Skip to content

Commit

Permalink
Cookies changed to HttpOnly.
Browse files Browse the repository at this point in the history
  • Loading branch information
James Allsup committed Apr 6, 2014
1 parent 72dd3f8 commit 53c376a
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 2 deletions.
3 changes: 2 additions & 1 deletion upload/php.ini
View file
Expand Up @@ -6,8 +6,9 @@ max_execution_time = 36000;
upload_max_filesize = 999M;
safe_mode = Off;
mysql.connect_timeout = 20;
session.use_cookies = On;
session.use_only_cookies = On;
session.use_trans_sid = Off;
session.cookie_httponly = On;
session.gc_maxlifetime = 172800;
allow_url_fopen = on;
;display_errors = 1;
Expand Down
3 changes: 2 additions & 1 deletion upload/system/library/session.php
View file
Expand Up @@ -4,8 +4,9 @@ class Session {

public function __construct() {
if (!session_id()) {
ini_set('session.use_cookies', 'On');
ini_set('session.use_only_cookies', 'On');
ini_set('session.use_trans_sid', 'Off');
ini_set('session.cookie_httponly', 'On');

session_set_cookie_params(0, '/');
session_start();
Expand Down

0 comments on commit 53c376a

Please sign in to comment.