AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Encryption changes

This commit is contained in:
Marcus Hill 2022-01-11 20:42:46 +00:00
parent 0382dbbfb2
commit 2a4d42de09
2 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
functions.php
View File

@ -369,12 +369,13 @@ function generateUserSessionKey($site_encryption_master_key){
//Give the user "their" key as a cookie
//By default, this should be HTTPS but we can change to HTTP for development via the config.php file
include('config.php');
if($config_https_only){
setcookie("user_encryption_session_key", $user_encryption_session_key, 0, "/", "", "true", "true");
}
else{
setcookie("user_encryption_session_key", $user_encryption_session_key, 0, "/");
$_SESSION['alert_message'] = "Unencrypted connection: Using HTTP only.";
$_SESSION['alert_message'] = "Unencrypted connection flag set: Using non-secure cookies.";
}
}

5
post.php
View File

@ -6565,11 +6565,12 @@ if(isset($_GET['logout'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Logout', log_action = 'Success', log_description = '$session_name logged out', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_user_id = $session_user_id");
session_start();
session_destroy();
setcookie("user_encryption_session_key", '', time() - 3600, "/");
unset($_COOKIE['user_encryption_session_key']);
setcookie("user_encryption_session_key", '', time() - 3600, "/", "", "true", "true");
session_unset();
session_destroy();
header('Location: login.php');
}