Opps, domain detection is wrong

diff --git a/inc/config.php b/inc/config.php
index 817609c98c8e3d47d6e6841c7712873dce679991..a5b19d4e54ef88a44102d957938911ee74d1ca30 100644 (file)
--- a/inc/config.php
+++ b/inc/config.php
@@ -228,7 +228,7 @@ $cfg->setConfigEntry('cookie_expire', 60*60*24*2); // Two hours!
 $cfg->setConfigEntry('cookie_path', dirname($_SERVER['SCRIPT_NAME']) . "/");
 
 // CFG: COOKIE-DOMAIN
-$cfg->setConfigEntry('cookie_domain', $cfg->readConfig('base_url')); // Is mostly the same...
+$cfg->setConfigEntry('cookie_domain', $cfg->detectDomain()); // Is mostly the same...
 
 // CFG: COOKIE-SSL
 $cfg->setConfigEntry('cookie_ssl', (isset($_SERVER['HTTPS'])));

diff --git a/inc/config/class_FrameworkConfiguration.php b/inc/config/class_FrameworkConfiguration.php
index 5e9b87ef93ff72aa00d7a03d858522c1f07183b4..794925dd1e590fdde9868c4485dbb7c5e117c490 100644 (file)
--- a/inc/config/class_FrameworkConfiguration.php
+++ b/inc/config/class_FrameworkConfiguration.php
@@ -278,11 +278,24 @@ class FrameworkConfiguration implements Registerable {
                } // END - if
 
                // Construct the full URL now and secure it against CSRF attacks
-               $baseUrl = $baseUrl . "://" . htmlentities(strip_tags($_SERVER['SERVER_NAME']), ENT_QUOTES) . dirname($_SERVER['SCRIPT_NAME']);
+               $baseUrl = $baseUrl . "://" . $this->detectDomain() . dirname($_SERVER['SCRIPT_NAME']);
 
                // Return the URL
                return $baseUrl;
        }
+
+       /**
+        * Detect safely and return the full domain where this script is installed
+        *
+        * @return      $fullDomain             The detected full domain
+        */
+       public function detectDomain () {
+               // Detect the full domain
+               $fullDomain = htmlentities(strip_tags($_SERVER['SERVER_NAME']), ENT_QUOTES);
+
+               // Return it
+               return $fullDomain;
+       }
 } // END - class
 
 // [EOF]