ZaneYork
/
zoneminder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Should use zm_session_start instead of session_start

This commit is contained in:
Isaac Connor 2019-08-16 15:08:10 -04:00
parent cfeedd39a4
commit 28155ebd90
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
web/includes/actions/login.php
View File

@ -75,7 +75,7 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == '
$close_session = 0;
if ( !is_session_started() ) {
session_start();
zm_session_start();
$close_session = 1;
}
$_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking

2
web/includes/auth.php
View File

@ -217,7 +217,7 @@ function generateAuthHash($useRemoteAddr, $force=false) {
$auth = md5($authKey);
$close_session = 0;
if ( !is_session_started() ) {
session_start();
zm_session_start();
$close_session = 1;
}
$_SESSION['AuthHash'.$_SESSION['remoteAddr']] = $auth;