mirror/php-ifm
1
0
Fork 0
mirror of https://github.com/misterunknown/ifm.git synced 2025-08-09 17:46:31 +02:00
Code Issues Releases Wiki Activity

Clean up authentication. session_name is configurable, cookie_path is REQUEST_URI without QUERY_STRING.

Browse Source 
Signed-off-by: Marco Dickert <marco@misterunknown.de>
This commit is contained in:
Marco Dickert
2022-06-13 01:08:24 +02:00
parent 2d4f84a2a1
commit 0f972e5ea7
1 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/main.php
View File

@@ -35,6 +35,7 @@ class IFM {
"dateLocale" => "en-US",
"language" => "@@@vars:default_lang@@@",
"selfoverwrite" => 0,
"session_name" => false,
// api controls
"ajaxrequest" => 1,
@@ -101,6 +102,13 @@ class IFM {
if ($this->config['timezone'])
date_default_timezone_set($this->config['timezone']);
if ($this->config['session_name'])
session_name($this->config['session_name']);
// set cookie_path for SESSION to REQUEST_URI without QUERY_STRING
$cookie_path = substr($_SERVER['REQUEST_URI'], 0, strpos($_SERVER['REQUEST_URI'], '?') ?: strlen($_SERVER['REQUEST_URI']));
session_set_cookie_params(0, $cookie_path);
}
/**
@@ -189,7 +197,7 @@ f00bar;
return $this->getI18N($_REQUEST);
case "logout":
session_start();
unset($_SESSION);
session_unset();
header("Location: " . strtok($_SERVER["REQUEST_URI"], '?'));
exit;
}
@@ -994,9 +1002,7 @@ f00bar;
}
if (session_status() !== PHP_SESSION_ACTIVE) {
$cookie_path = dirname($_SERVER['REQUEST_URI']);
session_set_cookie_params(0, $cookie_path);
session_start(['cookie_path' => $cookie_path]);
session_start();
}
if (isset($_SESSION['ifmauth']) && $_SESSION['ifmauth'] == true)