/** * Store an encrypted cookie * * @param string $cookieName * @param mixed $cookieValue * @param int $expiry default stores just for the browser session */ public static function set($cookieName, $cookieValue, $expiry = 0) { if (isset($_COOKIE['synsec'])) { $synsec = $_COOKIE['synsec']; } else { $synsec = Tools::randomString('12'); } if ((!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on') && (!isset($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] != 'https')) { $ssl = false; } else { $ssl = true; } setcookie('synsec', $synsec, time() + 60 * 60 * 24 * 30, '/', $_SERVER['HTTP_HOST'], $ssl, true); $synsec .= 'synErgy' . self::$token; /* Open the cipher */ $td = mcrypt_module_open('rijndael-256', '', 'ofb', ''); /* Create the IV and determine the keysize length, use MCRYPT_RAND * on Windows instead */ $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM); $ks = mcrypt_enc_get_key_size($td); /* Create key */ $key = substr(md5($synsec), 0, $ks); /* Intialize encryption */ mcrypt_generic_init($td, $key, $iv); /* Encrypt data */ $encrypted = mcrypt_generic($td, serialize($cookieValue)); # Store our secure cookie setcookie($cookieName, trim(base64_encode($iv . '|' . $encrypted)), $expiry, '/', $_SERVER['HTTP_HOST'], $ssl, true); /* Terminate encryption handler */ mcrypt_generic_deinit($td); }
/** * Important to execute this in any child classes * preferably BEFORE running any of your own code */ public function __construct() { if (!defined('SYNERGY_LIBRARY_PATH')) { define('SYNERGY_LIBRARY_PATH', dirname(dirname(__FILE__))); } Project::setObject($this); // record when this object was instantiated $this->projectLaunchTime = new \DateTime(); // Set our random logging ID using the log scope if (method_exists(Project::getLogger(), 'setTag')) { /** @noinspection PhpUndefinedMethodInspection */ Project::getLogger()->setTag(Tools::randomString(6, '0123456789ABCDEF')); } }