Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge branch 'w36_MDL-29312_m20_cookieless' of git://github.com/skoda…

…k/moodle into MOODLE_20_STABLE
  • Loading branch information...
commit f4aea09ea4b974b615f5913642b4d3ca0b7cc837 2 parents ef9d05c + f0a7542
@samhemelryk samhemelryk authored
Showing with 4 additions and 9 deletions.
  1. +0 −2  auth/mnet/auth.php
  2. +4 −7 lib/sessionlib.php
View
2  auth/mnet/auth.php
@@ -890,8 +890,6 @@ function keepalive_server($array) {
global $CFG, $DB;
$remoteclient = get_mnet_remote_client();
- $CFG->usesid = true;
-
// We don't want to output anything to the client machine
$start = ob_start();
View
11 lib/sessionlib.php
@@ -106,7 +106,7 @@ public function __construct() {
if (NO_MOODLE_COOKIES) {
// session not used at all
- $CFG->usesid = 0;
+ $CFG->usesid = false;
$_SESSION = array();
$_SESSION['SESSION'] = new stdClass();
@@ -118,12 +118,9 @@ public function __construct() {
$newsession = empty($_COOKIE['MoodleSession'.$CFG->sessioncookie]);
- if (!empty($CFG->usesid) && $newsession) {
- sid_start_ob();
- } else {
- $CFG->usesid = 0;
- ini_set('session.use_trans_sid', '0');
- }
+ // cookieless mode is prevented for security reasons
+ $CFG->usesid = false;
+ ini_set('session.use_trans_sid', '0');
session_name('MoodleSession'.$CFG->sessioncookie);
session_set_cookie_params(0, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $CFG->cookiesecure, $CFG->cookiehttponly);
Please sign in to comment.
Something went wrong with that request. Please try again.