Send cookie only via HTTPS if a mod logs in via HTTPS, which is the case on this site
This commit is contained in:
parent
8d745bec26
commit
6716a24b68
@ -69,13 +69,13 @@ function setCookies() {
|
||||
$mod['hash'][0] . // password
|
||||
':' .
|
||||
$mod['hash'][1], // salt
|
||||
time() + $config['cookies']['expire'], $config['cookies']['jail'] ? $config['cookies']['path'] : '/', null, false, $config['cookies']['httponly']);
|
||||
time() + $config['cookies']['expire'], $config['cookies']['jail'] ? $config['cookies']['path'] : '/', null, $_SERVER['HTTPS'], $config['cookies']['httponly']);
|
||||
}
|
||||
|
||||
function destroyCookies() {
|
||||
global $config;
|
||||
// Delete the cookies
|
||||
setcookie($config['cookies']['mod'], 'deleted', time() - $config['cookies']['expire'], $config['cookies']['jail']?$config['cookies']['path'] : '/', null, false, true);
|
||||
setcookie($config['cookies']['mod'], 'deleted', time() - $config['cookies']['expire'], $config['cookies']['jail']?$config['cookies']['path'] : '/', null, $_SERVER['HTTPS'], true);
|
||||
}
|
||||
|
||||
function modLog($action, $_board=null) {
|
||||
|
@ -150,7 +150,7 @@ function mod_dashboard() {
|
||||
$latest = false;
|
||||
}
|
||||
|
||||
setcookie('update', serialize($latest), time() + $config['check_updates_time'], $config['cookies']['jail'] ? $config['cookies']['path'] : '/', null, false, true);
|
||||
setcookie('update', serialize($latest), time() + $config['check_updates_time'], $config['cookies']['jail'] ? $config['cookies']['path'] : '/', null, $_SERVER['HTTPS'], true);
|
||||
}
|
||||
|
||||
if ($latest)
|
||||
|
Loading…
Reference in New Issue
Block a user