mirror of
https://github.com/myronblair/parkerslingshotrentals
synced 2026-06-30 17:50:31 -05:00
8f5362aa9573cb66762c8cdc2dbd18d0f12935f8
PHP sessions were unreliable on this host — the web process could write session files but LiteSpeed served cached login-page responses on the redirect, bypassing PHP entirely. Replace sessions with a self-contained signed cookie: - On login: generate random 32-byte token + expiry, sign with HMAC-SHA256 - On each request: verify signature and expiry — no filesystem reads needed - Cookie: Secure, HttpOnly, SameSite=Lax, path=/admin/, 24h expiry - admin/.htaccess: CacheEnable off + no-store headers to prevent LiteSpeed from caching admin responses Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Description
Mirror of github.com/myronblair/parkerslingshotrentals
Languages
PHP
70.5%
HTML
29.5%