From c0bdcfedeb8c5b8753587ac77d5b90d48698ec66 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Fri, 8 Apr 2016 05:10:36 -0700 Subject: log if the session handler fails and surface the ssl_cookie config setting --- Zotlabs/Web/Session.php | 4 +++- install/htconfig.sample.php | 1 + view/en/htconfig.tpl | 1 + 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/Zotlabs/Web/Session.php b/Zotlabs/Web/Session.php index ff0070d15..494c02b1d 100644 --- a/Zotlabs/Web/Session.php +++ b/Zotlabs/Web/Session.php @@ -27,7 +27,9 @@ class Session { $handler = new \Zotlabs\Web\SessionHandler(); - session_set_save_handler($handler,true); + $x = session_set_save_handler($handler,true); + if(! $x) + logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR); // Force cookies to be secure (https only) if this site is SSL enabled. // Must be done before session_start(). diff --git a/install/htconfig.sample.php b/install/htconfig.sample.php index 1d9dc1a13..5e506225e 100755 --- a/install/htconfig.sample.php +++ b/install/htconfig.sample.php @@ -53,6 +53,7 @@ App::$config['system']['location_hash'] = 'if the auto install failed, put a uni App::$config['system']['transport_security_header'] = 1; App::$config['system']['content_security_policy'] = 1; +App::$config['system']['ssl_cookie_protection'] = 1; // Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED. diff --git a/view/en/htconfig.tpl b/view/en/htconfig.tpl index 13c5aa942..4aa6132a6 100644 --- a/view/en/htconfig.tpl +++ b/view/en/htconfig.tpl @@ -43,6 +43,7 @@ App::$config['system']['location_hash'] = '{{$site_id}}'; App::$config['system']['transport_security_header'] = 1; App::$config['system']['content_security_policy'] = 1; +App::$config['system']['ssl_cookie_protection'] = 1; // Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED. // Be certain to create your own personal account before setting -- cgit v1.2.3