jamalhassouni/SessionPHPClass.php

## SessionPHPClass.php
<?php
define('DS', DIRECTORY_SEPARATOR); //
// privileges/verifying_session/check_session
// /opt/lamp/htDocs/folder name
//define('Save_Path', __DIR__ . DS . '../session');
define('Save_Path',dirname(realpath(__FILE__)).DS.'../ee399e457eae2ef36adabc2ad78d8064');


class Session extends SessionHandler
{

    // All  website in same root
    private $Path = '/';
    // For HTTPS
    private $SSL = false;
    // Session Name  // Default ( PHPSESSID )
    private $Session_name = "$2y$10xwdgum3WrlAGhJgOQfG9tujGzUI6HZR99jwZGQxDuFatM7YEzwXj2";
    // Max  Life time For Session
    private $Lifetime = 0;
    // Path of the session
    private $Save_Path = Save_Path;
    // ALLow Only For http  Not access for javascript example : ( document.cookie )
    private $HTTP_ONLY = true;
    // ( .domain.com ) For All Sub Domain  ( domain.com ) For Only ( domain.com)
    private $Domain = '.tubo.com';
    // Key encryption or ( password )
    private $Key = '2y$12$Ds72DgfWvYqYL74GAfLI7.0lvChR2yUMUtWRiHLQcMesJUTfZJiC';

  //  private $code = '!@#$%^&+()_?+-.>$2y$12$Ds72DgfWvYqYL74GAfLI7.0lvChR2yUM.UtWRiHLQcMesJUTfZJiC';
    // Crypt method Mode CBC
    private $Cipher = "AES-256-CBC";
    // time Session to Live for renew session
    private $timeToLive = 30; // 30 min

    public function __construct()
    {
        ini_set('session.use_cookies', 1);
        ini_set('session.use_trans_sid', 0);
        ini_set('session.use_strict_mode', 1);
        ini_set('session.use_only_cookies', 1);
        // save session on files
        ini_set('session.save_handler', 'files');
        // not cache for session
        ini_set('session.cache_limiter', 'nocache');
        session_name($this->Session_name);

        session_save_path($this->Save_Path);
        session_set_cookie_params($this->Lifetime,
            $this->Path,
            $this->Domain,
            $this->SSL,
            $this->HTTP_ONLY
        );
        session_set_save_handler($this, true);


    }

    public function __get($key)
    {
        // TODO: Implement __get() method.
        // return false if session name not found !
        return false !== $_SESSION[$key] ? $_SESSION[$key] : false;
    }

    public function __set($key, $value)
    {
        // TODO: Implement __set() method.

        $_SESSION[$key] = $value;
        // echo $session->username ='data';
    }

    public function __isset($key)
    {
        // TODO: Implement __isset() method.
        return isset($_SESSION[$key]) ? true : false;
    }

    public function read($id)
    {
        $data = parent::read($id);

        if (!$data) {
            return "";
        } else {
            return $this->decrypt($data, $this->Key);
        }
    }

    public function write($id, $data)
    {
        $data = $this->encrypt($data, $this->Key);

        return parent::write($id, $data);
    }

    public function start()
    {
        if (session_id() === '') {
            if (session_start()) {
                $this->SetSessionStartTime();
                $this->checkSessionValidity();

            }
        }

    }

    private function SetSessionStartTime()
    {
        if (!isset($this->SessionStartTime)) {
            $this->SessionStartTime = time();
        }
        return true;
    }

    private function checkSessionValidity()
    {
        // TODO : check if session  > 30 min
        if ((time() - $this->SessionStartTime) > ($this->timeToLive * 60 )) {
            $this->renewSession();
            $this->generateFingerPrint();

        }
        return true;
    }

    private function renewSession()
    {
        // TODO : generate new session And delete old session When login OR submit form
        $this->SessionStartTime = time();
        // true for delete old session  false keep the current session
        return session_regenerate_id(true);

    }

    public function Kill_session()
    {
        // TODO : Kill session
        session_unset();
        setcookie($this->Session_name, '', time() - 3600, $this->Path, $this->Domain, $this->SSL, $this->HTTP_ONLY);
        setcookie('SID', '1', time()-3600);
        session_destroy();

    }

    private function generateFingerPrint()
    {
        // TODO : Generate Finger Print
        $userAgentId = $_SERVER['HTTP_USER_AGENT'];
        // session code
        $this->CipherKey = openssl_random_pseudo_bytes(16);
        $session_ID = session_id();
        // session fingerPrint
        $this->fingerPrint = sha1($userAgentId . $this->CipherKey . $session_ID);

    }

    public function isValidFingerPrint()
    {
        // TODO : check if isset  Finger Print or not and generate them  of not
        if (!isset($this->fingerPrint)) {
           $this->generateFingerPrint();

           }
        $fingerPrint = sha1($_SERVER['HTTP_USER_AGENT'] . $this->CipherKey . session_id());
        // if user in the  same ip (some browser )
        if ($fingerPrint === $this->fingerPrint) {
            return true;

        }
        return false;

