PicoFarad framework for routing

author: Nicolas Lœuillet <nicolas@loeuillet.org> 2014-07-11 17:06:51 +0200
committer: Nicolas Lœuillet <nicolas@loeuillet.org> 2014-07-11 17:06:51 +0200
commit: b3cda72e93fff3a4c3476e9e7e78ef2b2a3f02b9 (patch)
tree: fb23b73225da5bc3a4466a51915586f60dde802c /inc/3rdparty/PicoFarad/Session.php
parent: 3602405ec0dbc576fce09ff9e865ba2404622080 (diff)
download: wallabag-b3cda72e93fff3a4c3476e9e7e78ef2b2a3f02b9.tar.gz
wallabag-b3cda72e93fff3a4c3476e9e7e78ef2b2a3f02b9.tar.zst
wallabag-b3cda72e93fff3a4c3476e9e7e78ef2b2a3f02b9.zip
1 files changed, 57 insertions, 0 deletions
diff --git a/inc/3rdparty/PicoFarad/Session.php b/inc/3rdparty/PicoFarad/Session.php
new file mode 100644
index 00000000..ee7b415a
--- /dev/null
+++ b/inc/3rdparty/PicoFarad/Session.php
@@ -0,0 +1,57 @@
+<?php
+namespace PicoFarad\Session;
+const SESSION_LIFETIME = 2678400;
+function open($base_path = '/', $save_path = '')
+{
+    if ($save_path !== '') session_save_path($save_path);
+    // HttpOnly and secure flags for session cookie
+    session_set_cookie_params(
+        SESSION_LIFETIME,
+        $base_path ?: '/',
+        null,
+        isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on',
+        true
+    );
+    // Avoid session id in the URL
+    ini_set('session.use_only_cookies', true);
+    // Ensure session ID integrity
+    ini_set('session.entropy_file', '/dev/urandom');
+    ini_set('session.entropy_length', '32');
+    ini_set('session.hash_bits_per_character', 6);
+    // Custom session name
+    session_name('__$');
+    session_start();
+    // Regenerate the session id to avoid session fixation issue
+    if (empty($_SESSION['__validated'])) {
+        session_regenerate_id(true);
+        $_SESSION['__validated'] = 1;
+    }
+}
+function close()
+{
+    session_destroy();
+}
+function flash($message)
+{
+    $_SESSION['flash_message'] = $message;
+}
+function flash_error($message)
+{
+    $_SESSION['flash_error_message'] = $message;
+}
+\ No newline at end of file
author	Nicolas Lœuillet <nicolas@loeuillet.org>	2014-07-11 17:06:51 +0200
committer	Nicolas Lœuillet <nicolas@loeuillet.org>	2014-07-11 17:06:51 +0200
commit	b3cda72e93fff3a4c3476e9e7e78ef2b2a3f02b9 (patch)
tree	fb23b73225da5bc3a4466a51915586f60dde802c /inc/3rdparty/PicoFarad/Session.php
parent	3602405ec0dbc576fce09ff9e865ba2404622080 (diff)
download	wallabag-b3cda72e93fff3a4c3476e9e7e78ef2b2a3f02b9.tar.gz wallabag-b3cda72e93fff3a4c3476e9e7e78ef2b2a3f02b9.tar.zst wallabag-b3cda72e93fff3a4c3476e9e7e78ef2b2a3f02b9.zip

diff --git a/inc/3rdparty/PicoFarad/Session.php b/inc/3rdparty/PicoFarad/Session.php new file mode 100644 index 00000000..ee7b415a --- /dev/null +++ b/inc/3rdparty/PicoFarad/Session.php
@@ -0,0 +1,57 @@
	1	<?php
	2
	3	namespace PicoFarad\Session;
	4
	5	const SESSION_LIFETIME = 2678400;
	6
	7
	8	function open($base_path = '/', $save_path = '')
	9	{
	10	if ($save_path !== '') session_save_path($save_path);
	11
	12	// HttpOnly and secure flags for session cookie
	13	session_set_cookie_params(
	14	SESSION_LIFETIME,
	15	$base_path ?: '/',
	16	null,
	17	isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on',
	18	true
	19	);
	20
	21	// Avoid session id in the URL
	22	ini_set('session.use_only_cookies', true);
	23
	24	// Ensure session ID integrity
	25	ini_set('session.entropy_file', '/dev/urandom');
	26	ini_set('session.entropy_length', '32');
	27	ini_set('session.hash_bits_per_character', 6);
	28
	29	// Custom session name
	30	session_name('__$');
	31
	32	session_start();
	33
	34	// Regenerate the session id to avoid session fixation issue
	35	if (empty($_SESSION['__validated'])) {
	36	session_regenerate_id(true);
	37	$_SESSION['__validated'] = 1;
	38	}
	39	}
	40
	41
	42	function close()
	43	{
	44	session_destroy();
	45	}
	46
	47
	48	function flash($message)
	49	{
	50	$_SESSION['flash_message'] = $message;
	51	}
	52
	53
	54	function flash_error($message)
	55	{
	56	$_SESSION['flash_error_message'] = $message;
	57	} \ No newline at end of file