sessions: use $_COOKIE instead of $_REQUEST

author Jason Woofenden <jason@jasonwoof.com>

Tue, 2 Feb 2010 06:42:15 +0000 (01:42 -0500)

committer Jason Woofenden <jason@jasonwoof.com>

Tue, 2 Feb 2010 06:42:15 +0000 (01:42 -0500)
author Jason Woofenden <jason@jasonwoof.com>
Tue, 2 Feb 2010 06:42:15 +0000 (01:42 -0500)
committer Jason Woofenden <jason@jasonwoof.com>
Tue, 2 Feb 2010 06:42:15 +0000 (01:42 -0500)
diff --git a/session.php b/session.php

index c3c1f44..9013157 100644 (file)
--- a/session.php
+++ b/session.php
@@ -56,7 +56,7 @@ function session_new($length = 86400) {
         db_insert('wfpl_sessions', 'session_key,length', $session_key, $length);
         $GLOBALS['session_id'] = db_auto_id();
         $GLOBALS['session_key'] = $session_key;
-       $_REQUEST['session_key'] = $session_key; #just in case someone calls session_exists() after session_new()
+       $_COOKIE['session_key'] = $session_key; #just in case someone calls session_exists() after session_new()
         session_touch($length);
         return $GLOBALS['session_key'];
  }
@@ -99,7 +99,7 @@ function session_purge_old() {
  
  # return true if a session exists
  function session_exists() {
-       if(!isset($_REQUEST['session_key'])) {
+       if(!isset($_COOKIE['session_key'])) {
                 return false;
         }
  
@@ -107,7 +107,7 @@ function session_exists() {
                 return true;
         }
  
-       $session_key = ereg_replace('[^a-zA-Z0-9]', '', $_REQUEST['session_key']);
+       $session_key = ereg_replace('[^a-zA-Z0-9]', '', $_COOKIE['session_key']);
  
         if(!strlen($session_key) == 16) {
                 return false;
author	Jason Woofenden <jason@jasonwoof.com>
	Tue, 2 Feb 2010 06:42:15 +0000 (01:42 -0500)
committer	Jason Woofenden <jason@jasonwoof.com>
	Tue, 2 Feb 2010 06:42:15 +0000 (01:42 -0500)