STD_PHP_INI_ENTRY("session.cookie_domain", "", PHP_INI_ALL, OnUpdateString, cookie_domain, php_ps_globals, ps_globals)
STD_PHP_INI_BOOLEAN("session.cookie_secure", "", PHP_INI_ALL, OnUpdateBool, cookie_secure, php_ps_globals, ps_globals)
STD_PHP_INI_BOOLEAN("session.use_cookies", "1", PHP_INI_ALL, OnUpdateBool, use_cookies, php_ps_globals, ps_globals)
- STD_PHP_INI_BOOLEAN("session.use_only_cookies", "0", PHP_INI_ALL, OnUpdateBool, use_only_cookies, php_ps_globals, ps_globals)
+ STD_PHP_INI_BOOLEAN("session.use_only_cookies", "1", PHP_INI_ALL, OnUpdateBool, use_only_cookies, php_ps_globals, ps_globals)
STD_PHP_INI_ENTRY("session.referer_check", "", PHP_INI_ALL, OnUpdateString, extern_referer_chk, php_ps_globals, ps_globals)
STD_PHP_INI_ENTRY("session.entropy_file", "", PHP_INI_ALL, OnUpdateString, entropy_file, php_ps_globals, ps_globals)
STD_PHP_INI_ENTRY("session.entropy_length", "0", PHP_INI_ALL, OnUpdateLong, entropy_length, php_ps_globals, ps_globals)
session.use_cookies = 1
; This option enables administrators to make their users invulnerable to
-; attacks which involve passing session ids in URLs; defaults to 0.
-; session.use_only_cookies = 1
+; attacks which involve passing session ids in URLs; defaults to 1.
+session.use_only_cookies = 1
; Name of the session (used as cookie name).
session.name = PHPSESSID
session.use_cookies = 1
; This option enables administrators to make their users invulnerable to
-; attacks which involve passing session ids in URLs; defaults to 0.
-; session.use_only_cookies = 1
+; attacks which involve passing session ids in URLs; defaults to 1.
+session.use_only_cookies = 1
; Name of the session (used as cookie name).
session.name = PHPSESSID
projects / php / commitdiff