aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorredmatrix <git@macgirvin.com>2016-02-24 11:20:46 -0800
committerredmatrix <git@macgirvin.com>2016-02-24 11:20:46 -0800
commitb101a8f6fb3fd3ec0d5466ba1bb7bc9dc9480fba (patch)
tree88ba8e488264e2cc829d6ad8bae373a46c9fa7b4 /include
parentd074c538897532a4ff7945c1e725c64ac264d5c2 (diff)
downloadvolse-hubzilla-b101a8f6fb3fd3ec0d5466ba1bb7bc9dc9480fba.tar.gz
volse-hubzilla-b101a8f6fb3fd3ec0d5466ba1bb7bc9dc9480fba.tar.bz2
volse-hubzilla-b101a8f6fb3fd3ec0d5466ba1bb7bc9dc9480fba.zip
missing function
Diffstat (limited to 'include')
-rwxr-xr-xinclude/items.php2
-rw-r--r--include/session.php23
2 files changed, 20 insertions, 5 deletions
diff --git a/include/items.php b/include/items.php
index 1b8824793..bb4d1108e 100755
--- a/include/items.php
+++ b/include/items.php
@@ -4132,7 +4132,7 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) {
$o .= '<thr:in-reply-to ref="' . xmlify($parent_item) . '" type="text/html" href="' . xmlify($item['plink']) . '" />' . "\r\n";
}
- if(activity_compare($item['obj_type'],ACTIVITY_OBJ_EVENT) && activity_compare($item['verb'],ACTIVITY_POST)) {
+ if(activity_match($item['obj_type'],ACTIVITY_OBJ_EVENT) && activity_match($item['verb'],ACTIVITY_POST)) {
$obj = ((is_array($item['obj'])) ? $item['object'] : json_decode($item['object'],true));
$o .= '<title>' . xmlify($item['title']) . '</title>' . "\r\n";
diff --git a/include/session.php b/include/session.php
index 92004bc18..182805980 100644
--- a/include/session.php
+++ b/include/session.php
@@ -1,4 +1,5 @@
<?php
+
/**
* @file include/session.php
*
@@ -14,8 +15,8 @@ $session_expire = 180000;
function new_cookie($time) {
$old_sid = session_id();
-// ??? This shouldn't have any effect if called after session_start()
-// We probably need to set the session expiration and change the PHPSESSID cookie.
+ // ??? This shouldn't have any effect if called after session_start()
+ // We probably need to set the session expiration and change the PHPSESSID cookie.
session_set_cookie_params($time);
session_regenerate_id(false);
@@ -108,8 +109,9 @@ ini_set('session.use_only_cookies', 1);
ini_set('session.cookie_httponly', 1);
/*
- * PHP function which sets our user-level session storage functions.
+ * Set our session storage functions.
*/
+
session_set_save_handler(
'ref_session_open',
'ref_session_close',
@@ -117,4 +119,17 @@ session_set_save_handler(
'ref_session_write',
'ref_session_destroy',
'ref_session_gc'
-); \ No newline at end of file
+);
+
+
+ // Force cookies to be secure (https only) if this site is SSL enabled. Must be done before session_start().
+
+ if(intval($a->config['system']['ssl_cookie_protection'])) {
+ $arr = session_get_cookie_params();
+ session_set_cookie_params(
+ ((isset($arr['lifetime'])) ? $arr['lifetime'] : 0),
+ ((isset($arr['path'])) ? $arr['path'] : '/'),
+ ((isset($arr['domain'])) ? $arr['domain'] : $a->get_hostname()),
+ ((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false),
+ ((isset($arr['httponly'])) ? $arr['httponly'] : true));
+ } \ No newline at end of file