Protect session cookie
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@1057 7c3ca157-0c34-0410-bff1-cbf682f78f5c
This commit is contained in:
parent
70a3671a09
commit
84a9bfa82c
|
@ -44,10 +44,13 @@ if (!isset($_SERVER["REQUEST_URI"])) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!ini_get("session.auto_start")) {
|
if (!ini_get("session.auto_start")) {
|
||||||
// use specific session name to get own namespace
|
@ini_set("session.use_trans_sid", false); // protect links in export, @ - may be disabled
|
||||||
@ini_set("session.use_trans_sid", false); // @ - may be disabled
|
session_name("adminer_sid"); // use specific session name to get own namespace
|
||||||
session_name("adminer_sid");
|
$params = array(0, preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"]), "", $_SERVER["HTTPS"]);
|
||||||
session_set_cookie_params(0, preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"])); //! use HttpOnly in PHP 5
|
if (version_compare(PHP_VERSION, '5.2.0') >= 0) {
|
||||||
|
$params[] = true; // HttpOnly
|
||||||
|
}
|
||||||
|
call_user_func_array('session_set_cookie_params', $params);
|
||||||
session_start();
|
session_start();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue