diff options
| author | Michal Čihař <michal@cihar.com> | 2017-10-20 12:24:00 +0300 |
|---|---|---|
| committer | Michal Čihař <michal@cihar.com> | 2017-10-20 12:24:00 +0300 |
| commit | f2dcdfff5016c40ae94c658467f5133e032ec377 (patch) | |
| tree | 7099dcd79f38ea672df8f1936f4b2b954e6788d6 /examples | |
| parent | 3a625bcd1f707e0e04eba03bd3acf1aa6ceaed21 (diff) | |
Do not hardcode secure flag in examples
We can not assume that setup will be https by default, so having false
as default is safer.
Fixes #13758
Signed-off-by: Michal Čihař <michal@cihar.com>
Diffstat (limited to 'examples')
| -rw-r--r-- | examples/openid.php | 5 | ||||
| -rw-r--r-- | examples/signon.php | 4 |
2 files changed, 7 insertions, 2 deletions
diff --git a/examples/openid.php b/examples/openid.php index a87c1b19a8..68b7dfed98 100644 --- a/examples/openid.php +++ b/examples/openid.php @@ -20,6 +20,9 @@ if (false === @include_once 'OpenID/RelyingParty.php') { exit; } +/* Change this to true if using phpMyAdmin over https */ +$secure_cookie = false; + /** * Map of authenticated users to MySQL user/password pairs. */ @@ -74,7 +77,7 @@ function Die_error($e) /* Need to have cookie visible from parent directory */ -session_set_cookie_params(0, '/', '', true, true); +session_set_cookie_params(0, '/', '', $secure_cookie, true); /* Create signon session */ $session_name = 'SignonSession'; session_name($session_name); diff --git a/examples/signon.php b/examples/signon.php index da9fadfabc..0927fa84e2 100644 --- a/examples/signon.php +++ b/examples/signon.php @@ -11,8 +11,10 @@ * @subpackage Example */ +/* Change this to true if using phpMyAdmin over https */ +$secure_cookie = false; /* Need to have cookie visible from parent directory */ -session_set_cookie_params(0, '/', '', true, true); +session_set_cookie_params(0, '/', '', $secure_cookie, true); /* Create signon session */ $session_name = 'SignonSession'; session_name($session_name); |