From: <nuc...@us...> - 2008-07-30 11:59:14
|
Revision: 5457 http://mantisbt.svn.sourceforge.net/mantisbt/?rev=5457&view=rev Author: nuclear_eclipse Date: 2008-07-30 11:59:11 +0000 (Wed, 30 Jul 2008) Log Message: ----------- Fix #9323: PHP sessions prevented browser caching. Modified Paths: -------------- branches/BRANCH_1_1_0/mantisbt/core/session_api.php Modified: branches/BRANCH_1_1_0/mantisbt/core/session_api.php =================================================================== --- branches/BRANCH_1_1_0/mantisbt/core/session_api.php 2008-07-29 12:37:35 UTC (rev 5456) +++ branches/BRANCH_1_1_0/mantisbt/core/session_api.php 2008-07-30 11:59:11 UTC (rev 5457) @@ -54,6 +54,7 @@ session_save_path( $t_session_save_path ); } + session_cache_limiter( 'private_no_expire' ); session_start(); $this->id = session_id(); } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <nuc...@us...> - 2008-08-13 12:56:41
|
Revision: 5511 http://mantisbt.svn.sourceforge.net/mantisbt/?rev=5511&view=rev Author: nuclear_eclipse Date: 2008-08-13 12:56:37 +0000 (Wed, 13 Aug 2008) Log Message: ----------- 0009524: Mantis should use secure sessions on https connections Modified Paths: -------------- branches/BRANCH_1_1_0/mantisbt/core/session_api.php Modified: branches/BRANCH_1_1_0/mantisbt/core/session_api.php =================================================================== --- branches/BRANCH_1_1_0/mantisbt/core/session_api.php 2008-08-13 12:46:25 UTC (rev 5510) +++ branches/BRANCH_1_1_0/mantisbt/core/session_api.php 2008-08-13 12:56:37 UTC (rev 5511) @@ -55,6 +55,9 @@ } session_cache_limiter( 'private_no_expire' ); + if ( isset( $_SERVER['HTTPS'] ) && ( strtolower( $_SERVER['HTTPS'] ) != 'off' ) ) { + session_set_cookie_params( 0, config_get( 'cookie_path' ), config_get( 'cookie_domain' ), true, true ); + } session_start(); $this->id = session_id(); } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <nuc...@us...> - 2008-08-21 11:19:00
|
Revision: 5516 http://mantisbt.svn.sourceforge.net/mantisbt/?rev=5516&view=rev Author: nuclear_eclipse Date: 2008-08-21 11:18:57 +0000 (Thu, 21 Aug 2008) Log Message: ----------- Fix #9559: Wrong conditional check in session_save_path Modified Paths: -------------- branches/BRANCH_1_1_0/mantisbt/core/session_api.php Modified: branches/BRANCH_1_1_0/mantisbt/core/session_api.php =================================================================== --- branches/BRANCH_1_1_0/mantisbt/core/session_api.php 2008-08-20 13:55:56 UTC (rev 5515) +++ branches/BRANCH_1_1_0/mantisbt/core/session_api.php 2008-08-21 11:18:57 UTC (rev 5516) @@ -50,7 +50,7 @@ class MantisPHPSession extends MantisSession { function __construct() { $t_session_save_path = config_get_global( 'session_save_path' ); - if ( ! $t_session_save_path ) { + if ( $t_session_save_path ) { session_save_path( $t_session_save_path ); } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <nuc...@us...> - 2008-10-14 17:03:41
|
Revision: 5670 http://mantisbt.svn.sourceforge.net/mantisbt/?rev=5670&view=rev Author: nuclear_eclipse Date: 2008-10-14 17:03:29 +0000 (Tue, 14 Oct 2008) Log Message: ----------- Fix #9690: httponly flag for session_set_cookie_params() is only in PHP 5.2+ Modified Paths: -------------- branches/BRANCH_1_1_0/mantisbt/core/session_api.php Modified: branches/BRANCH_1_1_0/mantisbt/core/session_api.php =================================================================== --- branches/BRANCH_1_1_0/mantisbt/core/session_api.php 2008-10-14 17:02:51 UTC (rev 5669) +++ branches/BRANCH_1_1_0/mantisbt/core/session_api.php 2008-10-14 17:03:29 UTC (rev 5670) @@ -56,9 +56,9 @@ session_cache_limiter( 'private_no_expire' ); if ( isset( $_SERVER['HTTPS'] ) && ( strtolower( $_SERVER['HTTPS'] ) != 'off' ) ) { - session_set_cookie_params( 0, config_get( 'cookie_path' ), config_get( 'cookie_domain' ), true, true ); + session_set_cookie_params( 0, config_get( 'cookie_path' ), config_get( 'cookie_domain' ), true ); } else { - session_set_cookie_params( 0, config_get( 'cookie_path' ), config_get( 'cookie_domain' ), false, true ); + session_set_cookie_params( 0, config_get( 'cookie_path' ), config_get( 'cookie_domain' ), false ); } session_start(); $this->id = session_id(); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <nuc...@us...> - 2008-10-29 15:55:42
|
Revision: 5745 http://mantisbt.svn.sourceforge.net/mantisbt/?rev=5745&view=rev Author: nuclear_eclipse Date: 2008-10-29 15:55:34 +0000 (Wed, 29 Oct 2008) Log Message: ----------- Disable session validation from r5706 until issue #9744 is resolved. Modified Paths: -------------- branches/BRANCH_1_1_0/mantisbt/core/session_api.php Modified: branches/BRANCH_1_1_0/mantisbt/core/session_api.php =================================================================== --- branches/BRANCH_1_1_0/mantisbt/core/session_api.php 2008-10-27 23:50:46 UTC (rev 5744) +++ branches/BRANCH_1_1_0/mantisbt/core/session_api.php 2008-10-29 15:55:34 UTC (rev 5745) @@ -126,7 +126,8 @@ break; } - session_validate( $g_session ); + # Disable session validation for the time being + #session_validate( $g_session ); } /** This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |