22 lines
737 B
PHP
22 lines
737 B
PHP
<?php
|
|
declare(strict_types=1);
|
|
function start_secure_session(): void {
|
|
if (session_status() === PHP_SESSION_ACTIVE) return;
|
|
ini_set('session.use_strict_mode', '1');
|
|
ini_set('session.use_cookies', '1');
|
|
ini_set('session.cookie_httponly', '1');
|
|
ini_set('session.cookie_lifetime', '0');
|
|
$secure = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off');
|
|
if ($secure) ini_set('session.cookie_secure', '1');
|
|
$params = session_get_cookie_params();
|
|
session_set_cookie_params([
|
|
'lifetime' => 0,
|
|
'path' => $params['path'] ?? '/',
|
|
'domain' => $params['domain'] ?? '',
|
|
'secure' => $secure,
|
|
'httponly' => true,
|
|
'samesite' => 'Lax'
|
|
]);
|
|
session_start();
|
|
}
|