mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-07-31 13:20:11 +02:00
Code Issues Releases Wiki Activity

Document 'path' cookie attribute and how to change it in README

Browse Source
This commit is contained in:
Marco
2017-10-21 22:29:19 +02:00
parent 84f3ad10a9
commit 70a905afd7
1 changed files with 23 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
README.md
View File

@@ -82,6 +82,7 @@ Migrating from an earlier version of this project? See our [upgrade guide](Migra
* [Cookies](#cookies)
* [Renaming the librarys cookies](#renaming-the-librarys-cookies)
* [Defining the domain scope for cookies](#defining-the-domain-scope-for-cookies)
* [Restricting the path where cookies are available](#restricting-the-path-where-cookies-are-available)
* [Utilities](#utilities)
* [Creating a random string](#creating-a-random-string)
* [Creating a UUID v4 as per RFC 4122](#creating-a-uuid-v4-as-per-rfc-4122)
@@ -961,6 +962,28 @@ You can change the attribute through one of the following means, in order of rec
For this to work, `session.auto_start` must be set to `0` in the [PHP configuration](http://php.net/manual/en/configuration.file.php) (`php.ini`).
#### Restricting the path where cookies are available
A cookies `path` attribute controls which directories (and subdirectories) the cookie will be valid for, and thus where the users session and authentication state will be available.
In most cases, youll want to make cookies available for all paths, i.e. any directory and file, starting in the root directory. That is what a value of `/` for the attribute does, which is also the recommended default. You should only change this attribute to a different value, e.g. `/path/to/subfolder`, if you want to restrict which directories your cookies will be available in, e.g. to host multiple applications side-by-side, in different directories, under the same domain name.
You can change the attribute through one of the following means, in order of recommendation:
* In the [PHP configuration](http://php.net/manual/en/configuration.file.php) (`php.ini`), find the line with the `session.cookie_path` directive and change its value as desired, e.g.:
```
session.cookie_path = /
```
* As early as possible in your application, and before you create the `Auth` instance, call `\ini_set` to change the value of the `session.cookie_path` directive as desired, e.g.:
```php
\ini_set('session.cookie_path', '/');
```
For this to work, `session.auto_start` must be set to `0` in the [PHP configuration](http://php.net/manual/en/configuration.file.php) (`php.ini`).
### Utilities
#### Creating a random string