require_once('include/datetime.php');
function nuke_session() {
++ session_unset();
++/*
new_cookie(0); // make sure cookie is deleted on browser close, as a security measure
unset($_SESSION['authenticated']);
unset($_SESSION['my_address']);
unset($_SESSION['addr']);
unset($_SESSION['return_url']);
++*/
}
--// login/logout
++// login/logout
if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-params'))) || ($_POST['auth-params'] !== 'login'))) {
if(((x($_POST,'auth-params')) && ($_POST['auth-params'] === 'logout')) || ($a->module === 'logout')) {
--
++
// process logout request
call_hooks("logging_out");
nuke_session();
}
function new_cookie($time) {
++ $a = get_app();
++
$old_sid = session_id();
-- session_set_cookie_params("$time");
++ session_set_cookie_params($time);
++ //session_set_cookie_params($time, "/", $a->get_hostname());
session_regenerate_id(false);
q("UPDATE session SET sid = '%s' WHERE sid = '%s'", dbesc(session_id()), dbesc($old_sid));
++
++ logger("Session parameter lifetime: ".$time." - got: ".print_r(session_get_cookie_params(), true), LOGGER_DEBUG);
}
ini_set('session.use_only_cookies', 1);
ini_set('session.cookie_httponly', 1);
--
--session_set_save_handler ('ref_session_open', 'ref_session_close',
- 'ref_session_read', 'ref_session_write',
- 'ref_session_destroy', 'ref_session_gc');
- 'ref_session_read', 'ref_session_write',
- 'ref_session_destroy', 'ref_session_gc');
++if (!get_config('system', 'disable_database_session'))
++ session_set_save_handler('ref_session_open', 'ref_session_close',
++ 'ref_session_read', 'ref_session_write',
++ 'ref_session_destroy', 'ref_session_gc');
projects / friendica.git / commitdiff