miniflux-legacy/lib/Session.php

<?php

namespace Session;

const SESSION_LIFETIME = 2678400;


function open($base_path = '/', $save_path = '', $session_lifetime = SESSION_LIFETIME)
{
    if ($save_path !== '') {
        session_save_path($save_path);
    }

    // HttpOnly and secure flags for session cookie
    session_set_cookie_params(
        $session_lifetime,
        $base_path ?: '/',
        null,
        isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on',
        true
    );

    // Avoid session id in the URL
    ini_set('session.use_only_cookies', true);

    // Ensure session ID integrity
    ini_set('session.entropy_file', '/dev/urandom');
    ini_set('session.entropy_length', '32');
    ini_set('session.hash_bits_per_character', 6);

    // Custom session name
    session_name('__$');

    session_start();

    // Regenerate the session id to avoid session fixation issue
    if (empty($_SESSION['__validated'])) {
        session_regenerate_id(true);
        $_SESSION['__validated'] = 1;
    }
}


function close()
{
    session_destroy();
}


function flash($message)
{
    $_SESSION['flash_message'] = $message;
}


function flash_error($message)
{
    $_SESSION['flash_error_message'] = $message;
}
first commit 2013-02-18 03:48:21 +01:00			`<?php`

Include PicoFarad into Miniflux 2015-08-29 03:34:34 +02:00			`namespace Session;`
first commit 2013-02-18 03:48:21 +01:00
Move to Composer and update to the last version of PicoFeed 2014-12-24 03:28:26 +01:00			`const SESSION_LIFETIME = 2678400;`
first commit 2013-02-18 03:48:21 +01:00

Change session lifetime and do not use the image proxy for https urls 2015-01-18 01:17:44 +01:00			`function open($base_path = '/', $save_path = '', $session_lifetime = SESSION_LIFETIME)`
first commit 2013-02-18 03:48:21 +01:00			`{`
Run php-cs-fixer on the code base 2016-04-18 01:44:45 +02:00			`if ($save_path !== '') {`
			`session_save_path($save_path);`
			`}`
Improve files organization 2014-02-08 20:13:14 +01:00
Update PicoFarad (session creation improvements) 2014-02-28 03:02:35 +01:00			`// HttpOnly and secure flags for session cookie`
Session cookies have the parameter "secure" when the connection is HTTPS 2013-03-26 02:29:30 +01:00			`session_set_cookie_params(`
Change session lifetime and do not use the image proxy for https urls 2015-01-18 01:17:44 +01:00			`$session_lifetime,`
Update PicoFarad (session creation improvements) 2014-02-28 03:02:35 +01:00			`$base_path ?: '/',`
Session cookies have the parameter "secure" when the connection is HTTPS 2013-03-26 02:29:30 +01:00			`null,`
			`isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on',`
			`true`
			`);`

Update PicoFarad (session creation improvements) 2014-02-28 03:02:35 +01:00			`// Avoid session id in the URL`
			`ini_set('session.use_only_cookies', true);`

			`// Ensure session ID integrity`
			`ini_set('session.entropy_file', '/dev/urandom');`
			`ini_set('session.entropy_length', '32');`
			`ini_set('session.hash_bits_per_character', 6);`

			`// Custom session name`
			`session_name('__$');`

first commit 2013-02-18 03:48:21 +01:00			`session_start();`
Update PicoFarad (session creation improvements) 2014-02-28 03:02:35 +01:00
			`// Regenerate the session id to avoid session fixation issue`
			`if (empty($_SESSION['__validated'])) {`
			`session_regenerate_id(true);`
			`$_SESSION['__validated'] = 1;`
			`}`
first commit 2013-02-18 03:48:21 +01:00			`}`


			`function close()`
			`{`
			`session_destroy();`
			`}`


			`function flash($message)`
			`{`
			`$_SESSION['flash_message'] = $message;`
			`}`


			`function flash_error($message)`
			`{`
			`$_SESSION['flash_error_message'] = $message;`
Fix cosmetic errors 2015-10-20 03:21:18 +02:00			`}`