From 8c18415ccb3d32db6e89ea00275425cc69793908 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Thu, 31 Oct 2019 12:21:35 +0100
Subject: [inc/Util] Add method to agressively unset a cookie

This tries to work around problems with the cookie path
and trailing slashes.
---
 inc/dictionary.inc.php |  3 ++-
 inc/session.inc.php    |  3 ++-
 inc/util.inc.php       | 20 ++++++++++++++++++++
 3 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/inc/dictionary.inc.php b/inc/dictionary.inc.php
index 935d1f4e..b69007a6 100644
--- a/inc/dictionary.inc.php
+++ b/inc/dictionary.inc.php
@@ -28,7 +28,8 @@ class Dictionary
 		//Changes the language in case there is a request to
 		$lang = Request::get('lang');
 		if ($lang !== false && in_array($lang, self::$languages)) {
-			setcookie('lang', $lang, time() + 60 * 60 * 24 * 30 * 12);
+			Util::clearCookie('lang');
+			setcookie('lang', $lang, time() + 86400 * 30 * 12);
 			$url = Request::get('url');
 			if ($url === false && isset($_SERVER['HTTP_REFERER'])) {
 				$url = $_SERVER['HTTP_REFERER'];
diff --git a/inc/session.inc.php b/inc/session.inc.php
index 24bf6ac0..c08c8c4a 100644
--- a/inc/session.inc.php
+++ b/inc/session.inc.php
@@ -81,7 +81,7 @@ class Session
 
 	public static function deleteCookie()
 	{
-		setcookie('sid', '', time() - 8640000, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
+		Util::clearCookie('sid');
 	}
 	
 	private static function getSessionFile()
@@ -109,6 +109,7 @@ class Session
 		$sessionfile = self::getSessionFile();
 		$ret = @file_put_contents($sessionfile, @serialize(self::$data));
 		if (!$ret) Util::traceError('Storing session data  in ' . $sessionfile . ' failed.');
+		Util::clearCookie('sid');
 		$ret = setcookie('sid', self::$sid, time() + CONFIG_SESSION_TIMEOUT, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
 		if (!$ret) Util::traceError('Error: Could not set Cookie for Client (headers already sent)');
 	}
diff --git a/inc/util.inc.php b/inc/util.inc.php
index c33bbc83..9c9d4e58 100644
--- a/inc/util.inc.php
+++ b/inc/util.inc.php
@@ -534,4 +534,24 @@ SADFACE;
 		return implode(' ', $parts) . ' ' . gmdate($showSecs ? 'H:i:s' : 'H:i', $seconds);
 	}
 
+	/**
+	 * Properly clear a cookie from the user's browser.
+	 * This recursively wipes it from the current script's path. There
+	 * was a weird problem where firefox would keep sending a cookie with
+	 * path /slx-admin/ but trying to delete it from /slx-admin, which php's
+	 * setcookie automatically sends by default, did not clear it.
+	 * @param string $name cookie name
+	 */
+	public static function clearCookie($name)
+	{
+		$parts = explode('/', $_SERVER['SCRIPT_NAME']);
+		$path = '';
+		foreach ($parts as $part) {
+			$path .= $part;
+			setcookie($name, '', 0, $path);
+			$path .= '/';
+			setcookie($name, '', 0, $path);
+		}
+	}
+
 }
-- 
cgit v1.2.3-55-g7522