summaryrefslogtreecommitdiff
path: root/include/sessions.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/sessions.php')
-rw-r--r--include/sessions.php17
1 files changed, 12 insertions, 5 deletions
diff --git a/include/sessions.php b/include/sessions.php
index 3355ec49e..23c19441e 100644
--- a/include/sessions.php
+++ b/include/sessions.php
@@ -4,7 +4,7 @@
require_once "config.php";
require_once "db.php";
- $session_expire = SESSION_EXPIRE_TIME; //seconds
+ $session_expire = max(SESSION_COOKIE_LIFETIME, 86400);
$session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME;
if (@$_SERVER['HTTPS'] == "on") {
@@ -15,7 +15,7 @@
ini_set("session.gc_probability", 50);
ini_set("session.name", $session_name);
ini_set("session.use_only_cookies", true);
- ini_set("session.gc_maxlifetime", SESSION_EXPIRE_TIME);
+ ini_set("session.gc_maxlifetime", $session_expire);
function ttrss_open ($s, $n) {
@@ -102,9 +102,16 @@
"ttrss_destroy", "ttrss_gc");
}
- session_set_cookie_params(SESSION_COOKIE_LIFETIME);
-
if (!defined('TTRSS_SESSION_NAME') || TTRSS_SESSION_NAME != 'ttrss_api_sid') {
- @session_start();
+ if ($_COOKIE[$session_name]) {
+ @session_start();
+
+ if (!$_SESSION["uid"]) {
+ session_destroy();
+ if (isset($_COOKIE[session_name()])) {
+ setcookie(session_name(), '', time()-42000, '/');
+ }
+ }
+ }
}
?>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-19 10:09:30 +0000