summaryrefslogtreecommitdiff
path: root/it_session.class
diff options
context:
space:
mode:
authorChristian Schneider2007-08-30 15:35:50 +0000
committerChristian Schneider2007-08-30 15:35:50 +0000
commit16d4ad60320f96de6807a3826f3d2e99018b9272 (patch)
tree6067f84e03fe58a81be8df46ffc956fa5611b8e4 /it_session.class
parent7722bd06a2797d06529d21fc939cd84ae98361fe (diff)
downloaditools-16d4ad60320f96de6807a3826f3d2e99018b9272.tar.gz
itools-16d4ad60320f96de6807a3826f3d2e99018b9272.tar.bz2
itools-16d4ad60320f96de6807a3826f3d2e99018b9272.zip
Remove default secret and require applications to set one
Diffstat (limited to 'it_session.class')
-rw-r--r--it_session.class5
1 files changed, 3 insertions, 2 deletions
diff --git a/it_session.class b/it_session.class
index afc5a38..34ed379 100644
--- a/it_session.class
+++ b/it_session.class
@@ -8,7 +8,6 @@
define('_IT_SESSION_COOKIE', 'SESSION');
define('_IT_SESSION_COOKIE_EXPIRY', 0);
define('_IT_SESSION_LIFETIME', 3600);
-define('_IT_SESSION_SECRET', 'Kh234aH2!34hk22#4eJK@L231');
class it_session
{
@@ -30,7 +29,6 @@ function it_session()
{
$this->cookiename = _IT_SESSION_COOKIE;
$this->lifetime = _IT_SESSION_LIFETIME;
- $this->secret = _IT_SESSION_SECRET;
/*
* NOTE: Does not work with dynamic IPs (dialup with low timeout,
* load balanced Proxies and maybe more weird stuff).
@@ -79,6 +77,9 @@ function set_secret($secret)
function init()
{
+ if (empty($this->secret))
+ it::fatal('it_session requires secret to be set');
+
/* Got a cookie? */
if ($this->hascookies = isset($_COOKIE[$this->cookiename]))
$this->cookie = $_COOKIE[$this->cookiename];