Skip to content

Commit

Permalink
Refresh session lifetime (#187)
Browse files Browse the repository at this point in the history 
Stale session ids can cause premature session expiration after login.
Regenerating the session id provides the expected session lifetime, and
is also considered best practice for session management.
  • Loading branch information
@ThomasBrierley
ThomasBrierley authored Sep 27, 2024
1 parent 0bd5c98 commit 62183af
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 0 deletions.
1 change: 1 addition & 0 deletions admin/index.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
if ( ! defined('COOKIE_SESSION') ) define('COOKIE_SESSION', true);
require_once("../config.php");
session_start();
session_regenerate_id(true);
require_once("gate.php");
if ( $REDIRECTED === true || ! isset($_SESSION["admin"]) ) return;

Expand Down
1 change: 1 addition & 0 deletions login.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ function login_redirect($path=false) {
$PDOX = LTIX::getConnection();

session_start();
session_regenerate_id(true);
error_log('Session in login '.session_id());

$oauth_consumer_key = 'google.com';
Expand Down

0 comments on commit 62183af

Please sign in to comment.