Changeset 1004 for trunk/profile.php


Ignore:
Timestamp:
Jan 15, 2006, 2:45:42 PM (18 years ago)
Author:
nikrou
Message:

Improve security of sessions:

  • use only cookies to store session id on client side
  • use default php session system with database handler to store sessions on server side
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/profile.php

    r960 r1004  
    137137    // redirection
    138138    $url = PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING'];
    139     redirect(add_session_id($url));
     139    redirect($url);
    140140  }
    141141}
     
    199199    'L_RETURN_HINT' =>  $lang['home_hint'],
    200200
    201     'U_RETURN' => add_session_id(PHPWG_ROOT_PATH.'category.php'),
    202    
    203     'F_ACTION'=>add_session_id($url_action),
     201    'U_RETURN' => PHPWG_ROOT_PATH.'category.php',
     202   
     203    'F_ACTION'=>$url_action,
    204204    ));
    205205
Note: See TracChangeset for help on using the changeset viewer.