Browse Source

Optionally access mod cookie in JavaScript

pull/40/head
ctrlcctrlv 11 years ago
committed by Michael Foster
parent
commit
47dec49465
  1. 3
      inc/config.php
  2. 2
      inc/mod/auth.php

3
inc/config.php

@ -1070,6 +1070,9 @@
// Replace ?/config with a simple text editor for editing inc/instance-config.php.
$config['mod']['config_editor_php'] = false;
// Whether or not you can access the mod cookie in JavaScript. Most users should not need to change this.
$config['mod']['cookie_httponly'] = true;
/*
* ====================
* Mod permissions

2
inc/mod/auth.php

@ -72,7 +72,7 @@ function setCookies() {
$mod['hash'][0] . // password
':' .
$mod['hash'][1], // salt
time() + $config['cookies']['expire'], $config['cookies']['jail'] ? $config['cookies']['path'] : '/', null, false, true);
time() + $config['cookies']['expire'], $config['cookies']['jail'] ? $config['cookies']['path'] : '/', null, false, $config['mod']['cookie_httponly']);
}
function destroyCookies() {

Loading…
Cancel
Save