예제 #1
0
파일: Session.php 프로젝트: rickb838/scalr
 /**
  * @return Scalr_Session
  */
 public static function getInstance()
 {
     if (self::$_session === null) {
         self::$_session = new Scalr_Session();
         self::$_session->hashpwd = Scalr_Util_CryptoTool::hash(@file_get_contents(APPPATH . "/etc/.cryptokey"));
         ini_set('session.cookie_httponly', true);
     }
     if (!self::$_session->restored) {
         self::$_session->restored = true;
         self::restore();
         $token = self::$_session->getToken();
         if (empty($token)) {
             if ($_COOKIE[self::SESSION_TOKEN]) {
                 $hash = self::getInstance()->hashpwd;
                 // validate token value
                 if ($_COOKIE['scalr_signature']) {
                     if (Scalr_Util_CryptoTool::hash("{$_COOKIE['scalr_signature']}:{$hash}") === $_COOKIE[self::SESSION_TOKEN]) {
                         self::$_session->setToken($_COOKIE[self::SESSION_TOKEN]);
                     }
                 } else {
                     $id = session_id();
                     if (Scalr_Util_CryptoTool::hash("{$id}:{$hash}") === $_COOKIE[self::SESSION_TOKEN]) {
                         self::$_session->setToken($_COOKIE[self::SESSION_TOKEN]);
                     }
                 }
             }
         }
     }
     return self::$_session;
 }
예제 #2
0
 /**
  * @return Scalr_Session
  */
 public static function getInstance()
 {
     if (self::$_session === null) {
         self::$_session = new Scalr_Session();
         self::$_session->hashpwd = Scalr_Util_CryptoTool::hash(@file_get_contents(dirname(__FILE__) . "/../etc/.cryptokey"));
     }
     if (!self::$_session->restored) {
         self::$_session->restored = true;
         Scalr_Session::restore();
     }
     return self::$_session;
 }
예제 #3
0
파일: Session.php 프로젝트: recipe/scalr
 /**
  * @return Scalr_Session
  */
 public static function getInstance()
 {
     if (self::$_session === null) {
         self::$_session = new Scalr_Session();
         self::$_session->hashpwd = Scalr_Util_CryptoTool::hash(@file_get_contents(APPPATH . "/etc/.cryptokey"));
         ini_set('session.cookie_httponly', true);
     }
     if (!self::$_session->restored) {
         self::$_session->restored = true;
         self::restore();
         $token = self::$_session->getToken();
         if (empty($token)) {
             if ($_COOKIE[self::SESSION_TOKEN]) {
                 self::$_session->setToken($_COOKIE[self::SESSION_TOKEN]);
             } else {
                 self::$_session->setToken(Scalr_Util_CryptoTool::sault(32));
             }
         }
     }
     return self::$_session;
 }
예제 #4
0
파일: Session.php 프로젝트: scalr/scalr
 /**
  *
  * @param   bool    $isAutomaticRequest
  * @return  Scalr_Session
  */
 public static function getInstance($isAutomaticRequest = false)
 {
     if (self::$_session === null) {
         self::$_session = new Scalr_Session();
         self::$_session->hashpwd = CryptoTool::hash(@file_get_contents(APPPATH . "/etc/.cryptokey"));
         ini_set('session.cookie_httponly', true);
         if (!filter_has_var(INPUT_COOKIE, session_name()) || !preg_match('/^[-,a-z\\d]{1,128}$/i', filter_input(INPUT_COOKIE, session_name()))) {
             self::sessionLog('session is not valid, regenerate:' . __LINE__);
             session_id(uniqid());
             static::startSession();
             session_regenerate_id();
             session_write_close();
         }
     }
     if (!self::$_session->restored) {
         self::$_session->restored = true;
         self::restore(true, $isAutomaticRequest);
         $token = self::$_session->getToken();
         if (empty($token)) {
             if ($cookieToken = filter_input(INPUT_COOKIE, self::SESSION_TOKEN)) {
                 $hash = self::getInstance()->hashpwd;
                 // validate token value
                 if ($signature = filter_input(INPUT_COOKIE, 'scalr_signature')) {
                     if (CryptoTool::hash("{$signature}:{$hash}") === $cookieToken) {
                         self::$_session->setToken($cookieToken);
                     }
                 } else {
                     $id = session_id();
                     self::sessionLog("session_id():" . __LINE__);
                     if (CryptoTool::hash("{$id}:{$hash}") === $cookieToken) {
                         self::$_session->setToken($cookieToken);
                     }
                 }
             }
         }
     }
     return self::$_session;
 }
예제 #5
0
 /**
  * @return Scalr_Session
  */
 public static function getInstance()
 {
     if (self::$_session === null) {
         self::$_session = new Scalr_Session();
         self::$_session->hashpwd = CryptoTool::hash(@file_get_contents(APPPATH . "/etc/.cryptokey"));
         ini_set('session.cookie_httponly', true);
         if (!preg_match('/^[-,a-zA-Z0-9]{1,128}$/', $_COOKIE[session_name()])) {
             self::sessionLog('session is not valid, regenerate');
             session_id(uniqid());
             session_start();
             session_regenerate_id();
             session_write_close();
         }
     }
     if (!self::$_session->restored) {
         self::$_session->restored = true;
         self::restore();
         $token = self::$_session->getToken();
         if (empty($token)) {
             if ($_COOKIE[self::SESSION_TOKEN]) {
                 $hash = self::getInstance()->hashpwd;
                 // validate token value
                 if ($_COOKIE['scalr_signature']) {
                     if (CryptoTool::hash("{$_COOKIE['scalr_signature']}:{$hash}") === $_COOKIE[self::SESSION_TOKEN]) {
                         self::$_session->setToken($_COOKIE[self::SESSION_TOKEN]);
                     }
                 } else {
                     $id = session_id();
                     self::sessionLog("session_id():84");
                     if (CryptoTool::hash("{$id}:{$hash}") === $_COOKIE[self::SESSION_TOKEN]) {
                         self::$_session->setToken($_COOKIE[self::SESSION_TOKEN]);
                     }
                 }
             }
         }
     }
     return self::$_session;
 }