PHP CSecuritySession::updateSessID示例

编程语言: PHP

类/类型: CSecuritySession

方法/功能: updateSessID

hotexamples.com的示例: 1

PHP CSecuritySession::updateSessID - 已找到1个示例。这些是从开源项目中提取的最受好评的CSecuritySession::updateSessID现实PHP示例。您可以评价示例，以帮助我们提高示例质量。

常用方法

显示隐藏

getOldSessionId(4)

UpdateSessID(4)

isOldSessionIdExist(4)

triggerFatalError(4)

Init(3)

init(2)

oldSessionId(2)

CheckSessionId(1)

activate(1)

checkSessionId(1)

deactivate(1)

updateSessID(1)

示例#1

显示文件

文件： authentication.php 项目： ASDAFF/open_bx

 public static function checkSessionSecurity(CurrentUser $user)
 {
     $context = \Freetrix\Main\Application::getInstance()->getContext();
     if (!$context instanceof \Freetrix\Main\HttpContext) {
         throw new \Freetrix\Main\NotSupportedException();
     }
     $policy = $user->getPolicy();
     $currentTime = time();
     /** @var $request \Freetrix\Main\HttpRequest */
     $request = $context->getRequest();
     $remoteAddress = $request->getRemoteAddress();
     // IP address changed
     $destroySession = $_SESSION['SESS_IP'] && strlen($policy["SESSION_IP_MASK"]) > 0 && (ip2long($policy["SESSION_IP_MASK"]) & ip2long($_SESSION['SESS_IP'])) != (ip2long($policy["SESSION_IP_MASK"]) & ip2long($remoteAddress));
     // session timeout
     if (!$destroySession) {
         $destroySession = $policy["SESSION_TIMEOUT"] > 0 && $_SESSION['SESS_TIME'] > 0 && $currentTime - $policy["SESSION_TIMEOUT"] * 60 > $_SESSION['SESS_TIME'];
     }
     // session expander control
     if (!$destroySession) {
         $destroySession = $_SESSION["FX_SESSION_TERMINATE_TIME"] > 0 && $currentTime > $_SESSION["FX_SESSION_TERMINATE_TIME"];
     }
     if ($destroySession) {
         $_SESSION = array();
         @session_destroy();
         //session_destroy cleans user session handles in some PHP versions
         //see http://bugs.php.net/bug.php?id=32330 discussion
         if (Config\Option::get("security", "session", "N") === "Y" && Main\Loader::includeModule("security")) {
             \CSecuritySession::init();
         }
         session_id(md5(uniqid(rand(), true)));
         session_start();
     }
     $_SESSION['SESS_IP'] = $remoteAddress;
     $_SESSION['SESS_TIME'] = time();
     //session control from security module
     if (Config\Option::get("main", "use_session_id_ttl", "N") == "Y" && intval(Config\Option::get("main", "session_id_ttl", 0)) > 0 && !defined("FX_SESSION_ID_CHANGE")) {
         if (!array_key_exists('SESS_ID_TIME', $_SESSION)) {
             $_SESSION['SESS_ID_TIME'] = $_SESSION['SESS_TIME'];
         } elseif ($_SESSION['SESS_ID_TIME'] + intval(Config\Option::get("main", "session_id_ttl")) < $_SESSION['SESS_TIME']) {
             if (Config\Option::get("security", "session", "N") === "Y" && \Freetrix\Main\Loader::includeModule("security")) {
                 \CSecuritySession::updateSessID();
             } else {
                 session_regenerate_id();
             }
             $_SESSION['SESS_ID_TIME'] = $_SESSION['SESS_TIME'];
         }
     }
     return !$destroySession;
 }