| 31 |
- |
1 |
<?php
|
|
|
2 |
error_reporting(E_ALL);
|
|
|
3 |
|
|
|
4 |
if ($_SERVER["SERVER_NAME"] == "www.findcheapmusic.com") {
|
|
|
5 |
ini_set("zlib.output_compression", "On");
|
|
|
6 |
ini_set("display_errors", 0);
|
|
|
7 |
ini_set("log_errors", 1);
|
|
|
8 |
ini_set("error_log", $_SERVER['DOCUMENT_ROOT'] . "/../MyFiles/logs/php_error.log");
|
|
|
9 |
header("Strict-Transport-Security: max-age=31536000; includeSubDomains; preload");
|
|
|
10 |
header("X-Content-Type-Options: nosniff");
|
|
|
11 |
header("X-XSS-Protection: 1; mode=block");
|
|
|
12 |
header("Access-Control-Allow-Origin: *");
|
|
|
13 |
header("Referrer-Policy: no-referrer");
|
|
|
14 |
header("X-Frame-Options: SAMEORIGIN");
|
|
|
15 |
header("Set-Cookie: ^(.*)$ $1;HttpOnly;Secure");
|
| 41 |
- |
16 |
header("Content-Security-Policy: default-src 'none'; connect-src 'self'; font-src https://fonts.gstatic.com https://use.fontawesome.com; form-action 'self'; frame-src https://www.google.com; img-src 'self' data: http://abs.twimg.com https://abs.twimg.com https://i5.walmartimages.com https://images.samash.com https://img.discogs.com https://lh4.googleusercontent.com https://thumbs1.ebaystatic.com https://thumbs2.ebaystatic.com https://thumbs3.ebaystatic.com https://thumbs4.ebaystatic.com https://www.fye.com https://www.musicnotes.com https://www.secondspin.com; script-src 'self' 'unsafe-inline' https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/api2/v1560753160450/recaptcha__en.js; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ https://use.fontawesome.com/releases/v5.8.1/css/;frame-ancestors 'self'");
|
| 31 |
- |
17 |
}
|
|
|
18 |
|
|
|
19 |
include_once($_SERVER['DOCUMENT_ROOT'] . "/php/sessions_db.php");
|
|
|
20 |
include_once($_SERVER['DOCUMENT_ROOT'] . "/php/cryptor.php");
|
|
|
21 |
|
|
|
22 |
$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . "/../MyFiles/config/cheapmusic.ini", true);
|
|
|
23 |
$crypt = Cryptor::getInstance($configFile['cryptor']);
|
|
|
24 |
$handler = MySessionHandler::getInstance('login', $configFile['mysqli']);
|
|
|
25 |
unset($configFile);
|
|
|
26 |
|
|
|
27 |
ini_set("session.cookie_httponly", 1);
|
|
|
28 |
ini_set("session.cookie_secure", 1);
|
|
|
29 |
session_set_save_handler($handler, true);
|
|
|
30 |
if (!empty($_COOKIE['PHPSESSID'])) {
|
|
|
31 |
session_id($_COOKIE['PHPSESSID']);
|
|
|
32 |
}
|
|
|
33 |
|
|
|
34 |
session_start();
|