Ignore:
Timestamp:
Jan 15, 2006, 1:52:55 PM (18 years ago)
Author:
nikrou
Message:

Improve security of sessions:

  • use only cookies to store session id on client side
  • use default php session system with database handler to store sessions on server side
File:
1 edited

Legend:

Unmodified
Added
Removed

  • branches/branch-1_5/admin.php

    r957 r1003  
    6666$template->assign_vars(
    6767  array(
    68     'U_HISTORY'=>add_session_id($link_start.'stats' ),
    69     'U_FAQ'=>add_session_id($link_start.'help' ),
    70     'U_SITES'=>add_session_id($link_start.'remote_site'),
    71     'U_MAINTENANCE'=>add_session_id($link_start.'maintenance'),
    72     'U_CONFIG_GENERAL'=>add_session_id($conf_link.'general' ),
    73     'U_CONFIG_COMMENTS'=>add_session_id($conf_link.'comments' ),
    74     'U_CONFIG_DISPLAY'=>add_session_id($conf_link.'default' ),
    75     'U_CATEGORIES'=>add_session_id($link_start.'cat_list' ),
    76     'U_MOVE'=>add_session_id($link_start.'cat_move' ),
    77     'U_CAT_UPLOAD'=>add_session_id($opt_link.'upload'),
    78     'U_CAT_COMMENTS'=>add_session_id($opt_link.'comments'),
    79     'U_CAT_VISIBLE'=>add_session_id($opt_link.'visible'),
    80     'U_CAT_STATUS'=>add_session_id($opt_link.'status'),
    81     'U_CAT_OPTIONS'=>add_session_id($link_start.'cat_options'),
    82     'U_CAT_UPDATE'=>add_session_id($link_start.'update'),
    83     'U_WAITING'=>add_session_id($link_start.'waiting' ),
    84     'U_COMMENTS'=>add_session_id($link_start.'comments' ),
    85     'U_CADDIE'=>add_session_id($link_start.'element_set&cat=caddie'),
    86     'U_THUMBNAILS'=>add_session_id($link_start.'thumbnail' ),
    87     'U_USERS'=>add_session_id($link_start.'user_list' ),
    88     'U_GROUPS'=>add_session_id($link_start.'group_list' ),
    89     'U_ADMIN'=>add_session_id( PHPWG_ROOT_PATH.'admin.php' ),
    90     'U_RETURN'=>add_session_id(PHPWG_ROOT_PATH.'category.php')
     68    'U_HISTORY'=> $link_start.'stats',
     69    'U_FAQ'=> $link_start.'help',
     70    'U_SITES'=> $link_start.'remote_site',
     71    'U_MAINTENANCE'=> $link_start.'maintenance',
     72    'U_CONFIG_GENERAL'=> $conf_link.'general',
     73    'U_CONFIG_COMMENTS'=> $conf_link.'comments',
     74    'U_CONFIG_DISPLAY'=> $conf_link.'default',
     75    'U_CATEGORIES'=> $link_start.'cat_list',
     76    'U_MOVE'=> $link_start.'cat_move',
     77    'U_CAT_UPLOAD'=> $opt_link.'upload',
     78    'U_CAT_COMMENTS'=> $opt_link.'comments',
     79    'U_CAT_VISIBLE'=> $opt_link.'visible',
     80    'U_CAT_STATUS'=> $opt_link.'status',
     81    'U_CAT_OPTIONS'=> $link_start.'cat_options',
     82    'U_CAT_UPDATE'=> $link_start.'update',
     83    'U_WAITING'=> $link_start.'waiting',
     84    'U_COMMENTS'=> $link_start.'comments',
     85    'U_CADDIE'=> $link_start.'element_set&cat=caddie',
     86    'U_THUMBNAILS'=> $link_start.'thumbnail',
     87    'U_USERS'=> $link_start.'user_list',
     88    'U_GROUPS'=> $link_start.'group_list',
     89    'U_ADMIN'=> PHPWG_ROOT_PATH.'admin.php',
     90    'U_RETURN'=> PHPWG_ROOT_PATH.'category.php'
    9191    )
    9292  );
     
    9797    'representative',
    9898    array(
    99       'URL' => add_session_id($opt_link.'representative')
     99      'URL' => $opt_link.'representative'
    100100      )
    101101    );
Note: See TracChangeset for help on using the changeset viewer.