WebSVN – cheapmusic – Diff – /www/login/includes/session.php



include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/dnsexit.php");
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/sessions_db.php");
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/cryptor.php");
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/constants.php");
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/media.php");
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/NonceUtil.php");
 
$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . FCM_CONFIGFILE, true);
$crypt = Cryptor::getInstance($configFile['cryptor']);
$handler = MySessionHandler::getInstance('login', $configFile['mysqli']);
$nonceSecret = $configFile['nonce']['secret'];
unset($configFile);
 
ini_set("session.cookie_httponly", 1);
ini_set("session.cookie_secure", 1);
session_set_save_handler($handler, true);
if (!empty($_COOKIE['PHPSESSID'])) {
    session_id($_COOKIE['PHPSESSID']);
}
 
session_start();
 
$_SESSION["nonce"] = NonceUtil::generate($nonceSecret);
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/csp.php");
 
function timeStampUrl($file) {
    return "/" . $file . "?" . filemtime($_SERVER['DOCUMENT_ROOT'] . "/" . $file);
}

Subversion Repositories cheapmusic

(root)/www/login/includes/session.php – Rev 116 → 119

Rev 116		Rev 119
Line 4...		Line 4...
4	`include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/dnsexit.php");`	4	`include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/dnsexit.php");`
5	`include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/sessions_db.php");`	5	`include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/sessions_db.php");`
6	`include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/cryptor.php");`	6	`include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/cryptor.php");`
7	`include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/constants.php");`	7	`include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/constants.php");`
8	`include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/media.php");`	8	`include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/media.php");`
-		9	`include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/NonceUtil.php");`
9		10
10	`$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . FCM_CONFIGFILE, true);`	11	`$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . FCM_CONFIGFILE, true);`
11	`$crypt = Cryptor::getInstance($configFile['cryptor']);`	12	`$crypt = Cryptor::getInstance($configFile['cryptor']);`
12	`$handler = MySessionHandler::getInstance('login', $configFile['mysqli']);`	13	`$handler = MySessionHandler::getInstance('login', $configFile['mysqli']);`
-		14	`$nonceSecret = $configFile['nonce']['secret'];`
13	`unset($configFile);`	15	`unset($configFile);`
14		16
15	`ini_set("session.cookie_httponly", 1);`	17	`ini_set("session.cookie_httponly", 1);`
16	`ini_set("session.cookie_secure", 1);`	18	`ini_set("session.cookie_secure", 1);`
17	`session_set_save_handler($handler, true);`	19	`session_set_save_handler($handler, true);`
18	`if (!empty($_COOKIE['PHPSESSID'])) {`	20	`if (!empty($_COOKIE['PHPSESSID'])) {`
19	`session_id($_COOKIE['PHPSESSID']);`	21	`session_id($_COOKIE['PHPSESSID']);`
20	`}`	22	`}`
21		23
22	`session_start();`	24	`session_start();`
-		25
-		26	`$_SESSION["nonce"] = NonceUtil::generate($nonceSecret);`
-		27	`include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/csp.php");`
23		28
24	`function timeStampUrl($file) {`	29	`function timeStampUrl($file) {`
25	`return "/" . $file . "?" . filemtime($_SERVER['DOCUMENT_ROOT'] . "/" . $file);`	30	`return "/" . $file . "?" . filemtime($_SERVER['DOCUMENT_ROOT'] . "/" . $file);`
26	`}`	31	`}`