$endpos = strlen($_base_href);
}
-$_base_href = substr($_base_href, 0, $endpos);
-$_base_path = substr($_base_href, strlen($server_protocol . $_SERVER['HTTP_HOST']));
+$_base_href = substr($_base_href, 0, $endpos);
+$_base_path = $_session_path = substr($_base_href, strlen($server_protocol . $_SERVER['HTTP_HOST']));
+
+// $_session_path is used to attach the session ID on @ see include/vitals.inc.php - session_set_cookie_params()
+// $_session_path is ATutor installation path, which is not captured by $_base_path in the case that the sent-in
+// URL ends with '/'.
+if (substr($_SERVER['PHP_SELF'], -1) == '/') {
+ $_session_path = substr($_base_path, 0, strrpos(substr($_base_path, 0, -1), '/') + 1);
+}
define('AT_BASE_HREF', $_base_href);
if (!defined('AT_INCLUDE_PATH')) { exit; }
-define('AT_DEVEL', 0);
+define('AT_DEVEL', 1);
define('AT_ERROR_REPORTING', E_ALL ^ E_NOTICE); // default is E_ALL ^ E_NOTICE, use E_ALL or E_ALL + E_STRICT for developing
define('AT_DEVEL_TRANSLATE', 0);
***/
/**** 0. start system configuration options block ****/
+ //set the timezone, php 5.3+ problem. http://atutor.ca/atutor/mantis/view.php?id=4409
+ date_default_timezone_set('UTC');
+
error_reporting(0);
if (!defined('AT_REDIRECT_LOADED')){
include_once(AT_INCLUDE_PATH.'config.inc.php');
? false
: true;
ob_start();
- session_set_cookie_params(0, $_base_path, "", $isHttps);
+ session_set_cookie_params(0, $_session_path, "", $isHttps);
session_start();
// Regenerate session id at every page refresh to prevent CSRF
$_config['home_defaults'] .= (isset($_config['home_defaults_2']) ? $_config['home_defaults_2'] : '');
$_config['main_defaults'] .= (isset($_config['main_defaults_2']) ? $_config['main_defaults_2'] : '');
-//set the timezone, php 5.3+ problem. http://atutor.ca/atutor/mantis/view.php?id=4409
-date_default_timezone_set('UTC');
-
if ($_config['time_zone']) {
//$sql = "SET time_zone='{$_config['time_zone']}'";
//mysql_query($sql, $db);
}
}
-$_SESSION['session_test'] = TRUE;
-
if (isset($_SESSION['member_id'])) {
$sql = "DELETE FROM ".TABLE_PREFIX."users_online WHERE member_id=$_SESSION[member_id]";
$result = @mysql_query($sql, $db);
unset($_SESSION['prefs']);
unset($_SESSION['dd_question_ids']);
unset($_SESSION['flash']);
+unset($_SESSION['userAgent']);
+unset($_SESSION['IPaddress']);
+unset($_SESSION['OBSOLETE']);
+unset($_SESSION['EXPIRES']);
+unset($_SESSION['token']);
$msg->addFeedback('LOGOUT');
header('Location: login.php');