diff options
Diffstat (limited to 'sessions.php')
-rw-r--r-- | sessions.php | 59 |
1 files changed, 32 insertions, 27 deletions
diff --git a/sessions.php b/sessions.php index 2ad5a57fc..8588f5807 100644 --- a/sessions.php +++ b/sessions.php @@ -7,28 +7,33 @@ $session_expire = SESSION_EXPIRE_TIME; //seconds $session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME; + if ($_SERVER['HTTPS'] == "on") { + $session_name .= "_ssl"; + ini_set("session.cookie_secure", true); + } + ini_set("session.gc_probability", 50); ini_set("session.name", $session_name); ini_set("session.use_only_cookies", true); ini_set("session.gc_maxlifetime", SESSION_EXPIRE_TIME); function ttrss_open ($s, $n) { - + global $session_connection; - + $session_connection = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - + return true; } function ttrss_read ($id){ - - global $session_connection,$session_read; + + global $session_connection,$session_read; $query = "SELECT data FROM ttrss_sessions WHERE id='$id'"; $res = db_query($session_connection, $query); - + if (db_num_rows($res) != 1) { return ""; } else { @@ -39,61 +44,61 @@ } function ttrss_write ($id, $data) { - - if (! $data) { - return false; + + if (! $data) { + return false; } - + global $session_connection, $session_read, $session_expire; - + $expire = time() + $session_expire; - + $data = db_escape_string(base64_encode($data), $session_connection); - + if ($session_read) { - $query = "UPDATE ttrss_sessions SET data='$data', - expire='$expire' WHERE id='$id'"; + $query = "UPDATE ttrss_sessions SET data='$data', + expire='$expire' WHERE id='$id'"; } else { $query = "INSERT INTO ttrss_sessions (id, data, expire) VALUES ('$id', '$data', '$expire')"; } - + db_query($session_connection, $query); return true; } function ttrss_close () { - + global $session_connection; - + db_close($session_connection); - + return true; } function ttrss_destroy ($id) { - + global $session_connection; $query = "DELETE FROM ttrss_sessions WHERE id = '$id'"; - + db_query($session_connection, $query); - + return true; } function ttrss_gc ($expire) { - + global $session_connection; - + $query = "DELETE FROM ttrss_sessions WHERE expire < " . time(); - + db_query($session_connection, $query); } if (DATABASE_BACKED_SESSIONS) { - session_set_save_handler("ttrss_open", - "ttrss_close", "ttrss_read", "ttrss_write", + session_set_save_handler("ttrss_open", + "ttrss_close", "ttrss_read", "ttrss_write", "ttrss_destroy", "ttrss_gc"); } |