summaryrefslogtreecommitdiff
path: root/lib/session.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/session.php')
-rw-r--r--lib/session.php54
1 files changed, 0 insertions, 54 deletions
diff --git a/lib/session.php b/lib/session.php
deleted file mode 100644
index 688004b3..00000000
--- a/lib/session.php
+++ /dev/null
@@ -1,54 +0,0 @@
-<?php
-
-class Session
-{
- const SESSION_LIFETIME = 2678400; // 31 days
-
- public function open($base_path = '/', $save_path = '')
- {
- if ($save_path !== '') session_save_path($save_path);
-
- // HttpOnly and secure flags for session cookie
- session_set_cookie_params(
- self::SESSION_LIFETIME,
- $base_path ?: '/',
- null,
- isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on',
- true
- );
-
- // Avoid session id in the URL
- ini_set('session.use_only_cookies', true);
-
- // Ensure session ID integrity
- ini_set('session.entropy_file', '/dev/urandom');
- ini_set('session.entropy_length', '32');
- ini_set('session.hash_bits_per_character', 6);
-
- // Custom session name
- session_name('__S');
-
- session_start();
-
- // Regenerate the session id to avoid session fixation issue
- if (empty($_SESSION['__validated'])) {
- session_regenerate_id(true);
- $_SESSION['__validated'] = 1;
- }
- }
-
- public function close()
- {
- session_destroy();
- }
-
- public function flash($message)
- {
- $_SESSION['flash_message'] = $message;
- }
-
- public function flashError($message)
- {
- $_SESSION['flash_error_message'] = $message;
- }
-}
generated by cgit v1.2.3 (git 2.46.0) at 2025-04-04 19:13:22 +0000