/** * Open a session * * @access public * @param string $base_path Cookie path */ public function open($base_path = '/') { // HttpOnly and secure flags for session cookie session_set_cookie_params(SESSION_DURATION, $base_path ?: '/', null, Request::isHTTPS(), true); // Avoid session id in the URL ini_set('session.use_only_cookies', '1'); // Enable strict mode ini_set('session.use_strict_mode', '1'); // Ensure session ID integrity ini_set('session.entropy_file', '/dev/urandom'); ini_set('session.entropy_length', '32'); ini_set('session.hash_bits_per_character', 6); // If the session was autostarted with session.auto_start = 1 in php.ini destroy it if (isset($_SESSION)) { session_destroy(); } // Custom session name session_name('__S'); // Start the session session_start(); // Regenerate the session id to avoid session fixation issue if (empty($_SESSION['__validated'])) { session_regenerate_id(true); $_SESSION['__validated'] = 1; } }
/** * Get current server base url * * @access public * @return string */ public function server() { $self = str_replace('\\', '/', dirname($_SERVER['PHP_SELF'])); $url = Request::isHTTPS() ? 'https://' : 'http://'; $url .= $_SERVER['SERVER_NAME']; $url .= $_SERVER['SERVER_PORT'] == 80 || $_SERVER['SERVER_PORT'] == 443 ? '' : ':' . $_SERVER['SERVER_PORT']; $url .= $self !== '/' ? $self . '/' : '/'; return $url; }
/** * Get current server base url * * @access public * @return string */ public function server() { if (empty($_SERVER['SERVER_NAME'])) { return 'http://localhost/'; } $url = Request::isHTTPS() ? 'https://' : 'http://'; $url .= $_SERVER['SERVER_NAME']; $url .= $_SERVER['SERVER_PORT'] == 80 || $_SERVER['SERVER_PORT'] == 443 ? '' : ':' . $_SERVER['SERVER_PORT']; $url .= $this->dir() ?: '/'; return $url; }
/** * Remove the cookie * * @access public */ public function deleteCookie() { setcookie(self::COOKIE_NAME, '', time() - 3600, BASE_URL_DIRECTORY, null, Request::isHTTPS(), true); }
/** * Get the current URL without the querystring * * @return string */ public function getCurrentBaseUrl() { $url = Request::isHTTPS() ? 'https://' : 'http://'; $url .= $_SERVER['SERVER_NAME']; $url .= $_SERVER['SERVER_PORT'] == 80 || $_SERVER['SERVER_PORT'] == 443 ? '' : ':' . $_SERVER['SERVER_PORT']; $url .= dirname($_SERVER['PHP_SELF']) !== '/' ? dirname($_SERVER['PHP_SELF']) . '/' : '/'; return $url; }
/** * Remove the cookie * * @access public */ public function deleteCookie() { setcookie(self::COOKIE_NAME, '', time() - 3600, $this->helper->url->dir(), null, Request::isHTTPS(), true); }