config/session.php

<?php
if (session_status() === PHP_SESSION_NONE) {
    $isSecure = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off';
    $scriptName = $_SERVER['SCRIPT_NAME'] ?? '';
    $basePath = '/';
    if ($scriptName !== '') {
        $basePath = preg_replace('#/api/.*$#', '', $scriptName);
        if ($basePath === $scriptName) {
            $basePath = dirname($scriptName);
        }
        $basePath = rtrim($basePath, '/');
        if ($basePath === '') {
            $basePath = '/';
        }
    }
    ini_set('session.use_strict_mode', '1');
    session_set_cookie_params([
        'lifetime' => 0,
        'path' => $basePath,
        'domain' => '',
        'secure' => $isSecure,
        'httponly' => true,
        'samesite' => 'Lax',
    ]);
    session_start();
}
?>
security update 2026-01-19 08:57:58 +03:00			`<?php`
			`if (session_status() === PHP_SESSION_NONE) {`
			`$isSecure = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off';`
auth update 2026-01-19 15:27:18 +03:00			`$scriptName = $_SERVER['SCRIPT_NAME'] ?? '';`
			`$basePath = '/';`
			`if ($scriptName !== '') {`
			`$basePath = preg_replace('#/api/.*$#', '', $scriptName);`
			`if ($basePath === $scriptName) {`
			`$basePath = dirname($scriptName);`
			`}`
			`$basePath = rtrim($basePath, '/');`
			`if ($basePath === '') {`
			`$basePath = '/';`
			`}`
			`}`
security update 2026-01-19 08:57:58 +03:00			`ini_set('session.use_strict_mode', '1');`
			`session_set_cookie_params([`
			`'lifetime' => 0,`
auth update 2026-01-19 15:27:18 +03:00			`'path' => $basePath,`
security update 2026-01-19 08:57:58 +03:00			`'domain' => '',`
			`'secure' => $isSecure,`
			`'httponly' => true,`
			`'samesite' => 'Lax',`
			`]);`
			`session_start();`
			`}`
			`?>`