Created
September 8, 2015 13:15
-
-
Save firefoxrebo/d125968fedec2370ae24 to your computer and use it in GitHub Desktop.
A Custom Session Handler
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
define('SESSION_SAVE_PATH', dirname(realpath(__FILE__)).DIRECTORY_SEPARATOR.'sessions'); | |
class MySessionHandler extends SessionHandler | |
{ | |
private $sessionName = 'MYSESS'; | |
private $sessionMaxLifeTime = 0; | |
private $sessionHTTPOnly = true; | |
private $sessionSecure = false; | |
private $sessionPath = '/'; | |
private $sessionDomain = '.phpdev.com'; | |
private $sessionSavePath = SESSION_SAVE_PATH; | |
private $cipherKey = 'WYCRYPT0K3Y@2016'; | |
private $cipherMode = MCRYPT_MODE_ECB; | |
private $cipherAlgorithm = MCRYPT_BLOWFISH; | |
private $ttl = 30; | |
public function __construct() | |
{ | |
ini_set('session.use_cookies', 1); | |
ini_set('session.use_only_cookies', 1); | |
ini_set('session.use_trans_sid', 0); | |
ini_set('session.save_handler', 'files'); | |
session_name($this->sessionName); | |
session_save_path($this->sessionSavePath); | |
session_set_cookie_params( | |
$this->sessionMaxLifeTime, | |
$this->sessionPath, | |
$this->sessionDomain, | |
$this->sessionSecure, | |
$this->sessionHTTPOnly | |
); | |
session_set_save_handler($this, true); | |
} | |
public function __get($key) | |
{ | |
return false !== (isset($_SESSION[$key])) ? $_SESSION[$key] : false; | |
} | |
public function __set($key, $data) | |
{ | |
$_SESSION[$key] = $data; | |
} | |
public function __isset($key) | |
{ | |
return isset($_SESSION[$key]); | |
} | |
public function read($id) | |
{ | |
return mcrypt_decrypt($this->cipherAlgorithm, $this->cipherKey, parent::read($id), $this->cipherMode); | |
} | |
public function write($id, $data) | |
{ | |
parent::write($id, mcrypt_encrypt($this->cipherAlgorithm, $this->cipherKey, $data, $this->cipherMode)); | |
} | |
public function start() | |
{ | |
if('' === session_id()) { | |
if(session_start()) { | |
$this->setStartTimeStamp(); | |
$this->checkSessionValidity(); | |
} | |
} | |
return false; | |
} | |
public function kill() | |
{ | |
session_unset(); | |
setcookie( | |
$this->sessionName, '', time() - 1000, | |
$this->sessionPath, $this->sessionDomain, $this->sessionSecure, | |
$this->sessionHTTPOnly | |
); | |
return session_destroy(); | |
} | |
private function renewSession() | |
{ | |
$this->renewTimeStamp(); | |
return session_regenerate_id(true); | |
} | |
private function setStartTimeStamp() | |
{ | |
if(!isset($this->sessionStartTimeStamp)) { | |
$this->renewTimeStamp(); | |
} | |
} | |
private function renewTimeStamp() | |
{ | |
$this->sessionStartTimeStamp = time(); | |
} | |
private function checkSessionValidity() | |
{ | |
if((time() - $this->sessionStartTimeStamp) > ($this->ttl * 60)) { | |
$this->renewSession(); | |
} | |
} | |
private function getId() | |
{ | |
return session_id(); | |
} | |
public function isFingerPrintValid() | |
{ | |
if(!isset($this->fingerPrint)) { | |
$userAgent = $_SERVER['HTTP_USER_AGENT']; | |
$this->randomKey = mcrypt_create_iv(64); | |
$this->fingerPrint = sha1($userAgent.$this->getId().$this->randomKey); | |
} | |
$fingerPrint = sha1($_SERVER['HTTP_USER_AGENT'].$this->getId().$this->randomKey); | |
if($fingerPrint === $this->fingerPrint) { | |
return true; | |
} | |
return false; | |
} | |
} | |
$session = new MySessionHandler(); | |
$session->start(); | |
if(!$session->isFingerPrintValid()) { | |
$session->kill(); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I got this error
I googled the problem I found the solution
I added
return true;
to thewrite()
methodnow it works good