? .project
? cookie-validation-2946.patch
? cookie-validation.patch
? sites/default/files
? sites/default/settings.php
Index: modules/user/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.module,v
retrieving revision 1.954
diff -u -p -r1.954 user.module
--- modules/user/user.module	13 Jan 2009 06:27:01 -0000	1.954
+++ modules/user/user.module	21 Feb 2009 19:27:02 -0000
@@ -1345,17 +1345,18 @@ function user_login(&$form_state) {
  * authenticate against their user database instead of the local users
  * table.
  *
- * We use three validators instead of one since external authentication
- * modules usually only need to alter the second validator.
+ * We use four validators instead of one since external authentication
+ * modules usually only need to alter the third validator.
  *
  * @see user_login_name_validate()
+ * @see user_login_cookie_validate()
  * @see user_login_authenticate_validate()
  * @see user_login_final_validate()
  * @return array
  *   A simple list of validate functions.
  */
 function user_login_default_validators() {
-  return array('user_login_name_validate', 'user_login_authenticate_validate', 'user_login_final_validate');
+  return array('user_login_name_validate', 'user_login_cookie_validate', 'user_login_authenticate_validate', 'user_login_final_validate');
 }
 
 /**
@@ -1369,6 +1370,16 @@ function user_login_name_validate($form,
 }
 
 /**
+ * A FAPI validate handler. Sets an error if cookies are not supported.
+ */
+function user_login_cookie_validate($form, &$form_state) {
+  if (!$_COOKIE) {
+    $domain = ini_get('session.cookie_domain') ? ltrim(ini_get('session.cookie_domain'), '.') : $_SERVER['HTTP_HOST'];
+    form_set_error('', t('It seems your browser does not accept cookies. To log into this site, you need to accept cookies from the domain %domain.', array('%domain' => $domain)));
+  }
+}
+
+/**
  * A validate handler on the login form. Check supplied username/password
  * against local users table. If successful, sets the global $user object.
  */
@@ -1455,6 +1466,7 @@ function user_authenticate_finalize(&$ed
  */
 function user_login_submit($form, &$form_state) {
   global $user;
+
   if ($user->uid) {
     $form_state['redirect'] = 'user/' . $user->uid;
     return;