Forked from
sucssite / sucs-site
698 commits behind the upstream repository.
Graham Cole
authored
- Begin to stop it being so logout happy for ordinary users who aren't doing anything particularly sensitive on the site by keeping track of when a user was last asked for credentials - Don't continue to use the same session identifier once a user is logged in; it's likely been sent insecurely - Mark session cookies as "SSL only" once logged in - Automatically bump users from HTTP to HTTPS for all requests whilst they're logged in
| Name | Last commit | Last update |
|---|---|---|
| .. | ||
| blog | ||
| ArrayRenderer.php | ||
| banana-admin.php | ||
| date.php | ||
| error.php | ||
| members.php | ||
| session.php | ||
| validation.php | ||