* (bug 8751) Set session cookies to HTTPS-only to match other cookies

patch from http://bugzilla.wikimedia.org/attachment.cgi?id=3132

RELEASE-NOTES

@@ -145,6 +145,7 @@ lighter making things easier to read.
   red when the user has no edits. Linker::userToolLinksRedContribs() is an
   alias to that which should be used to make it more self documentating.
 * (bug 8749) Bring MySQL 5 table defs back into sync
+* (bug 8751) Set session cookies to HTTPS-only to match other cookies
 
 
 == Languages updated ==

includes/GlobalFunctions.php

@@ -2062,7 +2062,7 @@ function wfIsLocalURL( $url ) {
  * Initialise php session
  */
 function wfSetupSession() {
-	global $wgSessionsInMemcached, $wgCookiePath, $wgCookieDomain;
+	global $wgSessionsInMemcached, $wgCookiePath, $wgCookieDomain, $wgCookieSecure;
 	if( $wgSessionsInMemcached ) {
 		require_once( 'MemcachedSessions.php' );
 	} elseif( 'files' != ini_get( 'session.save_handler' ) ) {
@@ -2070,7 +2070,7 @@ function wfSetupSession() {
 		# application, it will end up failing. Try to recover.
 		ini_set ( 'session.save_handler', 'files' );
 	}
-	session_set_cookie_params( 0, $wgCookiePath, $wgCookieDomain );
+	session_set_cookie_params( 0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure);
 	session_cache_limiter( 'private, must-revalidate' );
 	@session_start();
 }