Mercurial > defr > drupal > core

comparison includes/session.inc @ 17:8e6257f3ae39 6.8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Drupal 6.8
author Franck Deroche <webmaster@defr.org>
date Tue, 23 Dec 2008 14:32:55 +0100
parents 4347c45bb494
children
comparison
equal deleted inserted replaced
16:8f09b8a89d76 17:8e6257f3ae39
1 <?php 1 <?php
2 // $Id: session.inc,v 1.44.2.5 2008/12/08 14:42:30 goba Exp $ 2 // $Id: session.inc,v 1.44.2.6 2008/12/11 00:29:34 goba Exp $
3 3
4 /** 4 /**
5 * @file 5 * @file
6 * User session handling functions. 6 * User session handling functions.
7 */ 7 */
95 // TODO: remove this when we require at least PHP 4.4.0 95 // TODO: remove this when we require at least PHP 4.4.0
96 if (isset($_COOKIE[session_name()])) { 96 if (isset($_COOKIE[session_name()])) {
97 setcookie(session_name(), '', time() - 42000, '/'); 97 setcookie(session_name(), '', time() - 42000, '/');
98 } 98 }
99 99
100 extract(session_get_cookie_params());
101 // Set "httponly" to TRUE to reduce the risk of session stealing via XSS.
102 // This has no effect for PHP < 5.2.0.
103 session_set_cookie_params($lifetime, $path, $domain, $secure, TRUE);
104 session_regenerate_id(); 100 session_regenerate_id();
105 101
106 db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id); 102 db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id);
107 } 103 }
108 104