gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-03-12 08:55:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

set httponly cookie

Browse Source
This commit is contained in:
Uwe Steinmann 2014-02-26 22:59:29 +01:00
parent 0be40d61c8
commit 92fc50fcce
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
op/op.Login.php
View File

@ -249,7 +249,7 @@ if (isset($_COOKIE["mydms_session"])) {
/* Load session */
$dms_session = $_COOKIE["mydms_session"];
if(!$resArr = $session->load($dms_session)) {
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot, null, null, true); //delete cookie
header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
exit;
} else {
@ -267,7 +267,7 @@ if (isset($_COOKIE["mydms_session"])) {
$lifetime = time() + intval($settings->_cookieLifetime);
else
$lifetime = 0;
setcookie("mydms_session", $id, $lifetime, $settings->_httpRoot);
setcookie("mydms_session", $id, $lifetime, $settings->_httpRoot, null, null, true);
}
// TODO: by the PHP manual: The superglobals $_GET and $_REQUEST are already decoded.