/** * Open a session * * @access public * @param string $base_path Cookie path */ public function open($base_path = '/') { // HttpOnly and secure flags for session cookie session_set_cookie_params(SESSION_DURATION, $base_path ?: '/', null, Request::isHTTPS(), true); // Avoid session id in the URL ini_set('session.use_only_cookies', '1'); // Enable strict mode if (version_compare(PHP_VERSION, '7.0.0') < 0) { ini_set('session.use_strict_mode', '1'); } // Ensure session ID integrity ini_set('session.entropy_file', '/dev/urandom'); ini_set('session.entropy_length', '32'); ini_set('session.hash_bits_per_character', 6); // If the session was autostarted with session.auto_start = 1 in php.ini destroy it if (isset($_SESSION)) { session_destroy(); } // Custom session name session_name('__S'); // Start the session session_start(); // Regenerate the session id to avoid session fixation issue if (empty($_SESSION['__validated'])) { session_regenerate_id(true); $_SESSION['__validated'] = 1; } }
/** * Common method to get project filters * * @access protected */ protected function getProjectFilters($controller, $action) { $project = $this->getProject(); $search = $this->request->getStringParam('search', $this->userSession->getFilters($project['id'])); $board_selector = $this->projectPermission->getAllowedProjects($this->userSession->getId()); unset($board_selector[$project['id']]); $filters = array('controller' => $controller, 'action' => $action, 'project_id' => $project['id'], 'search' => urldecode($search)); $this->userSession->setFilters($project['id'], $filters['search']); return array('project' => $project, 'board_selector' => $board_selector, 'filters' => $filters, 'title' => $project['name']); }
/** * Remove the cookie * * @access public */ public function deleteCookie() { setcookie(self::COOKIE_NAME, '', time() - 3600, $this->helper->url->dir(), null, Request::isHTTPS(), true); }
/** * Create remember me session if necessary * * @access private * @param array $values Form values */ private function createRememberMeSession(array $values) { if (REMEMBER_ME_AUTH && !empty($values['remember_me'])) { $credentials = $this->backend('rememberMe')->create($this->userSession->getId(), Request::getIpAddress(), Request::getUserAgent()); $this->backend('rememberMe')->writeCookie($credentials['token'], $credentials['sequence'], $credentials['expiration']); } }
/** * Get current server base url * * @access public * @return string */ public function server() { if (empty($_SERVER['SERVER_NAME'])) { return 'http://localhost/'; } $url = Request::isHTTPS() ? 'https://' : 'http://'; $url .= $_SERVER['SERVER_NAME']; $url .= $_SERVER['SERVER_PORT'] == 80 || $_SERVER['SERVER_PORT'] == 443 ? '' : ':' . $_SERVER['SERVER_PORT']; $url .= $this->dir() ?: '/'; return $url; }
public function onSuccess(AuthEvent $event) { $this->lastLogin->create($event->getAuthType(), $event->getUserId(), Request::getIpAddress(), Request::getUserAgent()); }