Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

@evaisse

evaisse/session_handler_redirect.php

Created April 4, 2017 09:44
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save evaisse/cdf1370895acc37a5e5a605c072b3353 to your computer and use it in GitHub Desktop.
Save evaisse/cdf1370895acc37a5e5a605c072b3353 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
session_handler_redirect.php
<?php
/**
*
*/
ob_start();
class EncryptedSessionHandler extends SessionHandler
{
protected $ttl = 5;
use Base62Encoder;
use OpenSSLEncrypter;
public function __construct($key)
{
$this->key = $key;
}
public function read($id)
{
$id = $this->checkId($id);
var_dump([__FUNCTION__, $id]);
if (!$id) {
return false;
}
return parent::read($id);
}
public function write($id, $data)
{
$id = $this->checkId($id);
var_dump([__FUNCTION__, $id]);
return parent::write($id, $data);
}
public function destroy($id)
{
var_dump([__FUNCTION__, $id]);
// parent::destroy($key);
}
public function create_sid()
{
$id = [uniqid(true), isset($_SERVER['HTTP_USER_AGENT']) ? substr($_SERVER['HTTP_USER_AGENT'], 0, 100) : null, time()];
return $this->encrypt($id);
}
protected function checkId($id)
{
$uac = isset($_SERVER['HTTP_USER_AGENT']) ? substr($_SERVER['HTTP_USER_AGENT'], 0, 100) : null;
list($key, $ua, $mtime) = $this->decrypt($id);
if ($mtime < time() - $this->ttl) {
return null;
}
if ($ua !== $uac) {
return null;
}
return $key;
}
}
trait OpenSSLEncrypter
{
protected $key;
protected $cipherMethod = "aes-256-cbc";
/**
* [encrypt description]
* @param [type] $decrypted [description]
* @return [type] [description]
*/
public function encrypt($decrypted)
{
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($this->cipherMethod));
$encrypted = openssl_encrypt(serialize($decrypted), $this->cipherMethod, $this->key, 0, $iv);
$data = join(':', [$this->cipherMethod, base64_encode($iv), base64_encode($encrypted)]);
return $this->encode($data);
}
public function decrypt($encrypted)
{
list($algo, $iv, $encrypted) = explode(':', $this->decode($encrypted));
$decrypted = openssl_decrypt(base64_decode($encrypted), $algo, $this->key, 0, base64_decode($iv));
return unserialize($decrypted);
}
}
trait Base62Encoder
{
protected $chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
public function encode($data)
{
if (is_integer($data)) {
$data = [$data];
} else {
$data = str_split($data);
$data = array_map(function ($character) {
return ord($character);
}, $data);
}
$converted = $this->baseConvert($data, 256, 62);
return implode("", array_map(function ($index) {
return $this->chars[$index];
}, $converted));
}
public function decode($data, $integer = false)
{
$data = str_split($data);
$data = array_map(function ($character) {
return strpos($this->chars, $character);
}, $data);
/* Return as integer when requested. */
if ($integer) {
$converted = $this->baseConvert($data, 62, 10);
return (integer) implode("", $converted);
}
$converted = $this->baseConvert($data, 62, 256);
return implode("", array_map(function ($ascii) {
return chr($ascii);
}, $converted));
}
public function baseConvert(array $source, $source_base, $target_base)
{
$result = [];
while ($count = count($source)) {
$quotient = [];
$remainder = 0;
for ($i = 0; $i !== $count; $i++) {
$accumulator = $source[$i] + $remainder * $source_base;
$digit = (integer) ($accumulator / $target_base);
$remainder = $accumulator % $target_base;
if (count($quotient) || $digit) {
array_push($quotient, $digit);
};
}
array_unshift($result, $remainder);
$source = $quotient;
}
return $result;
}
}
session_set_save_handler(new EncryptedSessionHandler('tututu'));
session_start();
if (@$_GET['sleep']) {
sleep(max($_GET['sleep'], 5));
}
// $i = 0;
// while ($sessid = @$_SESSION['regenid']) {
// session_abort();
// session_write_close();
// if ($sessid == session_id()) {
// $_SESSION['regenid'] = null;
// break;
// }
// var_dump([$sessid, session_id(), @$_SESSION['regenid']]);
// session_id($_SESSION['regenid']);
// session_start();
// var_dump([session_id()]);
// var_dump([$sessid, session_id(), @$_SESSION['regenid']]);
// if (++$i > 10) break;
// }
$_SESSION['count'] = @$_SESSION['count']+1;
print date(DATE_COOKIE) . ' — ' . session_id() . ' — ' . $_SESSION['count'];
session_regenerate_id();
if (!array_key_exists('sleep', $_GET)) {
?>
<script src="https://code.jquery.com/jquery-3.1.1.min.js"></script>
<script src="http://cdn.intercoolerjs.org/intercooler-1.1.1.min.js"></script>
<hr/>
<div ic-get-from="?sleep=1" ic-trigger-on="load"></div>
<hr/>
<div ic-get-from="?sleep=1" ic-trigger-on="load" ic-trigger-delay="500ms"></div>
<hr/>
<div ic-get-from="?sleep=3" ic-trigger-on="load"></div>
<?php
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment