aboutsummaryrefslogtreecommitdiffhomepage
path: root/inc/3rdparty/PicoFarad/Session.php
diff options
context:
space:
mode:
Diffstat (limited to 'inc/3rdparty/PicoFarad/Session.php')
-rw-r--r--inc/3rdparty/PicoFarad/Session.php57
1 files changed, 57 insertions, 0 deletions
diff --git a/inc/3rdparty/PicoFarad/Session.php b/inc/3rdparty/PicoFarad/Session.php
new file mode 100644
index 00000000..ee7b415a
--- /dev/null
+++ b/inc/3rdparty/PicoFarad/Session.php
@@ -0,0 +1,57 @@
1<?php
2
3namespace PicoFarad\Session;
4
5const SESSION_LIFETIME = 2678400;
6
7
8function open($base_path = '/', $save_path = '')
9{
10 if ($save_path !== '') session_save_path($save_path);
11
12 // HttpOnly and secure flags for session cookie
13 session_set_cookie_params(
14 SESSION_LIFETIME,
15 $base_path ?: '/',
16 null,
17 isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on',
18 true
19 );
20
21 // Avoid session id in the URL
22 ini_set('session.use_only_cookies', true);
23
24 // Ensure session ID integrity
25 ini_set('session.entropy_file', '/dev/urandom');
26 ini_set('session.entropy_length', '32');
27 ini_set('session.hash_bits_per_character', 6);
28
29 // Custom session name
30 session_name('__$');
31
32 session_start();
33
34 // Regenerate the session id to avoid session fixation issue
35 if (empty($_SESSION['__validated'])) {
36 session_regenerate_id(true);
37 $_SESSION['__validated'] = 1;
38 }
39}
40
41
42function close()
43{
44 session_destroy();
45}
46
47
48function flash($message)
49{
50 $_SESSION['flash_message'] = $message;
51}
52
53
54function flash_error($message)
55{
56 $_SESSION['flash_error_message'] = $message;
57} \ No newline at end of file