Context Navigation

← Previous Change
Next Change →

Auth_File.inc.php

Timestamp:

May 30, 2019 5:28:57 AM (5 years ago)

Author:

anonymous

Message:

Remove App's 'ssl_domain' and 'ssl_enabled' parameters; determine SSL usage by detecting the presence of HTTPS env var (or HTTP_X_FORWARDED_PROTO). Update Session parameters for greater logevity and security. Add 'session_dir' to store site-specific sess_* files with a longer gc_maxlifetime duration.

File:

: 1 edited

trunk/lib/Auth_File.inc.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/lib/Auth_File.inc.php

r611	r690
324	324
325	325	// Login scripts must have the same 'login' tag for boomerangURL verification/manipulation.
326		$app->setBoomerangURL(~~absoluteMe(~~), 'login');
	326	$app->setBoomerangURL(getenv('REQUEST_URI'), 'login');
327	327	$app->dieURL($this->_params['login_url']);
328	328	}

Note: See TracChangeset for help on using the changeset viewer.

Download in other formats:

Unified Diff
Zip Archive