2011-03-07, 00:41:06
To make my point clearer, take a look at these codes:
and this:
while in kill_cookie, we have:
See my point?
Quote:function create_cookie() {
.....
global $cookie_name;
$saltUSR = $USR.$SALT;
$saltCOOKIE = $cookie_name.$SALT;
if ( defined('GSCOOKIEISSITEWIDE') && (GSCOOKIEISSITEWIDE == TRUE) ) {
setcookie($saltCOOKIE, sha1($saltUSR), time() + $cookie_time,'/');
}....
}
and this:
Quote:function cookie_check($cookie_name=FALSE) {
if($cookie_name==FALSE) { // Assume login cookie.
....
$saltCOOKIE = $cookie_name.$SALT;
if(isset($_COOKIE[$saltCOOKIE])&&$_COOKIE[$saltCOOKIE]==sha1($saltUSR)) {
return TRUE; // Cookie proves logged in status.
} else { return FALSE; }
}...
while in kill_cookie, we have:
Quote:function kill_cookie($identifier) {
global $SALT;
$saltCOOKIE = sha1($identifier.$SALT);
if (isset($_COOKIE[$saltCOOKIE])) {
if ( defined('GSCOOKIEISSITEWIDE') && (GSCOOKIEISSITEWIDE == TRUE) ) {
$_COOKIE[$saltCOOKIE] = FALSE;
setcookie($saltCOOKIE, FALSE, time() - 3600,'/');
} else {
$_COOKIE[$saltCOOKIE] = FALSE;
setcookie($saltCOOKIE, FALSE, time() - 3600);
}
}
}
See my point?