Ajouter src/session.php

src/session.php

@@ -0,0 +1,21 @@
+<?php
+declare(strict_types=1);
+function start_secure_session(): void {
+    if (session_status() === PHP_SESSION_ACTIVE) return;
+    ini_set('session.use_strict_mode', '1');
+    ini_set('session.use_cookies', '1');
+    ini_set('session.cookie_httponly', '1');
+    ini_set('session.cookie_lifetime', '0');
+    $secure = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off');
+    if ($secure) ini_set('session.cookie_secure', '1');
+    $params = session_get_cookie_params();
+    session_set_cookie_params([
+        'lifetime' => 0,
+        'path' => $params['path'] ?? '/',
+        'domain' => $params['domain'] ?? '',
+        'secure' => $secure,
+        'httponly' => true,
+        'samesite' => 'Lax'
+    ]);
+    session_start();
+}