More secure session

farisc0de · farisc0de · commit 1663f11b001f · 2024-01-12T09:50:22.000+03:00
diff --git a/uploady/session.php b/uploady/session.php
@@ -74,6 +74,18 @@
             $utils->redirect($utils->siteUrl('/login.php'));
         }
     }
+
+    // Refresh session id every 5 minutes
+
+    if (!isset($_SESSION['last_token_refresh'])) {
+        $_SESSION['last_token_refresh'] = time();
+        session_regenerate_id(true);
+    } else {
+        if (time() - $_SESSION['last_token_refresh'] > 300) {
+            $_SESSION['last_token_refresh'] = time();
+            session_regenerate_id(true);
+        }
+    }
 }
 
 $language = $_GET['lang'] ?? $localization->getLanguage();

Original file line number	Diff line number	Diff line change
`@@ -74,6 +74,18 @@`
`74`	`74`	`$utils->redirect($utils->siteUrl('/login.php'));`
`75`	`75`	`}`
`76`	`76`	`}`
	`77`	`+`
	`78`	`+ // Refresh session id every 5 minutes`
	`79`	`+`
	`80`	`+ if (!isset($_SESSION['last_token_refresh'])) {`
	`81`	`+ $_SESSION['last_token_refresh'] = time();`
	`82`	`+ session_regenerate_id(true);`
	`83`	`+ } else {`
	`84`	`+ if (time() - $_SESSION['last_token_refresh'] > 300) {`
	`85`	`+ $_SESSION['last_token_refresh'] = time();`
	`86`	`+ session_regenerate_id(true);`
	`87`	`+ }`
	`88`	`+ }`
`77`	`89`	`}`
`78`	`90`
`79`	`91`	`$language = $_GET['lang'] ?? $localization->getLanguage();`