bug fix 261: improve security of sessions (next to svn:1004):

- improve presentation code style - add upgrade database file git-svn-id: http://piwigo.org/svn/trunk@1007 68402e56-0260-453c-a942-63ccdbb3a9ee
2006-01-18 15:16:30 +00:00 · 2006-01-18 15:16:30 +00:00 · 9410522e9f
commit 9410522e9f
parent 9e1fabeaf7
4 changed files with 123 additions and 37 deletions
--- a/include/config_default.inc.php
+++ b/include/config_default.inc.php
@ -264,19 +264,22 @@ $conf['use_exif_mapping'] = array(
 // |                               sessions                                |
 // +-----------------------------------------------------------------------+

-// specifies to use cookie to store the session id on client side
-$conf['session_use_cookies'] = 1;
+// session_use_cookies: specifies to use cookie to store 
+// the session id on client side
+$conf['session_use_cookies'] = true;

-// specifies to only use cookie to store the session id on client side
-$conf['session_use_only_cookies'] = 1;
+// session_use_only_cookies: specifies to only use cookie to store 
+// the session id on client side
+$conf['session_use_only_cookies'] = true;

-// do not use transparent session id support
-$conf['session_use_trans_sid'] = 0;
+// session_use_trans_sid: do not use transparent session id support
+$conf['session_use_trans_sid'] = false;

-// specifies the name of the session which is used as cookie name
+// session_name: specifies the name of the session which is used as cookie name
 $conf['session_name'] = 'pwg_id';

-// comment the line below to use file handler for sessions.
+// session_save_handler: comment the line below 
+// to use file handler for sessions.
 $conf['session_save_handler'] = 'db';

 // authorize_remembering : permits user to stay logged for a long time. It