diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/cookies.pm | 5 | ||||
| -rw-r--r-- | lib/forms.pm | 2 | ||||
| -rw-r--r-- | lib/privacy.pm | 4 | ||||
| -rw-r--r-- | lib/session.pm | 8 |
4 files changed, 10 insertions, 9 deletions
diff --git a/lib/cookies.pm b/lib/cookies.pm index 559e80a..23e560b 100644 --- a/lib/cookies.pm +++ b/lib/cookies.pm @@ -30,8 +30,9 @@ sub setCookie print "Set-Cookie: "; print $name, "=", $value, "; "; if ($date) { print "expires=$date; "; } -# print "path=", $path, "; domain=", $domain, "; secure\n"; - print "path=", $path, "; domain=", $domain, "\n"; + # use first line to force HTTPS + print "path=", $path, "; domain=", $domain, "; secure\n"; +# print "path=", $path, "; domain=", $domain, "\n"; } diff --git a/lib/forms.pm b/lib/forms.pm index 52c6415..5f31368 100644 --- a/lib/forms.pm +++ b/lib/forms.pm @@ -817,7 +817,7 @@ FORMEND sub login_form { my $uri = ''; - print qq{<form action="http://$BUCKY_HOST$BUCKY/login" method="post" enctype="multipart/form-data" name="lf">\n}; + print qq{<form action="https://$BUCKY_HOST$BUCKY/login" method="post" enctype="multipart/form-data" name="lf">\n}; if ($input->{redir} =~ /\?/) { diff --git a/lib/privacy.pm b/lib/privacy.pm index fcf3188..c735cf9 100644 --- a/lib/privacy.pm +++ b/lib/privacy.pm @@ -10,8 +10,8 @@ sub check_privacy { return 1; } if (check_key($t->{allowed}, $USER->{id})) { return 1; } - if ($USER->{ulevel} == 3) # A:.H:. - { return 1; } + # if ($USER->{ulevel} == 3) # A:.H:. + # { return 1; } if ($k != -1) { if ($k->{owner} eq $USER->{username}) diff --git a/lib/session.pm b/lib/session.pm index 072c0dc..1ae4a18 100644 --- a/lib/session.pm +++ b/lib/session.pm @@ -119,8 +119,8 @@ sub logout { my $error = shift; my $lender = undef; - # my $s = $ENV{'HTTPS'} eq "on" ? "s" : ""; - my $s = ""; + my $s = $ENV{'HTTPS'} eq "on" ? "s" : ""; + # my $s = ""; setCookie( { name => "name", value => undef, path => "$BUCKY/", domain => $BUCKY_COOKIE_DOMAIN } ); setCookie( { name => "pass", value => undef, path => "$BUCKY/", domain => $BUCKY_COOKIE_DOMAIN } ); @@ -164,8 +164,8 @@ sub nice_redirect sub redirect { my $uri = shift; - # my $s = ($ENV{'HTTPS'} eq "on" || exists($input->{secure})) ? "s" : ""; - my $s = ""; + my $s = ($ENV{'HTTPS'} eq "on" || exists($input->{secure})) ? "s" : ""; + # my $s = ""; print "Location: http$s://$BUCKY_HOST$uri\n\n"; $dbh->disconnect() if (defined($dbh)); exit (0); |