6.0.0-beta1
7/7/25

[#1302] incorrect cookie expiration times
Summary incorrect cookie expiration times
Queue Horde Base
Queue Version 3.0.2
Type Bug
State Resolved
Priority 2. Medium
Owners Horde Developers (at)
Requester m.zdila (at) episoftware (dot) com
Created 02/03/2005 (7459 days ago)
Due
Updated 04/02/2005 (7401 days ago)
Assigned 04/02/2005 (7401 days ago)
Resolved 04/02/2005 (7401 days ago)
Github Issue Link
Github Pull Request
Milestone
Patch No

History
04/02/2005 05:40:09 AM Chuck Hagenbuch Comment #4
State ⇒ Resolved
Reply to this comment
Okay, this should be correct in Horde 3.0.5.
04/02/2005 05:26:39 AM Chuck Hagenbuch Assigned to Horde DevelopersHorde Developers
 
04/02/2005 05:26:19 AM Chuck Hagenbuch Comment #3
State ⇒ Assigned
Priority ⇒ 2. Medium
Reply to this comment
This wasn't the right fix; we use the timeout value elsewhere when it 
*is* relative. Reopening.
02/03/2005 04:39:58 PM Jan Schneider Comment #2
State ⇒ Resolved
Reply to this comment
We don't say anywhere that the value entered there is the expiration 
interval. Instead we even point to the setcookie() documentation 
explicitely.



OTOH it doesn't make sense to enter a fixed value (integer) here, 
because you most likely want to always have a dynamic value there. 
Thus I changed the configuration type so that you now can enter PHP 
code there.
02/03/2005 02:14:22 PM m (dot) zdila (at) episoftware (dot) com Comment #1
State ⇒ Unconfirmed
Priority ⇒ 3. High
Type ⇒ Bug
Summary ⇒ incorrect cookie expiration times
Queue ⇒ Horde Base
Reply to this comment
In the file lib/Horde/Secret.php you use many times:



@setcookie($keyname . '_key', $key, $conf['session']['timeout'], 
$conf['cookie']['path'], $conf['cookie']['domain'], $conf

['use_ssl'] == 1 ? 1 : 0);



But the setcookie function expect absolute time of cookie expiration, 
not relative. Therefore the correct form should be:



@setcookie($keyname . '_key', $conf['session']['timeout'] == 0 ? 0 : 
$key, time() + $conf['session']['timeout'], $conf['cookie']['path'], 
$conf['cookie']['domain'], $conf

['use_ssl'] == 1 ? 1 : 0);



Am I right? I lost about 5 hours :-/ to find a problem why the IMP 
application forever reloads when I use cookies. Only MSIE worked (it 
kept the cookie with the time in the past).

Saved Queries