Subversion Repositories cheapmusic

Rev

Rev 42 | Rev 64 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed 

<?php
error_reporting(E_ALL);

if ($_SERVER["SERVER_NAME"] == "www.findcheapmusic.com") {
    ini_set("zlib.output_compression", "On");
    ini_set("display_errors", 0);
    ini_set("log_errors", 1);
    ini_set("error_log", $_SERVER['DOCUMENT_ROOT'] . "/../MyFiles/logs/php_error.log");
    header("Strict-Transport-Security: max-age=31536000; includeSubDomains; preload");
    header("X-Content-Type-Options: nosniff");
    header("X-XSS-Protection: 1; mode=block");
    header("Access-Control-Allow-Origin: *");
    header("Referrer-Policy: no-referrer");
    header("X-Frame-Options: SAMEORIGIN");
    header("Set-Cookie: ^(.*)$ $1;HttpOnly;Secure");
    header("Content-Security-Policy: default-src 'none'; font-src https://fonts.gstatic.com https://use.fontawesome.com; form-action 'self'; frame-src https://www.google.com; img-src 'self' https://platform-lookaside.fbsbx.com http://abs.twimg.com https://abs.twimg.com https://lh4.googleusercontent.com; script-src 'self' 'unsafe-inline' https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ https://use.fontawesome.com/releases/v5.8.1/css/;frame-ancestors 'self'");
}

include_once($_SERVER['DOCUMENT_ROOT'] . "/php/sessions_db.php");
include_once($_SERVER['DOCUMENT_ROOT'] . "/php/cryptor.php");

$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . "/../MyFiles/config/cheapmusic.ini", true);
$crypt = Cryptor::getInstance($configFile['cryptor']);
$handler = MySessionHandler::getInstance('login', $configFile['mysqli']);
unset($configFile);

ini_set("session.cookie_httponly", 1);
ini_set("session.cookie_secure", 1);
session_set_save_handler($handler, true);
if (!empty($_COOKIE['PHPSESSID'])) {
    session_id($_COOKIE['PHPSESSID']);
}

session_start();