fix session security issue (same session on multiple instances)

author: Philip Häusler <msquare@notrademark.de> 2014-09-20 18:31:59 +0200
committer: Philip Häusler <msquare@notrademark.de> 2014-09-20 18:31:59 +0200
commit: 50fea6d371492741f442067199d7c32c3432d6e0 (patch)
tree: 3374588e9a27b3819c608da29fbbb504ff3debe9 /public/index.php
parent: dd3de2d47d7632d12b11cc9b5beb1a373e78a2c8 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/public/index.php b/public/index.php
index 9c9cd53f..0d1184bc 100644
--- a/public/index.php
+++ b/public/index.php
@@ -35,6 +35,7 @@ require_once realpath(__DIR__ . '/../includes/helper/internationalization_helper
 require_once realpath(__DIR__ . '/../includes/helper/message_helper.php');
 require_once realpath(__DIR__ . '/../includes/helper/error_helper.php');
 require_once realpath(__DIR__ . '/../includes/helper/email_helper.php');
+require_once realpath(__DIR__ . '/../includes/helper/session_helper.php');
 
 require_once realpath(__DIR__ . '/../config/config.default.php');
 if (file_exists(realpath(__DIR__ . '/../config/config.php')))
@@ -60,6 +61,7 @@ require_once realpath(__DIR__ . '/../includes/pages/user_shifts.php');
 
 require_once realpath(__DIR__ . '/../vendor/parsedown/Parsedown.php');
 
+session_lifetime(24*60, preg_replace("/[^a-z0-9-]/", '', $_SERVER['REQUEST_URI']));
 session_start();
 
 gettext_init();
author	Philip Häusler <msquare@notrademark.de>	2014-09-20 18:31:59 +0200
committer	Philip Häusler <msquare@notrademark.de>	2014-09-20 18:31:59 +0200
commit	50fea6d371492741f442067199d7c32c3432d6e0 (patch)
tree	3374588e9a27b3819c608da29fbbb504ff3debe9 /public/index.php
parent	dd3de2d47d7632d12b11cc9b5beb1a373e78a2c8 (diff)