diff options
author | Andrew Dolgov <[email protected]> | 2013-04-04 15:33:14 +0400 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2013-04-04 15:33:14 +0400 |
commit | 9ce7a5546c6d9cca8aa8be524d43c735e2bd7182 (patch) | |
tree | fd2326ab8a39f19737b391da537f3065d0b8fa55 /include/sessions.php | |
parent | 82d77deb2876df4aac8536108404b93e20fd407b (diff) |
implement some tweaks to session handling; properly remove session cookie if invalid/login failed
Diffstat (limited to 'include/sessions.php')
-rw-r--r-- | include/sessions.php | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/include/sessions.php b/include/sessions.php index 0edda4ec7..402e8b8de 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -15,10 +15,11 @@ ini_set("session.cookie_secure", true); } - ini_set("session.gc_probability", 50); + ini_set("session.gc_probability", 75); ini_set("session.name", $session_name); ini_set("session.use_only_cookies", true); ini_set("session.gc_maxlifetime", $session_expire); + ini_set("session.cookie_lifetime", min(0, SESSION_COOKIE_LIFETIME)); global $session_connection; @@ -181,8 +182,8 @@ "ttrss_destroy", "ttrss_gc"); } - if (!defined('TTRSS_SESSION_NAME') || TTRSS_SESSION_NAME != 'ttrss_api_sid') { - if (isset($_COOKIE[$session_name])) { + if (!defined('NO_SESSION_AUTOSTART')) { + if (isset($_COOKIE[session_name()])) { @session_start(); } } |