diff options
Diffstat (limited to 'inc/3rdparty/PicoFarad/Session.php')
-rw-r--r-- | inc/3rdparty/PicoFarad/Session.php | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/inc/3rdparty/PicoFarad/Session.php b/inc/3rdparty/PicoFarad/Session.php new file mode 100644 index 00000000..ee7b415a --- /dev/null +++ b/inc/3rdparty/PicoFarad/Session.php | |||
@@ -0,0 +1,57 @@ | |||
1 | <?php | ||
2 | |||
3 | namespace PicoFarad\Session; | ||
4 | |||
5 | const SESSION_LIFETIME = 2678400; | ||
6 | |||
7 | |||
8 | function open($base_path = '/', $save_path = '') | ||
9 | { | ||
10 | if ($save_path !== '') session_save_path($save_path); | ||
11 | |||
12 | // HttpOnly and secure flags for session cookie | ||
13 | session_set_cookie_params( | ||
14 | SESSION_LIFETIME, | ||
15 | $base_path ?: '/', | ||
16 | null, | ||
17 | isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on', | ||
18 | true | ||
19 | ); | ||
20 | |||
21 | // Avoid session id in the URL | ||
22 | ini_set('session.use_only_cookies', true); | ||
23 | |||
24 | // Ensure session ID integrity | ||
25 | ini_set('session.entropy_file', '/dev/urandom'); | ||
26 | ini_set('session.entropy_length', '32'); | ||
27 | ini_set('session.hash_bits_per_character', 6); | ||
28 | |||
29 | // Custom session name | ||
30 | session_name('__$'); | ||
31 | |||
32 | session_start(); | ||
33 | |||
34 | // Regenerate the session id to avoid session fixation issue | ||
35 | if (empty($_SESSION['__validated'])) { | ||
36 | session_regenerate_id(true); | ||
37 | $_SESSION['__validated'] = 1; | ||
38 | } | ||
39 | } | ||
40 | |||
41 | |||
42 | function close() | ||
43 | { | ||
44 | session_destroy(); | ||
45 | } | ||
46 | |||
47 | |||
48 | function flash($message) | ||
49 | { | ||
50 | $_SESSION['flash_message'] = $message; | ||
51 | } | ||
52 | |||
53 | |||
54 | function flash_error($message) | ||
55 | { | ||
56 | $_SESSION['flash_error_message'] = $message; | ||
57 | } \ No newline at end of file | ||