Andrew Dolgov
|
1b5b1e5fec
sessions: use is_server_https() for secure cookie setting
|
7 years ago |
Natan Frei
|
e234ac8dcb
$_SERVER['HTTPS'] can be exists and 'off' for non-https connectios
|
7 years ago |
Andrew Dolgov
|
09628e1b1a
rework previous 32 bit session stuff
|
7 years ago |
Andrew Dolgov
|
b465c28ee0
sessions: clip max expiry value to a 32bit integer
|
7 years ago |
Andrew Dolgov
|
ea79a0e033
remove some redundant php closing tags
|
7 years ago |
Andrew Dolgov
|
7b55001eee
fix various issues reported by static analysis
|
7 years ago |
Andrew Dolgov
|
33d131d699
ttrss_gc: return true
|
8 years ago |
Andrew Dolgov
|
f5e66c439e
remove SESSION_CHECK_ADDRESS
|
9 years ago |
Andrew Dolgov
|
ffc3a1e579
session: don't try to validate session schema version on empty sessions
|
9 years ago |
Andrew Dolgov
|
3192fb43bc
do not invalidate session when version_static and user agent changes
|
9 years ago |
Andrew Dolgov
|
04a8c2065f
better error reporting in session validation
|
11 years ago |
Andrew Dolgov
|
3472c4c569
use static version for session checking, show latest changeset for git version instead of head date
|
11 years ago |
Andrew Dolgov
|
6322ac79a0
remove $link
|
11 years ago |
Andrew Dolgov
|
404e2e3603
more work on singleton-based DB
|
11 years ago |
Andrew Dolgov
|
889a5f9f19
experimental SQL-based error logger
|
11 years ago |
Andrew Dolgov
|
9ce7a5546c
implement some tweaks to session handling; properly remove session cookie if invalid/login failed
|
11 years ago |
Andrew Dolgov
|
810205625b
session validation: check for tt-rss version
|
11 years ago |
Andrew Dolgov
|
6f431804a9
remove session check/destroy stuff, looks problematic
|
11 years ago |
Andrew Dolgov
|
c35b6d8e14
initialize session connection in ttrss_open but define session_connection in global context
|
11 years ago |
Andrew Dolgov
|
168680976f
sessions: initialize connection on include, not in ttrss_open
|
11 years ago |
Ryan Parrish
|
f4bae03a6e
Merge branch 'master' of https://github.com/stickystyle/Tiny-Tiny-RSS
|
11 years ago |
Ryan Parrish
|
7081aaa09b
add missing gettext libs
|
11 years ago |
Andrew Dolgov
|
837ec70e3e
validate_session: check for user agent
|
11 years ago |
Andrew Dolgov
|
e9b7469233
validate session on startup
|
11 years ago |
Andrew Dolgov
|
8f49a2257b
fix stuff broken by previous pull
|
11 years ago |
all
|
48ec0b8526
Check that $_SESSION["uid"] is defined before checking value
|
11 years ago |
Andrew Dolgov
|
2137d67496
sessions: properly check for cookie being set
|
11 years ago |
Andrew Dolgov
|
6cfd3c149c
remove SESSION_EXPIRE_TIME
|
11 years ago |
Andrew Dolgov
|
f231f438ba
reimplement remember_me
|
11 years ago |
Andrew Dolgov
|
60ed4c9ad5
add yet another workaround for stuck login due to session cookies
|
11 years ago |