aboutsummaryrefslogblamecommitdiffhomepage
path: root/inc/3rdparty/PicoFarad/Session.php
blob: ee7b415a03a34dfa6cfb699c7040d6b5a5d669e0 (plain) (tree)
























































                                                                
<?php

namespace PicoFarad\Session;

const SESSION_LIFETIME = 2678400;


function open($base_path = '/', $save_path = '')
{
    if ($save_path !== '') session_save_path($save_path);

    // HttpOnly and secure flags for session cookie
    session_set_cookie_params(
        SESSION_LIFETIME,
        $base_path ?: '/',
        null,
        isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on',
        true
    );

    // Avoid session id in the URL
    ini_set('session.use_only_cookies', true);

    // Ensure session ID integrity
    ini_set('session.entropy_file', '/dev/urandom');
    ini_set('session.entropy_length', '32');
    ini_set('session.hash_bits_per_character', 6);

    // Custom session name
    session_name('__$');

    session_start();

    // Regenerate the session id to avoid session fixation issue
    if (empty($_SESSION['__validated'])) {
        session_regenerate_id(true);
        $_SESSION['__validated'] = 1;
    }
}


function close()
{
    session_destroy();
}


function flash($message)
{
    $_SESSION['flash_message'] = $message;
}


function flash_error($message)
{
    $_SESSION['flash_error_message'] = $message;
}