added %NO_CHEAP_SESSION_STEALING%

2020-02-24 04:43:53 +01:00 · 2020-02-24 04:43:53 +01:00 · fc3d9468a1
parent 0df93c30aa
commit fc3d9468a1
7 changed files with 29 additions and 3 deletions
--- a/threadr/about/index.php
+++ b/threadr/about/index.php
@ -1,3 +1,7 @@
 <?php
 session_start();
 %NO_CHEAP_SESSION_STEALING%
 ?>
 <!DOCTYPE html>
 <html>
  <head>
--- a/threadr/boards/index.php
+++ b/threadr/boards/index.php
@ -1,3 +1,7 @@
 <?php
 session_start();
 %NO_CHEAP_SESSION_STEALING%
 ?>
 <!DOCTYPE html>
 <html>
    <head>
--- a/threadr/index.php
+++ b/threadr/index.php
@ -1,3 +1,7 @@
 <?php
 session_start();
 %NO_CHEAP_SESSION_STEALING%
 ?>
 <!DOCTYPE html>
 <html>
  <head>
--- a/threadr/login/index.php
+++ b/threadr/login/index.php
@ -1,3 +1,7 @@
 <?php
 session_start();
 %NO_CHEAP_SESSION_STEALING%
 ?>
 <!DOCTYPE html>
 <html>
  <head>
--- a/threadr/news/index.php
+++ b/threadr/news/index.php
@ -1,3 +1,7 @@
 <?php
 session_start();
 %NO_CHEAP_SESSION_STEALING%
 ?>
 <!DOCTYPE html>
 <html>
  <head>
--- a/threadr/signup/index.php
+++ b/threadr/signup/index.php
@ -1,3 +1,7 @@
 <?php
 session_start();
 %NO_CHEAP_SESSION_STEALING%
 ?>
 <!DOCTYPE html>
 <html>
  <head>
--- a/threadr/signup/verify-email/index.php
+++ b/threadr/signup/verify-email/index.php
@ -1,4 +1,6 @@
 <?php
  //todo: force logout any user if logged in and on this page
  //permitted chars for password salt
  $permitted_chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ&/()[]$:?_';