Send cookie only via HTTPS if a mod logs in via HTTPS, which is the case on this site

This commit is contained in:
Chen-Pang He 2014-06-05 18:07:29 +08:00 committed by czaks
parent 8d745bec26
commit 6716a24b68
2 changed files with 3 additions and 3 deletions

View File

@ -69,13 +69,13 @@ function setCookies() {
$mod['hash'][0] . // password
':' .
$mod['hash'][1], // salt
time() + $config['cookies']['expire'], $config['cookies']['jail'] ? $config['cookies']['path'] : '/', null, false, $config['cookies']['httponly']);
time() + $config['cookies']['expire'], $config['cookies']['jail'] ? $config['cookies']['path'] : '/', null, $_SERVER['HTTPS'], $config['cookies']['httponly']);
}
function destroyCookies() {
global $config;
// Delete the cookies
setcookie($config['cookies']['mod'], 'deleted', time() - $config['cookies']['expire'], $config['cookies']['jail']?$config['cookies']['path'] : '/', null, false, true);
setcookie($config['cookies']['mod'], 'deleted', time() - $config['cookies']['expire'], $config['cookies']['jail']?$config['cookies']['path'] : '/', null, $_SERVER['HTTPS'], true);
}
function modLog($action, $_board=null) {

View File

@ -150,7 +150,7 @@ function mod_dashboard() {
$latest = false;
}
setcookie('update', serialize($latest), time() + $config['check_updates_time'], $config['cookies']['jail'] ? $config['cookies']['path'] : '/', null, false, true);
setcookie('update', serialize($latest), time() + $config['check_updates_time'], $config['cookies']['jail'] ? $config['cookies']['path'] : '/', null, $_SERVER['HTTPS'], true);
}
if ($latest)