From 4c6046822b73f97be907c35203b031a02d126e59 Mon Sep 17 00:00:00 2001 From: Aleksei Miheev Date: Sun, 16 Feb 2014 16:21:39 +0000 Subject: [PATCH] Do not mangle with ini_set in loadSession, so bots won't get PHPSESSID in URLs --- forum/Sources/Load.php | 6 ------ 1 file changed, 6 deletions(-) diff --git a/forum/Sources/Load.php b/forum/Sources/Load.php index e426cd2..33327a7 100644 --- a/forum/Sources/Load.php +++ b/forum/Sources/Load.php @@ -1166,12 +1166,6 @@ function loadSession() { global $modSettings; - // Attempt to change a few PHP settings. - @ini_set('session.use_cookies', true); - @ini_set('session.use_only_cookies', false); - @ini_set('url_rewriter.tags', ''); - @ini_set('arg_separator.output', '&'); - // It's already been started - there's really nothing we can do. if (session_id() == '') {