diff options
Diffstat (limited to 'system')
-rw-r--r-- | system/core/Input.php | 15 | ||||
-rw-r--r-- | system/libraries/Session.php | 7 |
2 files changed, 10 insertions, 12 deletions
diff --git a/system/core/Input.php b/system/core/Input.php index 25fe102b5..626245390 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -211,11 +211,12 @@ class CI_Input { * @param bool true makes the cookie secure * @return void */ - function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = NULL) + function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE) { if (is_array($name)) { - foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'name', 'secure') as $item) + // always leave 'name' in last place, as the loop will break otherwise, due to $$item + foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'secure', 'name') as $item) { if (isset($name[$item])) { @@ -236,6 +237,10 @@ class CI_Input { { $path = config_item('cookie_path'); } + if ($secure == FALSE AND config_item('cookie_secure') != FALSE) + { + $secure = config_item('cookie_secure'); + } if ( ! is_numeric($expire)) { @@ -246,12 +251,6 @@ class CI_Input { $expire = ($expire > 0) ? time() + $expire : 0; } - // If TRUE/FALSE is not provided, use the config - if ( ! is_bool($secure)) - { - $secure = (bool) (config_item('cookie_secure') === TRUE); - } - setcookie($prefix.$name, $value, $expire, $path, $domain, $secure); } diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 0b94340d5..182294059 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -37,6 +37,7 @@ class CI_Session { var $cookie_prefix = ''; var $cookie_path = ''; var $cookie_domain = ''; + var $cookie_secure = FALSE; var $sess_time_to_update = 300; var $encryption_key = ''; var $flashdata_key = 'flash'; @@ -61,7 +62,7 @@ class CI_Session { // Set all the session preferences, which can either be set // manually via the $params array above or via the config file - foreach (array('sess_encrypt_cookie', 'sess_use_database', 'sess_table_name', 'sess_expiration', 'sess_expire_on_close', 'sess_match_ip', 'sess_match_useragent', 'sess_cookie_name', 'cookie_path', 'cookie_domain', 'sess_time_to_update', 'time_reference', 'cookie_prefix', 'encryption_key') as $key) + foreach (array('sess_encrypt_cookie', 'sess_use_database', 'sess_table_name', 'sess_expiration', 'sess_expire_on_close', 'sess_match_ip', 'sess_match_useragent', 'sess_cookie_name', 'cookie_path', 'cookie_domain', 'cookie_secure', 'sess_time_to_update', 'time_reference', 'cookie_prefix', 'encryption_key') as $key) { $this->$key = (isset($params[$key])) ? $params[$key] : $this->CI->config->item($key); } @@ -658,8 +659,6 @@ class CI_Session { } $expire = ($this->sess_expire_on_close === TRUE) ? 0 : $this->sess_expiration + time(); - - $secure_cookie = (config_item('cookie_secure') === TRUE) ? 1 : 0; // Set the cookie setcookie( @@ -668,7 +667,7 @@ class CI_Session { $expire, $this->cookie_path, $this->cookie_domain, - $secure_cookie + $this->cookie_secure ); } |