// Session management functions. These provide database storage of PHP
// session info.
+use Friendica\Core\Config;
+
require_once('include/cache.php');
$session_exists = 0;
$default_expire = time() + 300;
$memcache = cache::memcache();
- if (is_object($memcache)) {
- $memcache->set(get_app()->get_hostname().":session:".$id, $data, MEMCACHE_COMPRESSED, $expire);
+ $a = get_app();
+ if (is_object($memcache) && is_object($a)) {
+ $memcache->set($a->get_hostname().":session:".$id, $data, MEMCACHE_COMPRESSED, $expire);
return true;
}
if ($session_exists) {
$r = q("UPDATE `session`
- SET `data` = '%s'
- WHERE `data` != '%s' AND `sid` = '%s'",
- dbesc($data), dbesc($data), dbesc($id));
-
- $r = q("UPDATE `session`
- SET `expire` = '%s'
- WHERE `expire` != '%s' AND `sid` = '%s'",
- dbesc($expire), dbesc($expire), dbesc($id));
+ SET `data` = '%s', `expire` = '%s'
+ WHERE `sid` = '%s'
+ AND (`data` != '%s' OR `expire` != '%s')",
+ dbesc($data), dbesc($expire), dbesc($id), dbesc($data), dbesc($expire));
} else {
$r = q("INSERT INTO `session`
SET `sid` = '%s', `expire` = '%s', `data` = '%s'",
ini_set('session.use_only_cookies', 1);
ini_set('session.cookie_httponly', 1);
+if (Config::get('system', 'ssl_policy') == SSL_POLICY_FULL) {
+ ini_set('session.cookie_secure', 1);
+}
+
if (!get_config('system', 'disable_database_session')) {
session_set_save_handler('ref_session_open', 'ref_session_close',
'ref_session_read', 'ref_session_write',
projects / friendica.git / blobdiff