attempt at [Bug 9581] Add support for session.cookie_httponly

# there are two new options in the session and cookie params called httponly git-svn-id: http://svn.php.net/repository/pear/packages/LiveUser/trunk@224932 c90b9560-bf6c-de11-be94-00142212c4b1
pear · Dec 12, 2006 · 5e12467 · 5e12467
1 parent 3a77388
commit 5e12467
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/LiveUser.php b/LiveUser.php
@@ -388,6 +388,7 @@ function LiveUser(&$debug)
      *      'path'     => 'Cookie path',
      *      'domain'   => 'Cookie domain',
      *      'secure'   => 'Cookie send only over secure connections',
+     *      'httponly' => 'HHTP only cookie, PHP 5.2.0+ only',
      *  ),
      * 'cache_perm' => if the permission data should be cached inside the session
      *  'login' => array(
@@ -407,6 +408,7 @@ function LiveUser(&$debug)
      *      'secret'   => 'Secret key used for cookie value encryption',
      *      'savedir'  => '/absolute/path/to/writeable/directory' // No trailing slash (/) !
      *      'secure'   => 'Cookie send only over secure connections',
+     *      'httponly' => 'HHTP only cookie, PHP 5.2.0+ only',
      *  ),
      *  'authContainers' => array(
      *      'name' => array(
@@ -750,6 +752,7 @@ function readConfig($conf)
                 'path'     => '/',
                 'domain'   => '',
                 'secret'   => 'secret',
+                'httponly' => false,
             );
             if (is_array($this->_options['cookie'])) {
                 $this->_options['cookie'] =
@@ -1015,7 +1018,8 @@ function _startSession()
                 (LIVEUSER_DAY_SECONDS * $this->_options['session_cookie_params']['lifetime'])),
                 $this->_options['session_cookie_params']['path'],
                 $this->_options['session_cookie_params']['domain'],
-                $this->_options['session_cookie_params']['secure']);
+                $this->_options['session_cookie_params']['secure'],
+                $this->_options['session_cookie_params']['httponly']);
         }
         // Set the name of the current session
         session_name($this->_options['session']['name']);
@@ -1352,7 +1356,8 @@ function setRememberCookie($handle, $passwd)
             (time() + (LIVEUSER_DAY_SECONDS * $this->_options['cookie']['lifetime'])),
             $this->_options['cookie']['path'],
             $this->_options['cookie']['domain'],
-            $this->_options['cookie']['secure']
+            $this->_options['cookie']['secure'],
+            $this->_options['cookie']['httponly']
         );
 
         if (!$setcookie) {