gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-14 05:31:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

set httponly cookie

Browse Source
This commit is contained in:
Uwe Steinmann 2014-02-26 22:59:29 +01:00
parent 0be40d61c8
commit 92fc50fcce
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
op/op.Login.php
View File

@ -249,7 +249,7 @@ if (isset($_COOKIE["mydms_session"])) {
/* Load session */ /* Load session */
$dms_session = $_COOKIE["mydms_session"]; $dms_session = $_COOKIE["mydms_session"];
if(!$resArr = $session->load($dms_session)) { if(!$resArr = $session->load($dms_session)) {
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot, null, null, true); //delete cookie
header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer); header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
exit; exit;
} else { } else {
@ -267,7 +267,7 @@ if (isset($_COOKIE["mydms_session"])) {
$lifetime = time() + intval($settings->_cookieLifetime); $lifetime = time() + intval($settings->_cookieLifetime);
else else
$lifetime = 0; $lifetime = 0;
setcookie("mydms_session", $id, $lifetime, $settings->_httpRoot); setcookie("mydms_session", $id, $lifetime, $settings->_httpRoot, null, null, true);
} }
// TODO: by the PHP manual: The superglobals $_GET and $_REQUEST are already decoded. // TODO: by the PHP manual: The superglobals $_GET and $_REQUEST are already decoded.