Index: drupalvb.inc.php
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/drupalvb/drupalvb.inc.php,v
retrieving revision 1.33
diff -u -p -r1.33 drupalvb.inc.php
--- drupalvb.inc.php	1 Feb 2009 02:00:25 -0000	1.33
+++ drupalvb.inc.php	9 Mar 2009 04:44:04 -0000
@@ -30,10 +30,10 @@ function drupalvb_set_login_cookies($use
 
   $cookie_prefix = (isset($vb_config['Misc']['cookieprefix']) ? $vb_config['Misc']['cookieprefix'] : 'bb');
   $cookie_path = $vb_options['cookiepath'];
-  $vb_cookie_domain = (!empty($vb_options['cookiedomain']) ? $vb_options['cookiedomain'] : $GLOBALS['cookie_domain']);
   $now = time();
   $expire = $now + (@ini_get('session.cookie_lifetime') ? ini_get('session.cookie_lifetime') : 60 * 60 * 24 * 365);
 
+  $vb_cookie_domain = (!empty($vb_options['cookiedomain']) ? $vb_options['cookiedomain'] : $GLOBALS['cookie_domain']);
   // Per RFC 2109, cookie domains must contain at least one dot other than the
   // first. For hosts such as 'localhost' or IP Addresses we don't set a cookie domain.
   // @see conf_init()
@@ -73,19 +73,26 @@ function drupalvb_clear_cookies($userid 
 
   $cookie_prefix = (isset($vb_config['Misc']['cookieprefix']) ? $vb_config['Misc']['cookieprefix'] : 'bb');
   $cookie_path = $vb_options['cookiepath'];
-  $cookie_domain = $vb_options['cookiedomain'];
   $expire = time() - 86400;
-  
+
+  $vb_cookie_domain = (!empty($vb_options['cookiedomain']) ? $vb_options['cookiedomain'] : $GLOBALS['cookie_domain']);
+  // Per RFC 2109, cookie domains must contain at least one dot other than the
+  // first. For hosts such as 'localhost' or IP Addresses we don't set a cookie domain.
+  // @see conf_init()
+  if (!(count(explode('.', $vb_cookie_domain)) > 2 && !is_numeric(str_replace('.', '', $vb_cookie_domain)))) {
+    $vb_cookie_domain = '';
+  }
+
   if (!empty($userid)) {
     drupalvb_db_query("DELETE FROM {session} WHERE userid = %d", $userid);
     drupalvb_db_query("UPDATE {user} SET lastvisit = %d WHERE userid = %d", time(), $userid);
   }
 
-  setcookie($cookie_prefix .'sessionhash', '', $expire, $cookie_path, $cookie_domain);
-  setcookie($cookie_prefix .'lastvisit', '', $expire, $cookie_path, $cookie_domain);
-  setcookie($cookie_prefix .'lastactivity', '', $expire, $cookie_path, $cookie_domain);
-  setcookie($cookie_prefix .'userid', '', $expire, $cookie_path, $cookie_domain);
-  setcookie($cookie_prefix .'password', '', $expire, $cookie_path, $cookie_domain);
+  setcookie($cookie_prefix .'sessionhash', '', $expire, $cookie_path, $vb_cookie_domain);
+  setcookie($cookie_prefix .'lastvisit', '', $expire, $cookie_path, $vb_cookie_domain);
+  setcookie($cookie_prefix .'lastactivity', '', $expire, $cookie_path, $vb_cookie_domain);
+  setcookie($cookie_prefix .'userid', '', $expire, $cookie_path, $vb_cookie_domain);
+  setcookie($cookie_prefix .'password', '', $expire, $cookie_path, $vb_cookie_domain);
 }
 
 /**