Commit dfcbe059 authored by Gábor Hojtsy's avatar Gábor Hojtsy
Browse files

#160107 by JohnAlbin: use the same session ID regardless of the protocol used...

#160107 by JohnAlbin: use the same session ID regardless of the protocol used to access the page (eg share sessions between http and https pages)
parent e3fa6893
......@@ -299,8 +299,9 @@ function conf_init() {
$session_name = $cookie_domain;
}
else {
// Otherwise use $base_url for session name.
$session_name = $base_url;
// Otherwise use $base_url as session name, without the protocol
// to use the same session identifiers across http and https.
list( , $session_name) = explode('://', $base_url, 2);
// We try to set the cookie domain to the hostname.
if (!empty($_SERVER['HTTP_HOST'])) {
$cookie_domain = $_SERVER['HTTP_HOST'];
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment