-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathaccess.php
More file actions
32 lines (26 loc) · 1.65 KB
/
access.php
File metadata and controls
32 lines (26 loc) · 1.65 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
<?php
// provide database access constants
// Keep session data long enough for "remember me" (366 days). Otherwise the server
// garbage-collects the session file after session.gc_maxlifetime (default ~24 min)
// and the user appears logged out even though the cookie is still valid.
define('SESSION_REMEMBER_LIFETIME', 60 * 60 * 24 * 366);
ini_set('session.gc_maxlifetime', (string) SESSION_REMEMBER_LIFETIME);
// Session cookie: must run before any session_start() (e.g. in DAL).
// When behind Cloudflare over HTTPS, the origin often sees HTTP; trust X-Forwarded-Proto so the cookie gets Secure and is sent on subsequent requests.
$isHttps = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off')
|| (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')
|| (isset($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] === 'on');
session_set_cookie_params(0, '/', '', $isHttps, true);
// Defaults; override in config.local.php (gitignored) to keep secrets out of Git
$opts = ['hn' => '', 'un' => '', 'pw' => '', 'db' => ''];
if (file_exists(__DIR__ . '/config.local.php')) {
require_once __DIR__ . '/config.local.php';
}
$opts['hn'] = isset($opts['hn']) ? $opts['hn'] : '';
$opts['un'] = isset($opts['un']) ? $opts['un'] : '';
$opts['pw'] = isset($opts['pw']) ? $opts['pw'] : '';
$opts['db'] = isset($opts['db']) ? $opts['db'] : '';
// Cloudflare Turnstile – set in config.local.php to keep out of Git
if (!defined('TURNSTILE_SITE_KEY')) define('TURNSTILE_SITE_KEY', '');
if (!defined('TURNSTILE_SECRET_KEY')) define('TURNSTILE_SECRET_KEY', '');
define('EMAIL_FROM', '"OpenLCB Registry" <registry@openlcb.org>');