Rev 1130 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 1130 | Rev 1282 | ||
---|---|---|---|
Line 38... | Line 38... | ||
38 | /** |
38 | /** |
39 | * @throws OIDplusException |
39 | * @throws OIDplusException |
40 | */ |
40 | */ |
41 | public function __construct() { |
41 | public function __construct() { |
42 | $this->sessionLifetime = OIDplus::baseConfig()->getValue('SESSION_LIFETIME', 30*60); |
42 | $this->sessionLifetime = OIDplus::baseConfig()->getValue('SESSION_LIFETIME', 30*60); |
43 | $this->secret = OIDplus::baseConfig()->getValue('SERVER_SECRET'); |
43 | $this->secret = OIDplus::authUtils()->makeSecret('b118abc8-f4ec-11ed-86ca-3c4a92df8582'); |
44 | 44 | ||
45 | // **PREVENTING SESSION HIJACKING** |
45 | // **PREVENTING SESSION HIJACKING** |
46 | // Prevents javascript XSS attacks aimed to steal the session ID |
46 | // Prevents javascript XSS attacks aimed to steal the session ID |
47 | @ini_set('session.cookie_httponly', '1'); |
47 | @ini_set('session.cookie_httponly', '1'); |
48 | 48 |