d48e7626ab0b366e8ce43fee17366fe7d6ba6e67
angie
  Thu Jun 9 11:36:06 2016 -0700
Revert "Several revisions to login cookie-checking after helpful code review by Max:"

This reverts commit 185dbcc2ba84d6eb1301163b926ebed3177cd379.

diff --git src/hg/lib/cart.c src/hg/lib/cart.c
index 08aca5a..c05fe7b 100644
--- src/hg/lib/cart.c
+++ src/hg/lib/cart.c
@@ -472,31 +472,31 @@
 #ifndef GBROWSE
 void cartLoadUserSession(struct sqlConnection *conn, char *sessionOwner,
 			 char *sessionName, struct cart *cart,
 			 struct hash *oldVars, char *actionVar)
 /* If permitted, load the contents of the given user's session, and then
  * reload the CGI settings (to support override of session settings).
  * If non-NULL, oldVars will contain values overloaded when reloading CGI.
  * If non-NULL, actionVar is a cartRemove wildcard string specifying the
  * CGI action variable that sent us here. */
 {
 struct sqlResult *sr = NULL;
 char **row = NULL;
 /* Validate login cookies if login is enabled */
 if (loginSystemEnabled())
     {
-    loginValidateCookies(cart);
+    loginSystemValidateCookies();
     }
 char *userName = wikiLinkUserName();
 char *encSessionName = cgiEncodeFull(sessionName);
 char *encSessionOwner = cgiEncodeFull(sessionOwner);
 char query[512];
 
 if (isEmpty(sessionOwner))
     errAbort("Please go back and enter a wiki user name for this session.");
 if (isEmpty(sessionName))
     errAbort("Please go back and enter a session name to load.");
 
 sqlSafef(query, sizeof(query), "SELECT shared, contents FROM %s "
       "WHERE userName = '%s' AND sessionName = '%s';",
       namedSessionTable, encSessionOwner, encSessionName);
 sr = sqlGetResult(conn, query);
@@ -1552,33 +1552,33 @@
 		cookieName, userIdKey, cookieDate());
     }
 if (geoMirrorEnabled())
     {
     // This occurs after the user has manually choosen to go back to the original site; we store redirect value into a cookie so we 
     // can use it in subsequent hgGateway requests before loading the user's cart
     char *redirect = cgiOptionalString("redirect");
     if (redirect)
         {
         printf("Set-Cookie: redirect=%s; path=/; domain=%s; expires=%s\r\n", redirect, cgiServerName(), cookieDate());
         }
     }
 /* Validate login cookies if login is enabled */
 if (loginSystemEnabled())
     {
-    struct slName *newCookies = loginValidateCookies(cart), *sl;
-    for (sl = newCookies;  sl != NULL;  sl = sl->next)
-        printf("Set-Cookie: %s\r\n", sl->name);
+    char *loginCookieString = loginSystemValidateCookies();
+    if (loginCookieString)
+        printf("Set-Cookie: %s", loginCookieString);
     }
 }
 
 struct cart *cartForSession(char *cookieName, char **exclude,
                             struct hash *oldVars)
 /* This gets the cart without writing any HTTP lines at all to stdout. */
 {
 char *hguid = getCookieId(cookieName);
 char *hgsid = getSessionId();
 struct cart *cart = cartNew(hguid, hgsid, exclude, oldVars);
 cartExclude(cart, sessionVar);
 if (sameOk(cfgOption("signalsHandler"), "on"))  /* most cgis call this routine */
     initSigHandlers(hDumpStackEnabled());
 char *httpProxy = cfgOption("httpProxy");  /* most cgis call this routine */
 if (httpProxy)