-
-
Notifications
You must be signed in to change notification settings - Fork 122
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature session ip #259
Feature session ip #259
Conversation
…es for auto login
@ximex can you review the code? |
here the params to change the length of the session_id: ini_set('session.hash_function', '1');
ini_set('session.hash_bits_per_character', 6); maybe we should set them. the first one should made the session more secure (better hashing algo) Table columns with session Id should be 40 chars. Use secure random gen for generating the auto login id. (look at passwordhasing class) |
fixed the 35/40 chars session_id partly here: 96b7055 |
* Return the organization id of this session. If AutoLogin is enabled then the | ||
* organization may not be the organization of the config.php because the | ||
* user had set the AutoLogin to a different organization. | ||
*/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
add:
* @return int Returns the organization id of this session
change:
if(is_object($this->mAutoLogin))
{
return (int) $this->mAutoLogin->getValue('atl_org_id');
}
else
{
return (int) $this->getValue('ses_org_id');
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
Than we can merge. |
#227 + #257