RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changed the Cookie Explanation in global.inc.php to be more in line with the rest of the structure.

Browse Source
This commit is contained in:
Iain Kay 2013-07-11 19:26:09 +00:00
parent 638b8387c3
commit d2bbc366d1
1 changed files with 18 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
public/include/config/global.inc.dist.php
View File

@ -354,23 +354,28 @@ $config['memcache']['splay'] = 15;
* For multiple installations of mmcfe-ng on the same domain you must change the cookie * For multiple installations of mmcfe-ng on the same domain you must change the cookie
* path or change the cookie name to avoid conflicts. * path or change the cookie name to avoid conflicts.
* *
* Description * Explanation:
* duration: the amount of time, in seconds, that a cookie should persist in the users * duration:
* browser. 0 = until closed; 1440 = 24 minutes. * the amount of time, in seconds, that a cookie should persist in the users browser.
* 0 = until closed; 1440 = 24 minutes.
* *
* domain: the only domain name that may access this cookie in the browser * domain:
* the only domain name that may access this cookie in the browser
* *
* path: the highest path on the domain that can access this cookie; i.e. if running * path:
* two pools from a single domain you might set the path /ltc/ and /ftc/ to * the highest path on the domain that can access this cookie; i.e. if running two pools
* separate user session cookies between the two. * from a single domain you might set the path /ltc/ and /ftc/ to separate user session
* cookies between the two.
* *
* httponly: marks the cookie as accessible only through the HTTP protocol. The cookie * httponly:
* can't be accessed by scripting languages, such as JavaScript. This can * marks the cookie as accessible only through the HTTP protocol. The cookie can't be
* help to reduce identity theft through XSS attacks in most browsers. * accessed by scripting languages, such as JavaScript. This can help to reduce identity
* theft through XSS attacks in most browsers.
* *
* secure: marks the cookie as accessible only through the HTTPS protocol. If you're * secure:
* using SSL this will stop a user accidently accessing the site without SSL * marks the cookie as accessible only through the HTTPS protocol. If you have a SSL
* and exposing their session cookie. * certificate installed on your domain name then this will stop a user accidently
* accessing the site over a HTTP connection, without SSL, exposing their session cookie.
* *
* Default: * Default:
* duration = '1440' * duration = '1440'