Skip to content
Browse files

attempt at [Bug 9581] Add support for session.cookie_httponly

# there are two new options in the session and cookie params called httponly


git-svn-id: http://svn.php.net/repository/pear/packages/LiveUser/trunk@224932 c90b9560-bf6c-de11-be94-00142212c4b1
  • Loading branch information...
1 parent 3a77388 commit 5e12467dc614c80a4e4a92f292313c27b980355b Arnaud Limbourg committed Dec 12, 2006
Showing with 7 additions and 2 deletions.
  1. +7 −2 LiveUser.php
View
9 LiveUser.php
@@ -388,6 +388,7 @@ function LiveUser(&$debug)
* 'path' => 'Cookie path',
* 'domain' => 'Cookie domain',
* 'secure' => 'Cookie send only over secure connections',
+ * 'httponly' => 'HHTP only cookie, PHP 5.2.0+ only',
* ),
* 'cache_perm' => if the permission data should be cached inside the session
* 'login' => array(
@@ -407,6 +408,7 @@ function LiveUser(&$debug)
* 'secret' => 'Secret key used for cookie value encryption',
* 'savedir' => '/absolute/path/to/writeable/directory' // No trailing slash (/) !
* 'secure' => 'Cookie send only over secure connections',
+ * 'httponly' => 'HHTP only cookie, PHP 5.2.0+ only',
* ),
* 'authContainers' => array(
* 'name' => array(
@@ -750,6 +752,7 @@ function readConfig($conf)
'path' => '/',
'domain' => '',
'secret' => 'secret',
+ 'httponly' => false,
);
if (is_array($this->_options['cookie'])) {
$this->_options['cookie'] =
@@ -1015,7 +1018,8 @@ function _startSession()
(LIVEUSER_DAY_SECONDS * $this->_options['session_cookie_params']['lifetime'])),
$this->_options['session_cookie_params']['path'],
$this->_options['session_cookie_params']['domain'],
- $this->_options['session_cookie_params']['secure']);
+ $this->_options['session_cookie_params']['secure'],
+ $this->_options['session_cookie_params']['httponly']);
}
// Set the name of the current session
session_name($this->_options['session']['name']);
@@ -1352,7 +1356,8 @@ function setRememberCookie($handle, $passwd)
(time() + (LIVEUSER_DAY_SECONDS * $this->_options['cookie']['lifetime'])),
$this->_options['cookie']['path'],
$this->_options['cookie']['domain'],
- $this->_options['cookie']['secure']
+ $this->_options['cookie']['secure'],
+ $this->_options['cookie']['httponly']
);
if (!$setcookie) {

0 comments on commit 5e12467

Please sign in to comment.
Something went wrong with that request. Please try again.