index 1127f6a2ba3974296b294014ec3b2c7e0daa9e5f..4a98ad2dc6aa31bd2c67c050b05b3558ea58e707 100644 (file)
the php.ini, so if you use debian, you must hardcode session.gc_maxlifetime in your php.ini */
ini_set("session.gc_maxlifetime",24*60*60);
session_start();
+
+ /* Check for changed browsers and bail out */
+ if (isset($_SESSION['HTTP_USER_AGENT']))
+ {
+ if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) {
+ session_destroy();
+ session_start();
+ }
+ } else {
+ $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
+ }
+
+ /* Regenerate ID to increase security */
+ if (!isset($_SESSION['started'])){
+ session_regenerate_id();
+ $_SESSION['started'] = true;
+ }
}
public static function destroy()
{
- session_destroy();
+ @session_destroy();
}
public static function set_lifetime($seconds = -1)