nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2026-01-06 11:43:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Increase the HTTPS security.

Browse Source
This commit is contained in:
markjcrane
2016-02-22 13:18:37 -07:00
parent 33192164ad
commit 976fc1bc8f
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
resources/check_auth.php
View File

@@ -31,7 +31,9 @@ require_once "resources/require.php";
} }
//start the session //start the session
ini_set("session.use_only_cookies", True);
ini_set("session.cookie_httponly", True); ini_set("session.cookie_httponly", True);
if ($_SERVER["HTTPS"] == "on") { ini_set("session.cookie_secure", True); }
session_start(); session_start();
//if the username session is not set the check username and password //if the username session is not set the check username and password
@@ -223,7 +225,7 @@ require_once "resources/require.php";
} }
else { else {
$sql .= "where username=:username "; $sql .= "where username=:username ";
//$sql .= "and username='".$username."' "; //$sql .= "where username='".$username."' ";
} }
//$sql .= "and domain_uuid='".$domain_uuid."' "; //$sql .= "and domain_uuid='".$domain_uuid."' ";
if ($_SESSION["user"]["unique"]["text"] == "global") { if ($_SESSION["user"]["unique"]["text"] == "global") {
@@ -396,7 +398,7 @@ require_once "resources/require.php";
} }
//get the domains //get the domains
if (file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/domains/app_config.php")){ if (file_exists($_SERVER["PROJECT_ROOT"]."/app/domains/app_config.php")){
require_once "app/domains/resources/domains.php"; require_once "app/domains/resources/domains.php";
} }