Skip to content

Commit

Permalink
Cookie posé avec la directive SameSite: Strict
Browse files Browse the repository at this point in the history
  • Loading branch information
@Simounet
Simounet committed Jan 10, 2024
1 parent ddc2d80 commit 64507f9
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions User.class.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,9 @@

class User extends MysqlEntity{

protected $id;
protected $login;
protected $password;
const COOKIE_NAME = 'leedStaySignedIn';

protected $id,$login,$password;
protected $TABLE_NAME = 'user';
protected $object_fields =
array(
Expand Down Expand Up @@ -131,7 +131,7 @@ static function existAuthToken($auth=null){
$userManager = new User();
$users = $userManager->populate('id');
$phpAuth = isset($_SERVER['PHP_AUTH_USER']) ? strtolower($_SERVER['PHP_AUTH_USER']) : false;
if (empty($auth)) $auth = @$_COOKIE['leedStaySignedIn'];
if (empty($auth)) $auth = @$_COOKIE[self::COOKIE_NAME];
foreach($users as $user){
if ($user->getToken()==$auth || strtolower($user->login)===$phpAuth){
$result = $user;
Expand All @@ -147,11 +147,11 @@ static function generateSalt() {

function setStayConnected() {
///@TODO: set the current web directory, here and on del
setcookie('leedStaySignedIn', $this->getToken(), time()+31536000);
header('Set-Cookie: ' . self::COOKIE_NAME . '=' . $this->getToken() . '; Expires=' . gmdate('D, d-M-Y H:i:s', time()+31536000) . '; Max-Age=31536000; SameSite=Strict');
}

static function delStayConnected() {
setcookie('leedStaySignedIn', '', -1);
setcookie(self::COOKIE_NAME, '', -1);
}

function getId(){
Expand Down

0 comments on commit 64507f9

Please sign in to comment.