summaryrefslogtreecommitdiff
path: root/sessions.php
diff options
context:
space:
mode:
Diffstat (limited to 'sessions.php')
-rw-r--r--sessions.php59
1 files changed, 32 insertions, 27 deletions
diff --git a/sessions.php b/sessions.php
index 2ad5a57fc..8588f5807 100644
--- a/sessions.php
+++ b/sessions.php
@@ -7,28 +7,33 @@
$session_expire = SESSION_EXPIRE_TIME; //seconds
$session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME;
+ if ($_SERVER['HTTPS'] == "on") {
+ $session_name .= "_ssl";
+ ini_set("session.cookie_secure", true);
+ }
+
ini_set("session.gc_probability", 50);
ini_set("session.name", $session_name);
ini_set("session.use_only_cookies", true);
ini_set("session.gc_maxlifetime", SESSION_EXPIRE_TIME);
function ttrss_open ($s, $n) {
-
+
global $session_connection;
-
+
$session_connection = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
-
+
return true;
}
function ttrss_read ($id){
-
- global $session_connection,$session_read;
+
+ global $session_connection,$session_read;
$query = "SELECT data FROM ttrss_sessions WHERE id='$id'";
$res = db_query($session_connection, $query);
-
+
if (db_num_rows($res) != 1) {
return "";
} else {
@@ -39,61 +44,61 @@
}
function ttrss_write ($id, $data) {
-
- if (! $data) {
- return false;
+
+ if (! $data) {
+ return false;
}
-
+
global $session_connection, $session_read, $session_expire;
-
+
$expire = time() + $session_expire;
-
+
$data = db_escape_string(base64_encode($data), $session_connection);
-
+
if ($session_read) {
- $query = "UPDATE ttrss_sessions SET data='$data',
- expire='$expire' WHERE id='$id'";
+ $query = "UPDATE ttrss_sessions SET data='$data',
+ expire='$expire' WHERE id='$id'";
} else {
$query = "INSERT INTO ttrss_sessions (id, data, expire)
VALUES ('$id', '$data', '$expire')";
}
-
+
db_query($session_connection, $query);
return true;
}
function ttrss_close () {
-
+
global $session_connection;
-
+
db_close($session_connection);
-
+
return true;
}
function ttrss_destroy ($id) {
-
+
global $session_connection;
$query = "DELETE FROM ttrss_sessions WHERE id = '$id'";
-
+
db_query($session_connection, $query);
-
+
return true;
}
function ttrss_gc ($expire) {
-
+
global $session_connection;
-
+
$query = "DELETE FROM ttrss_sessions WHERE expire < " . time();
-
+
db_query($session_connection, $query);
}
if (DATABASE_BACKED_SESSIONS) {
- session_set_save_handler("ttrss_open",
- "ttrss_close", "ttrss_read", "ttrss_write",
+ session_set_save_handler("ttrss_open",
+ "ttrss_close", "ttrss_read", "ttrss_write",
"ttrss_destroy", "ttrss_gc");
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 03:57:59 +0000