current hostname as cookie domain, group edit member bugfix

Core/Configuration/Settings.class.php

@@ -84,15 +84,8 @@ class Settings {
   }
 
   public static function loadDefaults(): Settings {
-    $hostname = $_SERVER["SERVER_NAME"] ?? null;
-    if (empty($hostname)) {
-      $hostname = $_SERVER["HTTP_HOST"] ?? null;
-      if (empty($hostname)) {
-        $hostname = "localhost";
-      }
-    }
-
     $protocol = getProtocol();
+    $hostname = getHostName();
     $settings = new Settings();
 
     // General

Core/Objects/Context.class.php

@@ -92,7 +92,8 @@ class Context {
 
   public function sendCookies(): void {
     // TODO: what will we do, when there is a domain mismatch? forbid access or just send cookies for the current domain? or should we send a redirect?
-    $domain = $this->getSettings()->getDomain();
+    // $domain = $this->getSettings()->getDomain();
+    $domain = getCurrentHostName();
     $this->language->sendCookie($domain);
     $this->session?->sendCookie($domain);
     $this->session?->update();
@@ -202,7 +203,7 @@ class Context {
     return $this->language;
   }
 
-  public function invalidateSessions(bool $keepCurrent = true): bool {
+  public function invalidateSessions(bool $keepCurrent = false): bool {
     $query = $this->sql->update("Session")
       ->set("active", false)
       ->whereEq("user_id", $this->user->getId());

Core/core.php

@@ -36,6 +36,18 @@ function getProtocol(): string {
   return $isSecure ? 'https' : 'http';
 }
 
+function getCurrentHostName(): string {
+  $hostname = $_SERVER["SERVER_NAME"] ?? null;
+  if (empty($hostname)) {
+    $hostname = $_SERVER["HTTP_HOST"] ?? null;
+    if (empty($hostname)) {
+      $hostname = gethostname();
+    }
+  }
+
+  return $hostname;
+}
+
 function uuidv4(): string {
   $data = random_bytes(16);
   $data[6] = chr(ord($data[6]) & 0x0f | 0x40); // set version to 0100