summaryrefslogtreecommitdiff
path: root/it_user.class
diff options
context:
space:
mode:
Diffstat (limited to 'it_user.class')
-rw-r--r--it_user.class5
1 files changed, 2 insertions, 3 deletions
diff --git a/it_user.class b/it_user.class
index 26046cf..18c4bbd 100644
--- a/it_user.class
+++ b/it_user.class
@@ -30,6 +30,7 @@ define('IT_USER_STATUS_SESSION', 5); /* Has a valid session */
define('_IT_USER_UID_COOKIE', 'UID');
define('_IT_USER_UID_COOKIE_LIFETIME', 0x7FFFFFFF); /* Forever :-) */
define('_IT_USER_STATUS_INVALID', 0); /* INTERNAL: Not yet evaluated */
+define('_IT_USER_COOKIE_SAMESITE', 'Lax');
class it_user extends it_dbi
{
@@ -205,7 +206,7 @@ function _set_uid($uid)
if (!isset($_COOKIE[$this->p['uidcookiename']]) || ($_COOKIE[$this->p['uidcookiename']] != $uid))
{
- @setcookie($this->p['uidcookiename'], $uid, _IT_USER_UID_COOKIE_LIFETIME, "/", $this->domain, false, true);
+ it::setcookie($this->p['uidcookiename'], $uid, [ 'expires' => _IT_USER_UID_COOKIE_LIFETIME, 'path' => "/", 'domain' => $this->domain, 'secure' => false, 'httponly' => true, 'samesite' => _IT_USER_COOKIE_SAMESITE ]);
$_COOKIE[$this->p['uidcookiename']] = $uid;
}
}
@@ -499,5 +500,3 @@ function check_url($withsession = false)
}
} /* End class it_user */
-
-?>
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-15 02:31:53 +0000