Andrew Dolgov
|
1b5b1e5fec
|
sessions: use is_server_https() for secure cookie setting
|
7 years ago |
Natan Frei
|
e234ac8dcb
|
$_SERVER['HTTPS'] can be exists and 'off' for non-https connectios
|
7 years ago |
Andrew Dolgov
|
09628e1b1a
|
rework previous 32 bit session stuff
|
7 years ago |
Andrew Dolgov
|
b465c28ee0
|
sessions: clip max expiry value to a 32bit integer
|
7 years ago |
Andrew Dolgov
|
ea79a0e033
|
remove some redundant php closing tags
|
8 years ago |
Andrew Dolgov
|
7b55001eee
|
fix various issues reported by static analysis
update gitlab-ci config
|
8 years ago |
Andrew Dolgov
|
33d131d699
|
ttrss_gc: return true
|
9 years ago |
Andrew Dolgov
|
f5e66c439e
|
remove SESSION_CHECK_ADDRESS
|
9 years ago |
Andrew Dolgov
|
ffc3a1e579
|
session: don't try to validate session schema version on empty sessions
|
10 years ago |
Andrew Dolgov
|
3192fb43bc
|
do not invalidate session when version_static and user agent changes
|
10 years ago |
Andrew Dolgov
|
04a8c2065f
|
better error reporting in session validation
|
12 years ago |
Andrew Dolgov
|
3472c4c569
|
use static version for session checking, show latest changeset for git version instead of head date
|
12 years ago |
Andrew Dolgov
|
6322ac79a0
|
remove $link
|
12 years ago |
Andrew Dolgov
|
404e2e3603
|
more work on singleton-based DB
|
12 years ago |
Andrew Dolgov
|
889a5f9f19
|
experimental SQL-based error logger
|
12 years ago |
Andrew Dolgov
|
9ce7a5546c
|
implement some tweaks to session handling; properly remove session cookie if invalid/login failed
|
12 years ago |
Andrew Dolgov
|
810205625b
|
session validation: check for tt-rss version
|
12 years ago |
Andrew Dolgov
|
6f431804a9
|
remove session check/destroy stuff, looks problematic
|
12 years ago |
Andrew Dolgov
|
c35b6d8e14
|
initialize session connection in ttrss_open but define session_connection in global context
|
12 years ago |
Andrew Dolgov
|
168680976f
|
sessions: initialize connection on include, not in ttrss_open
|
12 years ago |
Ryan Parrish
|
f4bae03a6e
|
Merge branch 'master' of https://github.com/stickystyle/Tiny-Tiny-RSS
|
12 years ago |
Ryan Parrish
|
7081aaa09b
|
add missing gettext libs
|
12 years ago |
Andrew Dolgov
|
837ec70e3e
|
validate_session: check for user agent
|
12 years ago |
Andrew Dolgov
|
e9b7469233
|
validate session on startup
|
12 years ago |
Andrew Dolgov
|
8f49a2257b
|
fix stuff broken by previous pull
|
12 years ago |
all
|
48ec0b8526
|
Check that $_SESSION["uid"] is defined before checking value
|
12 years ago |
Andrew Dolgov
|
2137d67496
|
sessions: properly check for cookie being set
|
12 years ago |
Andrew Dolgov
|
6cfd3c149c
|
remove SESSION_EXPIRE_TIME
|
12 years ago |
Andrew Dolgov
|
f231f438ba
|
reimplement remember_me
|
12 years ago |
Andrew Dolgov
|
60ed4c9ad5
|
add yet another workaround for stuck login due to session cookies
|
12 years ago |
Andrew Dolgov
|
5160620c8a
|
only autostart session if login cookie exists
|
12 years ago |
Andrew Dolgov
|
3972bf5981
|
db_escape_string: specify link parameter for consistency; sessions: do not force-close db connection in _close()
|
12 years ago |
Andrew Dolgov
|
5c81e817d3
|
enable mysql db session support
|
12 years ago |
Andrew Dolgov
|
0295919648
|
attempt fix db_escape_string() invocation in sessions.php
|
12 years ago |
Andrew Dolgov
|
acfbab375d
|
mute warnings caused by session_start() to deal with potential ps_files_cleanup_dir stuff
|
12 years ago |
Andrew Dolgov
|
6addc13f46
|
sessions: prevent HTTPS warning
|
12 years ago |
Andrew Dolgov
|
964f153371
|
api: use tt-rss session storage
|
12 years ago |
Andrew Dolgov
|
09e8bdfd18
|
simplify default global config, expand sanity_check messages
|
13 years ago |
Andrew Dolgov
|
107d0cf39e
|
overall directory tree cleanup
|
13 years ago |