JAIL_COOKIES config directive.
This commit is contained in:
parent
e149f3f1bd
commit
996a62c5f1
@ -23,6 +23,8 @@
|
|||||||
define('TIME_COOKIE', 'arrived', true);
|
define('TIME_COOKIE', 'arrived', true);
|
||||||
// HASH_COOKIE contains an MD5 hash of TIME_COOKIE+SALT for verification.
|
// HASH_COOKIE contains an MD5 hash of TIME_COOKIE+SALT for verification.
|
||||||
define('HASH_COOKIE', 'hash', true);
|
define('HASH_COOKIE', 'hash', true);
|
||||||
|
// Where to set the 'path' parameter to ROOT when creating cookies. Recommended.
|
||||||
|
define('JAIL_COOKIES', true, true);
|
||||||
|
|
||||||
// How long should the cookies last (in seconds)
|
// How long should the cookies last (in seconds)
|
||||||
define('COOKIE_EXPIRE', 15778463, true); //6 months
|
define('COOKIE_EXPIRE', 15778463, true); //6 months
|
||||||
|
13
inc/user.php
13
inc/user.php
@ -1,14 +1,21 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
// Set the session name.
|
||||||
session_name(SESS_COOKIE);
|
session_name(SESS_COOKIE);
|
||||||
session_start();
|
|
||||||
|
|
||||||
|
// Set session parameters
|
||||||
|
session_set_cookie_params(0, JAIL_COOKIES?ROOT:'/');
|
||||||
|
|
||||||
|
// Start the session
|
||||||
|
session_start(COOKIE_EXPIRE);
|
||||||
|
|
||||||
|
// Session creation time
|
||||||
if(!isset($_SESSION['created'])) $_SESSION['created'] = time();
|
if(!isset($_SESSION['created'])) $_SESSION['created'] = time();
|
||||||
|
|
||||||
if(!isset($_COOKIE[HASH_COOKIE]) || !isset($_COOKIE[TIME_COOKIE]) || $_COOKIE[HASH_COOKIE] != md5($_COOKIE[TIME_COOKIE].SALT)) {
|
if(!isset($_COOKIE[HASH_COOKIE]) || !isset($_COOKIE[TIME_COOKIE]) || $_COOKIE[HASH_COOKIE] != md5($_COOKIE[TIME_COOKIE].SALT)) {
|
||||||
$time = time();
|
$time = time();
|
||||||
setcookie(TIME_COOKIE, $time, time()+COOKIE_EXPIRE, '/', null, false, true);
|
setcookie(TIME_COOKIE, $time, time()+COOKIE_EXPIRE, JAIL_COOKIES?ROOT:'/', null, false, true);
|
||||||
setcookie(HASH_COOKIE, md5(time().SALT), time()+COOKIE_EXPIRE, '/', null, false, true);
|
setcookie(HASH_COOKIE, md5(time().SALT), time()+COOKIE_EXPIRE, JAIL_COOKIES?ROOT:'/', null, false, true);
|
||||||
$user = Array('valid' => false, 'appeared' => $time);
|
$user = Array('valid' => false, 'appeared' => $time);
|
||||||
} else {
|
} else {
|
||||||
$user = Array('valid' => true, 'appeared' => $_COOKIE[TIME_COOKIE]);
|
$user = Array('valid' => true, 'appeared' => $_COOKIE[TIME_COOKIE]);
|
||||||
|
Loading…
Reference in New Issue
Block a user