
@@ -1273,13 +1265,6 @@ else
 		return ($var == "" ? 0 : 1);
 	}
 
-	function	get_cookie($name, $default_value)
-	{
-		if(isset($_COOKIE[$name]))	return $_COOKIE[$name];
-		// else
-		return $default_value;
-	}
-	
 	function	get_profile($idx,$default_value,$type=PROFILE_TYPE_UNCNOWN)
 	{
 		global $USER_DETAILS;
@@ -1557,6 +1542,7 @@ else if (document.getElementById)
 
 	function Redirect($url)
 	{
+		zbx_flush_post_cookies();
 ?>
 <script language="JavaScript" type="text/javascript">
 <!--
@@ -1870,20 +1856,97 @@ else if (document.getElementById)
 			ImagePNG($image);
 	}
 
+	/* function:
+	 *      get_cookie
+	 *
+	 * description:
+	 *      return cookie value by name,
+	 *      if cookie is not present return $default_value.
+	 *
+	 * author: Eugene Grigorjev
+	 */
+	function	get_cookie($name, $default_value=null)
+	{
+		global $_COOKIE;
+
+		if(isset($_COOKIE[$name]))	return $_COOKIE[$name];
+		// else
+		return $default_value;
+	}
 
 	/* function:
 	 *      zbx_setcookie
 	 *
 	 * description:
-	 *      set cookies after authorisation.
-	 *      require including of 'include/page_header.php'
+	 *      set cookies.
 	 *
 	 * author: Eugene Grigorjev
 	 */
 	function	zbx_setcookie($name, $value, $time=null)
 	{
-		global $ZBX_PAGE_COOCIES;
+		global $_COOKIE;
+
+		setcookie($name, $value, isset($time) ? $time : (time() + 3600));
+		$_COOKIE[$name] = $value;
+	}
+	
+	/* function:
+	 *      zbx_unsetcookie
+	 *
+	 * description:
+	 *      unset and clear cookies.
+	 *
+	 * author: Eugene Grigorjev
+	 */
+	function	zbx_unsetcookie($name)
+	{
+		global $_COOKIE;
+		
+		setcookie($name, null, time() - 3600);
+		$_COOKIE[$name] = null;
+	}
+	
+	/* function:
+	 *     zbx_flush_post_cookies
+	 *
+	 * description:
+	 *     set posted cookies.
+	 *
+	 * author: Eugene Grigorjev
+	 */
+	function	zbx_flush_post_cookies($unset=false)
+	{
+		global $ZBX_PAGE_COOKIES;
+
+		if(isset($ZBX_PAGE_COOKIES))
+		{
+			foreach($ZBX_PAGE_COOKIES as $cookie)
+			{
+				if($unset)
+					zbx_unsetcookie($cookie[0]);
+				else
+					zbx_setcookie($cookie[0], $cookie[1], $cookie[2]);
+			}
+			unset($ZBX_PAGE_COOKIES);
+		}
+	}
+
+	/* function:
+	 *      zbx_set_post_cookie
+	 *
+	 * description:
+	 *      set cookies after authorisation.
+	 *      require calling 'zbx_flush_post_cookies' function
+	 *	Called from:
+	 *         a) in 'include/page_header.php'
+	 *         b) from 'Redirect()'
+	 *
+	 * author: Eugene Grigorjev
+	 */
+	function	zbx_set_post_cookie($name, $value, $time=null)
+	{
+		global $ZBX_PAGE_COOKIES;
 
-		$ZBX_PAGE_COOCIES[] = array($name, $value, $time);
+		$ZBX_PAGE_COOKIES[] = array($name, $value, isset($time) ? $time : (time() + 3600));
 	}
 ?>
diff --git a/frontends/php/include/defines.inc.php b/frontends/php/include/defines.inc.php
index 08712ad4..f81680b9 100644
--- a/frontends/php/include/defines.inc.php
+++ b/frontends/php/include/defines.inc.php
@@ -292,11 +292,29 @@
 	define("ZBX_NODE_LOCAL",	1);
 	define("ZBX_NODE_MASTER",	2);
 
