aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorredmatrix <git@macgirvin.com>2016-04-08 05:10:36 -0700
committerredmatrix <git@macgirvin.com>2016-04-08 05:10:36 -0700
commitc0bdcfedeb8c5b8753587ac77d5b90d48698ec66 (patch)
tree94843305f78eddc482891f43926cd5fc4c7e2876
parent9b66b5eee37c1a3958d9ddccb9c1a06ac7ef49ce (diff)
downloadvolse-hubzilla-c0bdcfedeb8c5b8753587ac77d5b90d48698ec66.tar.gz
volse-hubzilla-c0bdcfedeb8c5b8753587ac77d5b90d48698ec66.tar.bz2
volse-hubzilla-c0bdcfedeb8c5b8753587ac77d5b90d48698ec66.zip
log if the session handler fails and surface the ssl_cookie config setting
-rw-r--r--Zotlabs/Web/Session.php4
-rwxr-xr-xinstall/htconfig.sample.php1
-rw-r--r--view/en/htconfig.tpl1
3 files changed, 5 insertions, 1 deletions
diff --git a/Zotlabs/Web/Session.php b/Zotlabs/Web/Session.php
index ff0070d15..494c02b1d 100644
--- a/Zotlabs/Web/Session.php
+++ b/Zotlabs/Web/Session.php
@@ -27,7 +27,9 @@ class Session {
$handler = new \Zotlabs\Web\SessionHandler();
- session_set_save_handler($handler,true);
+ $x = session_set_save_handler($handler,true);
+ if(! $x)
+ logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR);
// Force cookies to be secure (https only) if this site is SSL enabled.
// Must be done before session_start().
diff --git a/install/htconfig.sample.php b/install/htconfig.sample.php
index 1d9dc1a13..5e506225e 100755
--- a/install/htconfig.sample.php
+++ b/install/htconfig.sample.php
@@ -53,6 +53,7 @@ App::$config['system']['location_hash'] = 'if the auto install failed, put a uni
App::$config['system']['transport_security_header'] = 1;
App::$config['system']['content_security_policy'] = 1;
+App::$config['system']['ssl_cookie_protection'] = 1;
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
diff --git a/view/en/htconfig.tpl b/view/en/htconfig.tpl
index 13c5aa942..4aa6132a6 100644
--- a/view/en/htconfig.tpl
+++ b/view/en/htconfig.tpl
@@ -43,6 +43,7 @@ App::$config['system']['location_hash'] = '{{$site_id}}';
App::$config['system']['transport_security_header'] = 1;
App::$config['system']['content_security_policy'] = 1;
+App::$config['system']['ssl_cookie_protection'] = 1;
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
// Be certain to create your own personal account before setting