public static function start()
{
self::configuration(json_decode(App::config()->file('Sessions.sessions.json')->read(), true));
if (session_status() == PHP_SESSION_NONE) {
ini_set('session.cookie_httponly', true);
//start session
//set session name
session_name(self::$_sessionName);
session_start();
//generate key
Session::generate(self::$_userSessionsKey);
Cookie::generate(self::$_userCookiesKey);
//check initiated status
if (intval(Session::get(self::$_initiatedKey)) == 0) {
//regen
session_regenerate_id();
Session::generate(self::$_userSessionsKey);
Session::set(self::$_initiatedKey, 1);
}
//check for corresponding user agent on same session
if (Session::get(self::$_userAgentKey) !== false) {
if (Session::get(self::$_userAgentKey) != hash('sha512', $_SERVER['HTTP_USER_AGENT'] . self::$_salt)) {
//invalid user agent detected
self::destroy();
die;
}
} else {
Session::set(self::$_userAgentKey, hash('sha512', $_SERVER['HTTP_USER_AGENT'] . self::$_salt));
}
}
}
