beenull/adminerevo
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Protect session cookie

Browse source 
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@1057 7c3ca157-0c34-0410-bff1-cbf682f78f5c
This commit is contained in:
jakubvrana 2009-09-01 16:16:27 +00:00
parent 70a3671a09
commit 84a9bfa82c
1 changed files with 7 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
adminer/include/bootstrap.inc.php
View file

@ -44,10 +44,13 @@ if (!isset($_SERVER["REQUEST_URI"])) {
}
if (!ini_get("session.auto_start")) {
// use specific session name to get own namespace
@ini_set("session.use_trans_sid", false); // @ - may be disabled
session_name("adminer_sid");
session_set_cookie_params(0, preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"])); //! use HttpOnly in PHP 5
@ini_set("session.use_trans_sid", false); // protect links in export, @ - may be disabled
session_name("adminer_sid"); // use specific session name to get own namespace
$params = array(0, preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"]), "", $_SERVER["HTTPS"]);
if (version_compare(PHP_VERSION, '5.2.0') >= 0) {
$params[] = true; // HttpOnly
}
call_user_func_array('session_set_cookie_params', $params);
session_start();
}