+	define("BR",	"<br/>\n");
+	define("SPACE",	"&nbsp;");
+	define("RARR",	"&rArr;");
+
+	global $_GET, $_POST, $_COOKIE, $_REQUEST;
+
 /* Support for PHP5. PHP5 does not have $HTTP_..._VARS */
 	if (!function_exists('version_compare'))
 	{
-		$_REQUEST = $HTTP_GET_VARS;
-		$_POST = $HTTP_POST_VARS;
-		$_COOKIE = $HTTP_COOKIE_VARS;
+		$_GET		= $HTTP_GET_VARS;
+		$_POST		= $HTTP_POST_VARS;
+		$_COOKIE	= $HTTP_COOKIE_VARS;
+	}
+
+/* if magic quotes on then get rid of them */
+	if (get_magic_quotes_gpc()) {
+		$_GET    = zbx_stripslashes($_GET);
+		$_POST	 = zbx_stripslashes($_POST);
+		$_COOKIE = zbx_stripslashes($_COOKIE);
 	}
+
+/* init $_REQUEST */
+	ini_set('variables_order', 'GP');
+	$_REQUEST = $_POST + $_GET;
+
 ?>
diff --git a/frontends/php/include/html.inc.php b/frontends/php/include/html.inc.php
index 66b5a741..bcebb5a8 100644
--- a/frontends/php/include/html.inc.php
+++ b/frontends/php/include/html.inc.php
@@ -19,10 +19,6 @@
 **/
 ?>
 <?php
-	define("BR","<br/>\n");
-	define("SPACE","&nbsp;");
-	define("RARR","&rArr;");
-
 	function	bold($str)
 	{
 		if(is_array($str)){
diff --git a/frontends/php/include/page_header.php b/frontends/php/include/page_header.php
index 63b31928..5a7a3b75 100644
--- a/frontends/php/include/page_header.php
+++ b/frontends/php/include/page_header.php
@@ -315,18 +315,7 @@ COpt::profiling_start("page");
 		$denyed_page_requested = true;
 	}
 
-	if(isset($denyed_page_requested))	$unset_cookie = time() - 3600;
-
-	global $ZBX_PAGE_COOCIES;
-
-	if(isset($ZBX_PAGE_COOCIES))
-	{
-		foreach($ZBX_PAGE_COOCIES as $coockie)
-		{
-			setcookie($coockie[0], $coockie[1], isset($unset_cookie) ? $unset_cookie : $coockie[2]);
-		}
-		unset($ZBX_PAGE_COOCIES);
-	}
+	zbx_flush_post_cookies(isset($denyed_page_requested));
 
 	if($page["type"] == PAGE_TYPE_HTML)
 	{
diff --git a/frontends/php/include/perm.inc.php b/frontends/php/include/perm.inc.php
index 3aaa1160..69fd38e8 100644
--- a/frontends/php/include/perm.inc.php
+++ b/frontends/php/include/perm.inc.php
@@ -42,29 +42,29 @@
 		global	$page;
 		global	$PHP_AUTH_USER,$PHP_AUTH_PW;
 		global	$USER_DETAILS;
-		global	$_COOKIE;
 		global	$_REQUEST;
 		global	$ZBX_LOCALNODEID;
 
 		$USER_DETAILS = NULL;
-		if(isset($_COOKIE["sessionid"]))
+		
+		$sessionid = get_cookie("zbx_sessionid");
+		
+		if(isset($sessionid))
 		{
-			$sessionid = $_COOKIE["sessionid"];
 			if(!($USER_DETAILS = DBfetch(DBselect("select u.*,s.* from sessions s,users u".
 				" where s.sessionid=".zbx_dbstr($sessionid)." and s.userid=u.userid".
 				" and ((s.lastaccess+u.autologout>".time().") or (u.autologout=0))".
 				" and ".DBid2nodeid('u.userid')." = ".$ZBX_LOCALNODEID))))
 			{
-				setcookie("sessionid",$sessionid,time()-3600); /* NOTE: don't use zbx_setcookie */
+				zbx_unsetcookie('zbx_sessionid');
 				DBexecute("delete from sessions where sessionid=".zbx_dbstr($sessionid));
-				unset($_COOKIE["sessionid"]);
 				unset($sessionid);
 
 				$incorrect_session = true;
 			}
 			else
 			{
-				setcookie("sessionid",$sessionid,time()+3600); /* NOTE: don't use zbx_setcookie */
+				zbx_setcookie("zbx_sessionid",$sessionid);
 				DBexecute("update sessions set lastaccess=".time()." where sessionid=".zbx_dbstr($sessionid));
 			}
 		}
diff --git a/frontends/php/index.php b/frontends/php/index.php
index 26940b62..48588ae8 100644
--- a/frontends/php/index.php
+++ b/frontends/php/index.php
@@ -41,13 +41,15 @@
 	check_fields($fields);
 ?>
 <?php
-	if(isset($_REQUEST["reconnect"]) && isset($_COOKIE["sessionid"]))
+	$sessionid = get_cookie('zbx_sessionid', null);
+	
+	if(isset($_REQUEST["reconnect"]) && isset($sessionid))
 	{
 		add_audit(AUDIT_ACTION_LOGOUT,AUDIT_RESOURCE_USER,"Manual Logout");
 		
