From d666593fde99cabaf3421f3610d0ce7c44da1cd7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C5=91cze=20Bence?= <bence@pocze.ch>
Date: Tue, 2 May 2023 13:18:37 +0200
Subject: [PATCH] session should be valid for a session

---
 web.php | 12 +-----------
 1 file changed, 1 insertion(+), 11 deletions(-)

diff --git a/web.php b/web.php
index ade34d4..0dad311 100644
--- a/web.php
+++ b/web.php
@@ -100,22 +100,12 @@ if (isset($_COOKIE['COOKIES_CONSENT'])) {
     session_set_save_handler(Container::$sessionHandler, true);
     session_start([
         'gc_probability' => 0, // old sessions are deleted by MaintainDatabaseCommand
-        'cookie_lifetime' => 604800,
+        'cookie_lifetime' => 0,
         'cookie_path' => '/',
         'cookie_httponly' => true,
         'cookie_samesite' => 'Lax'
     ]);
 
-    if (isset($_COOKIE[session_name()])) {
-        // extend session cookie lifetime is cookie already exists
-        setcookie(session_name(), session_id(), [
-            'expires' => time() + 604800,
-            'path' => '/',
-            'httponly' => true,
-            'samesite' => 'Lax'
-        ]);
-    }
-
     // this is needed to handle old type of session IDs
     if (!Container::$sessionHandler->validateId(session_id())) {
         session_regenerate_id(true);