diff options
Diffstat (limited to 'include/sessions.php')
-rw-r--r-- | include/sessions.php | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/include/sessions.php b/include/sessions.php index 3355ec49e..23c19441e 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -4,7 +4,7 @@ require_once "config.php"; require_once "db.php"; - $session_expire = SESSION_EXPIRE_TIME; //seconds + $session_expire = max(SESSION_COOKIE_LIFETIME, 86400); $session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME; if (@$_SERVER['HTTPS'] == "on") { @@ -15,7 +15,7 @@ ini_set("session.gc_probability", 50); ini_set("session.name", $session_name); ini_set("session.use_only_cookies", true); - ini_set("session.gc_maxlifetime", SESSION_EXPIRE_TIME); + ini_set("session.gc_maxlifetime", $session_expire); function ttrss_open ($s, $n) { @@ -102,9 +102,16 @@ "ttrss_destroy", "ttrss_gc"); } - session_set_cookie_params(SESSION_COOKIE_LIFETIME); - if (!defined('TTRSS_SESSION_NAME') || TTRSS_SESSION_NAME != 'ttrss_api_sid') { - @session_start(); + if ($_COOKIE[$session_name]) { + @session_start(); + + if (!$_SESSION["uid"]) { + session_destroy(); + if (isset($_COOKIE[session_name()])) { + setcookie(session_name(), '', time()-42000, '/'); + } + } + } } ?> |