Define the cookie path in config.ini.php

vnese · February 11, 2010, 12:54pm

Hi

I dont know if there is a security issue to redefine the cookie path. If not, I really want to customize it. It can be in config.ini.php or in global.ini.php:


; login cookie name
login_cookie_name = piwik_auth

; login cookie expiration (30 days)
login_cookie_expire = 2592000

; login cookie path
login_cookie_path = /

In my case, I have piwik installed in http ://example/piwik and my app installed in http ://example/myapp. And my app is a simple website that check whether the current user has been logged in to Piwik or not, if yes it will display some statistics widgets, if no it will redirect the user to piwik login page.

The checking process was done by reading “piwik_auth” cookie. However, I have a problem of reading the cookie from my app since the path of the cookie, in this case, is “/piwik/”. I want to customize the path to “/” so that any page under the root domain can have the access piwik cookie.

Any idea or help? And sorry for my bad English

matthieu · February 11, 2010, 4:33pm

that sounds like a reasonnable feature request, can you please create a ticket in trac and if possible attach a patch? there would be a new parameter to the core/Cookie.php (http://dev.piwik.org/trac/browser/trunk/core/Cookie.php) constructor and the new entry in the config file.

vnese · February 12, 2010, 11:09am

Here is the link to trac:

http://dev.piwik.org/trac/ticket/1155

I dont know if I can submit a patch since it may take time for me to dive into the source code.

aymenbnr · April 29, 2010, 8:27am

[quote=vnese @ Feb 12 2010, 11:09 AM]Here is the link to trac:

http://dev.piwik.org/trac/ticket/1155

I dont know if I can submit a patch since it may take time for me to dive into the source code.[/quote]
just follow admins guide,it is not a hard thing