nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[core] Remove config data from session as it brings chicken-egg problem.

Browse Source 
Configuration data stores PmaAbsoluteUri, which should be accessible
before initiating session. Otherwise there is no way to make
PmaAbsoluteUri work. PmaAbsoluteUri is needed at least for reverse
proxy setups, for example http webserver running behind https proxy.
This commit is contained in:
Michal Čihař
2010-01-21 11:18:18 +00:00
parent f7dda75cd7
commit 94c2f864ae
34 changed files with 223 additions and 222 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
libraries/session.inc.php
View File

@@ -31,8 +31,8 @@ if (!@function_exists('session_name')) {
//ini_set('session.auto_start', 0);
// session cookie settings
session_set_cookie_params(0, PMA_Config::getCookiePath() . '; HttpOnly',
'', PMA_Config::isHttps());
//session_set_cookie_params(0, PMA_Config::getCookiePath() . '; HttpOnly',
// '', PMA_Config::isHttps());
// cookies are safer (use @ini_set() in case this function is disabled)
@ini_set('session.use_cookies', true);
@@ -79,7 +79,7 @@ if (! isset($_COOKIE[$session_name])) {
}
unset($orig_error_count);
} else {
@session_start();
session_start();
}
/**
@@ -102,4 +102,4 @@ function PMA_secureSession()
// prevent session fixation and XSS
session_regenerate_id(true);
}
?>
?>