-		DBexecute("delete from sessions where sessionid=".zbx_dbstr($_COOKIE["sessionid"]));
-		setcookie("sessionid",$_COOKIE["sessionid"],time()-3600); /* NOTE: don't use zbx_setcookie */
-		unset($_COOKIE["sessionid"]);
+		zbx_unsetcookie('zbx_sessionid');
+		DBexecute("delete from sessions where sessionid=".zbx_dbstr($sessionid));
+		unset($sessionid);
 
 		Redirect("index.php");
 		return;
@@ -65,8 +67,7 @@
 		if($row)
 		{
 			$sessionid = md5(time().$password.$name.rand(0,10000000));
-			setcookie("sessionid",$sessionid,time()+3600); /* NOTE: don't use zbx_setcookie */
-			$_COOKIE["sessionid"]	= $sessionid;	/* Required ! */
+			zbx_setcookie('zbx_sessionid',$sessionid);
 			
 			DBexecute("insert into sessions (sessionid,userid,lastaccess)".
 				" values (".zbx_dbstr($sessionid).",".$row["userid"].",".time().")");
@@ -91,7 +92,7 @@ include_once "include/page_header.php";
 	if(isset($_REQUEST['message'])) show_error_message($_REQUEST['message']);
 ?>
 <?php
-	if(!isset($_COOKIE["sessionid"]))
+	if(!isset($sessionid))
 	{
 		insert_login_form();
 	}
diff --git a/frontends/php/setup.php b/frontends/php/setup.php
index 2de96d18..c99e5b4e 100644
--- a/frontends/php/setup.php
+++ b/frontends/php/setup.php
@@ -61,21 +61,16 @@
 	check_fields($fields, false);
 ?>
 <?php
-	global $ZBX_CONFIG, $_COOKIE;
-
-	$ZBX_CONFIG = array();
+	global $ZBX_CONFIG;
 
 	if(isset($_REQUEST['cancel']) || isset($_REQUEST['finish']))
 	{
-		setcookie('ZBX_CONFIG', null, time()-3600); /* NOTE: don't use zbx_setcookie */
-		unset($_COOKIE['ZBX_CONFIG']);
+		zbx_unsetcookie('ZBX_CONFIG');
 		Redirect('index.php');
 	}
 	
-	if(isset($_COOKIE['ZBX_CONFIG']))
-	{
-		$ZBX_CONFIG = unserialize($_COOKIE['ZBX_CONFIG']);
-	}
+	$ZBX_CONFIG = get_cookie('ZBX_CONFIG', null);
+	$ZBX_CONFIG = isset($ZBX_CONFIG) ? unserialize($ZBX_CONFIG) : array();
 
 	if(!isset($ZBX_CONFIG['step'])) $ZBX_CONFIG['step'] = 0;
 	if(!isset($ZBX_CONFIG['agree'])) $ZBX_CONFIG['agree'] = false;
@@ -110,7 +105,7 @@
 
 	$ZBX_SETUP_WIZARD = new CSetupWizard($ZBX_CONFIG);
 
-	zbx_setcookie('ZBX_CONFIG', serialize($ZBX_CONFIG), time()+3600);
+	zbx_set_post_cookie('ZBX_CONFIG', serialize($ZBX_CONFIG));
 
 include_once "include/page_header.php";
 
diff --git a/frontends/php/tr_status.php b/frontends/php/tr_status.php
index 727d33ca..c632d418 100644
--- a/frontends/php/tr_status.php
+++ b/frontends/php/tr_status.php
@@ -29,30 +29,17 @@
 
 ?>
 <?php
-	$tr_hash=calc_trigger_hash();
+	$tr_hash = calc_trigger_hash();
 
-	if(!isset($_COOKIE["triggers_hash"]))
-	{
-		$triggers_hash="0,0";
-	}
-	else
-	{
-		$triggers_hash=$_COOKIE["triggers_hash"];
-	}
+	$triggers_hash = get_cookie('zbx_triggers_hash', '0,0');
 
 	$new=explode(",",$tr_hash);
 	$old=explode(",",$triggers_hash);
-	zbx_setcookie("triggers_hash",$tr_hash,time()+1800);
 
-	if(!isset($_COOKIE["triggers_hash"]))
-	{
-		$triggers_hash="0,0";
-	}
-	else
-	{
-		$triggers_hash=$_COOKIE["triggers_hash"];
-	}
+	zbx_set_post_cookie("zbx_triggers_hash",$tr_hash,time()+1800);
 
+	$triggers_hash = get_cookie('zbx_triggers_hash', '0,0');
+	
 	$new=explode(",",$tr_hash);
 	$old=explode(",",$triggers_hash);