// If the user does not access any page within this time, his/her session is considered expired. define('INACTIVITY_TIMEOUT', 3600); // in seconds. // Use cookies to store session. ini_set('session.use_cookies', 1); // Force cookies for session (phpsessionID forbidden in URL). ini_set('session.use_only_cookies', 1); // Prevent PHP form using sessionID in URL if cookies are disabled. ini_set('session.use_trans_sid', false); session_name('shaarli'); // Start session if needed (Some server auto-start sessions). if (session_id() == '') { session_start(); } // Regenerate session ID if invalid or not defined in cookie. if (isset($_COOKIE['shaarli']) && !is_session_id_valid($_COOKIE['shaarli'])) { session_regenerate_id(true); $_COOKIE['shaarli'] = session_id(); } include "inc/rain.tpl.class.php"; //include Rain TPL raintpl::$tpl_dir = $GLOBALS['config']['RAINTPL_TPL']; // template directory raintpl::$cache_dir = $GLOBALS['config']['RAINTPL_TMP']; // cache directory $pluginManager = PluginManager::getInstance(); $pluginManager->load($GLOBALS['config']['ENABLED_PLUGINS']); ob_start(); // Output buffering for the page cache. // In case stupid admin has left magic_quotes enabled in php.ini: if (get_magic_quotes_gpc()) {
/** * Test is_session_id_valid with invalid IDs. */ public function testIsSessionIdInvalid() { $this->assertFalse(is_session_id_valid('')); $this->assertFalse(is_session_id_valid(array())); $this->assertFalse(is_session_id_valid('c0ZqcWF3VFE2NmJBdm1HMVQ0ZHJ3UmZPbTFsNGhkNHI=')); }