diff options
author | robocoder <anthon.pang@gmail.com> | 2009-09-08 21:17:56 +0400 |
---|---|---|
committer | robocoder <anthon.pang@gmail.com> | 2009-09-08 21:17:56 +0400 |
commit | 351d292235024f2b939d3a4275f9e991361c4e81 (patch) | |
tree | 7bc8cdd12bf07c5306d8882751e43bfbceaa0e9c /index.php | |
parent | db22820373cb972f89b77b5a1c83209ecd67efea (diff) |
fixes #945 - Piwik sets the session.name to 'PIWIK_SESSID'; define('PIWIK_SESSION_NAME', ...) in bootstrap.php to override; session namespaces now prefixed by Piwik_. We regenerate session ID at login/logout to mitigate session fixation attacks.
git-svn-id: http://dev.piwik.org/svn/trunk@1460 59fd770c-687e-43c8-a1e3-f5a4ff64c105
Diffstat (limited to 'index.php')
-rw-r--r-- | index.php | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -14,6 +14,11 @@ if(file_exists('bootstrap.php')) require_once 'bootstrap.php'; } +if(!defined('PIWIK_SESSION_NAME')) +{ + define('PIWIK_SESSION_NAME', 'PIWIK_SESSID'); +} +@ini_set('session.name', PIWIK_SESSION_NAME); error_reporting(E_ALL|E_NOTICE); if(!defined('PIWIK_DISPLAY_ERRORS') || PIWIK_DISPLAY_ERRORS) { |