/** * @return Scalr_Session */ public static function getInstance() { if (self::$_session === null) { self::$_session = new Scalr_Session(); self::$_session->hashpwd = Scalr_Util_CryptoTool::hash(@file_get_contents(APPPATH . "/etc/.cryptokey")); ini_set('session.cookie_httponly', true); } if (!self::$_session->restored) { self::$_session->restored = true; self::restore(); $token = self::$_session->getToken(); if (empty($token)) { if ($_COOKIE[self::SESSION_TOKEN]) { $hash = self::getInstance()->hashpwd; // validate token value if ($_COOKIE['scalr_signature']) { if (Scalr_Util_CryptoTool::hash("{$_COOKIE['scalr_signature']}:{$hash}") === $_COOKIE[self::SESSION_TOKEN]) { self::$_session->setToken($_COOKIE[self::SESSION_TOKEN]); } } else { $id = session_id(); if (Scalr_Util_CryptoTool::hash("{$id}:{$hash}") === $_COOKIE[self::SESSION_TOKEN]) { self::$_session->setToken($_COOKIE[self::SESSION_TOKEN]); } } } } } return self::$_session; }
/** * @return Scalr_Session */ public static function getInstance() { if (self::$_session === null) { self::$_session = new Scalr_Session(); self::$_session->hashpwd = Scalr_Util_CryptoTool::hash(@file_get_contents(dirname(__FILE__) . "/../etc/.cryptokey")); } if (!self::$_session->restored) { self::$_session->restored = true; Scalr_Session::restore(); } return self::$_session; }
/** * @return Scalr_Session */ public static function getInstance() { if (self::$_session === null) { self::$_session = new Scalr_Session(); self::$_session->hashpwd = Scalr_Util_CryptoTool::hash(@file_get_contents(APPPATH . "/etc/.cryptokey")); ini_set('session.cookie_httponly', true); } if (!self::$_session->restored) { self::$_session->restored = true; self::restore(); $token = self::$_session->getToken(); if (empty($token)) { if ($_COOKIE[self::SESSION_TOKEN]) { self::$_session->setToken($_COOKIE[self::SESSION_TOKEN]); } else { self::$_session->setToken(Scalr_Util_CryptoTool::sault(32)); } } } return self::$_session; }
/** * * @param bool $isAutomaticRequest * @return Scalr_Session */ public static function getInstance($isAutomaticRequest = false) { if (self::$_session === null) { self::$_session = new Scalr_Session(); self::$_session->hashpwd = CryptoTool::hash(@file_get_contents(APPPATH . "/etc/.cryptokey")); ini_set('session.cookie_httponly', true); if (!filter_has_var(INPUT_COOKIE, session_name()) || !preg_match('/^[-,a-z\\d]{1,128}$/i', filter_input(INPUT_COOKIE, session_name()))) { self::sessionLog('session is not valid, regenerate:' . __LINE__); session_id(uniqid()); static::startSession(); session_regenerate_id(); session_write_close(); } } if (!self::$_session->restored) { self::$_session->restored = true; self::restore(true, $isAutomaticRequest); $token = self::$_session->getToken(); if (empty($token)) { if ($cookieToken = filter_input(INPUT_COOKIE, self::SESSION_TOKEN)) { $hash = self::getInstance()->hashpwd; // validate token value if ($signature = filter_input(INPUT_COOKIE, 'scalr_signature')) { if (CryptoTool::hash("{$signature}:{$hash}") === $cookieToken) { self::$_session->setToken($cookieToken); } } else { $id = session_id(); self::sessionLog("session_id():" . __LINE__); if (CryptoTool::hash("{$id}:{$hash}") === $cookieToken) { self::$_session->setToken($cookieToken); } } } } } return self::$_session; }
/** * @return Scalr_Session */ public static function getInstance() { if (self::$_session === null) { self::$_session = new Scalr_Session(); self::$_session->hashpwd = CryptoTool::hash(@file_get_contents(APPPATH . "/etc/.cryptokey")); ini_set('session.cookie_httponly', true); if (!preg_match('/^[-,a-zA-Z0-9]{1,128}$/', $_COOKIE[session_name()])) { self::sessionLog('session is not valid, regenerate'); session_id(uniqid()); session_start(); session_regenerate_id(); session_write_close(); } } if (!self::$_session->restored) { self::$_session->restored = true; self::restore(); $token = self::$_session->getToken(); if (empty($token)) { if ($_COOKIE[self::SESSION_TOKEN]) { $hash = self::getInstance()->hashpwd; // validate token value if ($_COOKIE['scalr_signature']) { if (CryptoTool::hash("{$_COOKIE['scalr_signature']}:{$hash}") === $_COOKIE[self::SESSION_TOKEN]) { self::$_session->setToken($_COOKIE[self::SESSION_TOKEN]); } } else { $id = session_id(); self::sessionLog("session_id():84"); if (CryptoTool::hash("{$id}:{$hash}") === $_COOKIE[self::SESSION_TOKEN]) { self::$_session->setToken($_COOKIE[self::SESSION_TOKEN]); } } } } } return self::$_session; }