From c08c069479a5090db05dc3d07e909103d53f0e58 Mon Sep 17 00:00:00 2001
From: Focuslinkstech <45756999+Focuslinkstech@users.noreply.github.com>
Date: Wed, 9 Oct 2024 15:47:41 +0100
Subject: [PATCH] Critical Updates, Fight Against Insecurity

---
 system/autoload/Admin.php | 41 ++++++++++++++++++++++++++++++---------
 1 file changed, 32 insertions(+), 9 deletions(-)

diff --git a/system/autoload/Admin.php b/system/autoload/Admin.php
index 18d016c6..72d17e7c 100644
--- a/system/autoload/Admin.php
+++ b/system/autoload/Admin.php
@@ -53,28 +53,51 @@ class Admin
     {
         global $db_pass, $config;
         $enable_session_timeout = $config['enable_session_timeout'];
+        $session_timeout_duration = intval($config['session_timeout_duration']) * 60; // Convert minutes to seconds
+
         if (isset($aid)) {
             $time = time();
-            $token = $aid . '.' . $time . '.' . sha1($aid . '.' . $time . '.' . $db_pass);
-            setcookie('aid', $token, time() + 86400 * 7);
+            $token = $aid . '.' . $time . '.' . sha1("$aid.$time.$db_pass");
+
+            // Detect the current protocol
+            $isSecure = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off';
+
+            // Set cookie with security flags
+            setcookie('aid', $token, [
+                'expires' => time() + 86400 * 7, // 7 days
+                'path' => '/',
+                'domain' => APP_URL,
+                'secure' => $isSecure,
+                'httponly' => true,
+                'samesite' => 'Lax', // or Strict
+            ]);
+
             $_SESSION['aid'] = $aid;
+
             if ($enable_session_timeout) {
-                $timeout = 60;
-                if ($config['session_timeout_duration']) {
-                    $timeout = intval($config['session_timeout_duration']);
-                }
-                $session_timeout_duration = $timeout * 60; // Convert minutes to seconds
                 $_SESSION['aid_expiration'] = $time + $session_timeout_duration;
             }
+
             return $token;
         }
+
         return '';
     }
-
+    
     public static function removeCookie()
     {
         if (isset($_COOKIE['aid'])) {
-            setcookie('aid', '', time() - 86400);
+            $isSecure = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off';
+            setcookie('aid', '', [
+                'expires' => time() - 3600,
+                'path' => '/',
+                'domain' => APP_URL,
+                'secure' => $isSecure,
+                'httponly' => true,
+                'samesite' => 'Lax',
+            ]);
+
+            unset($_COOKIE['aid']);
         }
     }