Ignore:
Timestamp:
Jan 15, 2006, 2:45:42 PM (18 years ago)
Author:
nikrou
Message:

Improve security of sessions:

  • use only cookies to store session id on client side
  • use default php session system with database handler to store sessions on server side
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/admin/comments.php

    r839 r1004  
    118118$template->assign_vars(
    119119  array(
    120     'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=comments')
     120    'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=comments'
    121121    )
    122122  );
     
    142142    array(
    143143      'U_PICTURE' =>
    144         add_session_id(
    145144          PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
    146           '&image_id='.$row['image_id']
    147           ),
     145          '&image_id='.$row['image_id'],
    148146      'ID' => $row['id'],
    149147      'TN_SRC' => get_thumbnail_src($row['path'], @$row['tn_ext']),
Note: See TracChangeset for help on using the changeset viewer.