From 6609e5065a5c951207e504135760c17a7283145c Mon Sep 17 00:00:00 2001
From: Marcus Hill <bcf8c9f2@opayq.com>
Date: Fri, 7 Jan 2022 19:10:29 +0000
Subject: [PATCH] Set php session cookie to be httponly

---
 login.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/login.php b/login.php
index 8e7ad958..7cd5638b 100644
--- a/login.php
+++ b/login.php
@@ -16,6 +16,9 @@ $browser = strip_tags(mysqli_real_escape_string($mysqli,get_web_browser()));
 
 $user_agent = "$os - $browser";
 
+// HTTP Only cookies
+ini_set("session.cookie_httponly", True);
+
 session_start();
 
 if(isset($_POST['login'])){