From 84a9bfa82c85b9076c61b67d853888da830f868f Mon Sep 17 00:00:00 2001
From: jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
Date: Tue, 1 Sep 2009 16:16:27 +0000
Subject: [PATCH] Protect session cookie

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@1057 7c3ca157-0c34-0410-bff1-cbf682f78f5c
---
 adminer/include/bootstrap.inc.php | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/adminer/include/bootstrap.inc.php b/adminer/include/bootstrap.inc.php
index 92ac974a..037861b8 100644
--- a/adminer/include/bootstrap.inc.php
+++ b/adminer/include/bootstrap.inc.php
@@ -44,10 +44,13 @@ if (!isset($_SERVER["REQUEST_URI"])) {
 }
 
 if (!ini_get("session.auto_start")) {
-	// use specific session name to get own namespace
-	@ini_set("session.use_trans_sid", false); // @ - may be disabled
-	session_name("adminer_sid");
-	session_set_cookie_params(0, preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"])); //! use HttpOnly in PHP 5
+	@ini_set("session.use_trans_sid", false); // protect links in export, @ - may be disabled
+	session_name("adminer_sid"); // use specific session name to get own namespace
+	$params = array(0, preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"]), "", $_SERVER["HTTPS"]);
+	if (version_compare(PHP_VERSION, '5.2.0') >= 0) {
+		$params[] = true; // HttpOnly
+	}
+	call_user_func_array('session_set_cookie_params', $params);
 	session_start();
 }