Added session and csrf token to bootstrap.

This commit is contained in:
2026-05-29 11:13:08 +02:00
parent a78a95dd8e
commit 181128d13f
+17
View File
@@ -1,4 +1,21 @@
<?php declare(strict_types=1);
// -----------------------------------------------------------------------------
// Session
// -----------------------------------------------------------------------------
session_start([
'cookie_httponly' => true,
'cookie_secure' => !empty($_SERVER['HTTPS']),
'cookie_samesite' => 'Lax',
]);
// Add a csrf token to our session
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
// -----------------------------------------------------------------------------
// Helpers/additions
// -----------------------------------------------------------------------------
require_once ROOT.'/src/helpers.php';
require_once ROOT.'/src/database.php';