search

backdrop-contrib / domain

A domain-based access control system for Backdrop CMS
https://backdropcms.org/project/domain
3 stars 5 forks source link

Multiple TLD cookie, with db lookup for domain access #32

Closed izmeez closed 1 week ago

izmeez commented 1 month ago

Just wondering if this needs to be considered for the Backdrop port?

Multiple TLD cookie, with db lookup

For use with Domain access module only.

I got this idea from Multiple top level cookie domains

If you do not wish to modify 'settings.php' each time you add a top level domain with a new $cookie_domain then replace your where 'example.com' is your TLD: ...

$cookie_domain = 'example.com';

with this:

if (isset($_SERVER['HTTP_HOST'])) {
  // remove any sub- subsub- etc domains
  $_srv_host = explode(".", $_SERVER['HTTP_HOST']);
  $srv_host = array_reverse($_srv_host);
  // the following gives example.com with ALL subdomains removed
  $request_host = $srv_host[1] . "." . $srv_host[0]; 
  // now we check against the database
  // do not rewrite link info a second time
  preg_match("/@(.*?)\//", $db_url, $link_host);
  preg_match("/\/\/(.*?):/", $db_url, $link_user);
  preg_match("/[^mysql(i)]:(.*?)@/", $db_url, $link_pass);
  preg_match("/@(.*?)\/(.*?)$/", $db_url, $link_db);
  $link = mysql_connect($link_host[1], $link_user[1], $link_pass[1]);
    if ($link) {
      if (mysql_select_db($link_db[2], $link)) {
        /***********************************************/
    /* no - we are not using {domain} as tablename */
    /* Drupal is not yet loaded - remember?        */
    /*      do not forget to add your table prefix */
    /*      to domain => prefix_domain             */
    /***********************************************/
    $q = "SELECT subdomain, valid FROM domain WHERE subdomain LIKE '%" . $request_host . "' AND valid LIKE '1'";
    $res = mysql_query($q);
      if ($res) { // got answer
        $rows = mysql_num_rows($res);
        // yes, only one row - it's logical Mr. Spock
        if ($rows == 1) {
          $row = mysql_fetch_array($res);
          $cookie_domain = "." . $row['subdomain'];
        } 
                else {
          // we did get 1+ rows which is no-no, use the old settings with TLD
          $cookie_domain = '.example.com';
        }
        }
      }
    } 
        else {
      // we did not get the link, use the old settings with TLD
      $cookie_domain = '.example.com';
    }
    mysql_close($link); // behave
}
izmeez commented 1 week ago

This is related to issue #40

izmeez commented 1 week ago

I am inclined to close this in favour of #40 but could use more feedback.

yorkshire-pudding commented 1 week ago

I agree to close this one. The db queries in that example are using an outdated protocol that was deprecated in 5.5.0 and removed in 7.0.0