Mercurial > defr > drupal > core

comparison includes/session.inc @ 15:4347c45bb494 6.7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Drupal 6.7
author Franck Deroche <webmaster@defr.org>
date Tue, 23 Dec 2008 14:32:44 +0100
parents 8b6c45761e01
children 8e6257f3ae39
comparison
equal deleted inserted replaced
14:626fcabfa4b8 15:4347c45bb494
1 <?php 1 <?php
2 // $Id: session.inc,v 1.44.2.4 2008/10/20 09:53:32 goba Exp $ 2 // $Id: session.inc,v 1.44.2.5 2008/12/08 14:42:30 goba Exp $
3 3
4 /** 4 /**
5 * @file 5 * @file
6 * User session handling functions. 6 * User session handling functions.
7 */ 7 */
95 // TODO: remove this when we require at least PHP 4.4.0 95 // TODO: remove this when we require at least PHP 4.4.0
96 if (isset($_COOKIE[session_name()])) { 96 if (isset($_COOKIE[session_name()])) {
97 setcookie(session_name(), '', time() - 42000, '/'); 97 setcookie(session_name(), '', time() - 42000, '/');
98 } 98 }
99 99
100 extract(session_get_cookie_params());
101 // Set "httponly" to TRUE to reduce the risk of session stealing via XSS.
102 // This has no effect for PHP < 5.2.0.
103 session_set_cookie_params($lifetime, $path, $domain, $secure, TRUE);
100 session_regenerate_id(); 104 session_regenerate_id();
101 105
102 db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id); 106 db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id);
103 } 107 }
104 108