コード例 #1
0
ファイル: CookieStore.lib.php プロジェクト: NateBrune/bithub
 /**
  * Encodes and saves cookie data.
  */
 public static function save()
 {
     $self = CookieStore::get_current();
     $expiration_date = time() + 30 * 60;
     if (!empty($self->_stored)) {
         foreach ($self->_stored as $ckey => $cval) {
             if (empty($self->_saved[$ckey])) {
                 setcookie($ckey, $self->_to_cookie_val($cval), $expiration_date, '/', DOMAIN);
                 $self->_saved[$ckey] = 1;
             }
         }
     }
     if (!empty($self->_destroyed)) {
         foreach ($self->_destroyed as $ckey => $cval) {
             setcookie($ckey, 0, time() - 86400, '/', DOMAIN);
         }
     }
 }
コード例 #2
0
        $cookie = $a[0];
        $cookie->set("name", "fernyb");
        $cookie->set("id", "100");
        $cookie->save();
        $session_data = $cookie->session_data;
        list($data, $signature) = explode("--", $session_data, 2);
        $new_data = base64_decode($data);
        $new_data = unserialize($new_data);
        # make changes to the data
        $new_data["name"] = "Michael Scott";
        $new_data["id"] = "200";
        $new_data = base64_encode(serialize($new_data));
        # Since we don't know how the signature is generated
        # We just assume is a sha1 hash and because we don't
        # the servers secret key it should not be allowed to load.
        $new_sig = sha1($new_data);
        # This will be sent back to the server
        $tampered_session_data = "{$new_data}--{$new_sig}";
        $new_request = new CookieStore(array("session_key" => $cookie->key, "secret" => $cookie->secret));
        #
        # The data will attempt to load the session_data if tampered with
        # It will not load and just return an empty string.
        #
        # The only to determine if the data was changed is
        # by the sha1 hash that uses are secret key
        #
        $loaded_data = $new_request->load_session($tampered_session_data);
        assert_equal($loaded_data, "");
        assert_equal(0, count($new_request->params));
    });
});
コード例 #3
0
ファイル: Cookie.lib.php プロジェクト: NateBrune/bithub
 /**
  * Destroy cookie
  */
 public function destroy()
 {
     CookieStore::destroy($this->_name);
     CookieStore::save();
 }