Changeset 1004 for trunk/comments.php


Ignore:
Timestamp:
Jan 15, 2006, 2:45:42 PM (18 years ago)
Author:
nikrou
Message:

Improve security of sessions:

  • use only cookies to store session id on client side
  • use default php session system with database handler to store sessions on server side
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/comments.php

    r889 r1004  
    180180    'F_AUTHOR'=>@$_GET['author'],
    181181   
    182     'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php')
     182    'U_HOME' => PHPWG_ROOT_PATH.'category.php'
    183183    )
    184184  );
     
    415415        'TITLE_IMG'=>$name,
    416416        'I_THUMB'=>$thumbnail_src,
    417         'U_THUMB'=>add_session_id($url)
     417        'U_THUMB'=>$url
    418418        ));
    419419   
     
    427427      'comment',
    428428      array(
    429         'U_PICTURE' => add_session_id($url),
     429        'U_PICTURE' => $url,
    430430        'TN_SRC' => $thumbnail_src,
    431431        'AUTHOR' => $author,
Note: See TracChangeset for help on using the changeset viewer.