Session cookies have the parameter "secure" when the connection is HTTPS

This commit is contained in:
Frederic Guillot 2013-03-25 21:29:30 -04:00
parent 6957bc3a2f
commit 2925001dcb

View File

@ -7,7 +7,14 @@ const SESSION_LIFETIME = 2678400;
function open($base_path = '/')
{
session_set_cookie_params(SESSION_LIFETIME, $base_path, null, false, true);
session_set_cookie_params(
SESSION_LIFETIME,
$base_path,
null,
isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on',
true
);
session_start();
}