    }


   private  function decrypt($edata, $password) {
        // TODO : decrypt AES 256
        $data = base64_decode($edata);
        $salt = substr($data, 0, 16);
        $ct = substr($data, 16);

        $rounds = 3; // depends on key length
        $data00 = $password.$salt;
        $hash = array();
        $hash[0] = hash('sha256', $data00, true);
        $result = $hash[0];
        for ($i = 1; $i < $rounds; $i++) {
            $hash[$i] = hash('sha256', $hash[$i - 1].$data00, true);
            $result .= $hash[$i];
        }
        $key = substr($result, 0, 32);
        $iv  = substr($result, 32,16);

        return openssl_decrypt($ct, $this->Cipher, $key, true, $iv);
    }


   private  function encrypt($data, $password) {
        // TODO : crypt AES 256
        // Set a random salt
        $salt = openssl_random_pseudo_bytes(16);

        $salted = '';
        $dx = '';
        // Salt the key(32) and iv(16) = 48
        while (strlen($salted) < 48) {
            $dx = hash('sha256', $dx.$password.$salt, true);
            $salted .= $dx;
        }

        $key = substr($salted, 0, 32);
        $iv  = substr($salted, 32,16);

        $encrypted_data = openssl_encrypt($data, $this->Cipher, $key, true, $iv);
        return base64_encode($salt . $encrypted_data);
    }


}
	<?php
	define('DS', DIRECTORY_SEPARATOR); //
	// privileges/verifying_session/check_session
	// /opt/lamp/htDocs/folder name
	//define('Save_Path', __DIR__ . DS . '../session');
	define('Save_Path',dirname(realpath(__FILE__)).DS.'../ee399e457eae2ef36adabc2ad78d8064');


	class Session extends SessionHandler
	{

	// All website in same root
	private $Path = '/';
	// For HTTPS
	private $SSL = false;
	// Session Name // Default ( PHPSESSID )
	private $Session_name = "$2y$10xwdgum3WrlAGhJgOQfG9tujGzUI6HZR99jwZGQxDuFatM7YEzwXj2";
	// Max Life time For Session
	private $Lifetime = 0;
	// Path of the session
	private $Save_Path = Save_Path;
	// ALLow Only For http Not access for javascript example : ( document.cookie )
	private $HTTP_ONLY = true;
	// ( .domain.com ) For All Sub Domain ( domain.com ) For Only ( domain.com)
	private $Domain = '.tubo.com';
	// Key encryption or ( password )
	private $Key = '2y$12$Ds72DgfWvYqYL74GAfLI7.0lvChR2yUMUtWRiHLQcMesJUTfZJiC';

	// private $code = '!@#$%^&+()_?+-.>$2y$12$Ds72DgfWvYqYL74GAfLI7.0lvChR2yUM.UtWRiHLQcMesJUTfZJiC';
	// Crypt method Mode CBC
	private $Cipher = "AES-256-CBC";
	// time Session to Live for renew session
	private $timeToLive = 30; // 30 min

	public function __construct()
	{
	ini_set('session.use_cookies', 1);
	ini_set('session.use_trans_sid', 0);
	ini_set('session.use_strict_mode', 1);
	ini_set('session.use_only_cookies', 1);
	// save session on files
	ini_set('session.save_handler', 'files');
	// not cache for session
	ini_set('session.cache_limiter', 'nocache');
	session_name($this->Session_name);

	session_save_path($this->Save_Path);
	session_set_cookie_params($this->Lifetime,
	$this->Path,
	$this->Domain,
	$this->SSL,
	$this->HTTP_ONLY
	);
	session_set_save_handler($this, true);


	}

	public function __get($key)
	{
	// TODO: Implement __get() method.
	// return false if session name not found !
	return false !== $_SESSION[$key] ? $_SESSION[$key] : false;
	}

	public function __set($key, $value)
	{
	// TODO: Implement __set() method.

	$_SESSION[$key] = $value;
	// echo $session->username ='data';
	}

	public function __isset($key)
	{
	// TODO: Implement __isset() method.
	return isset($_SESSION[$key]) ? true : false;
	}

	public function read($id)
	{
	$data = parent::read($id);

	if (!$data) {
	return "";
	} else {
	return $this->decrypt($data, $this->Key);
	}
	}

	public function write($id, $data)
	{
	$data = $this->encrypt($data, $this->Key);

	return parent::write($id, $data);
	}

	public function start()
	{
	if (session_id() === '') {
	if (session_start()) {
	$this->SetSessionStartTime();
	$this->checkSessionValidity();

	}
	}

	}

	private function SetSessionStartTime()
	{
	if (!isset($this->SessionStartTime)) {
	$this->SessionStartTime = time();
	}
	return true;
	}

	private function checkSessionValidity()
	{
	// TODO : check if session > 30 min
	if ((time() - $this->SessionStartTime) > ($this->timeToLive * 60 )) {
	$this->renewSession();
	$this->generateFingerPrint();

	}
	return true;
	}

	private function renewSession()
	{
	// TODO : generate new session And delete old session When login OR submit form
	$this->SessionStartTime = time();
	// true for delete old session false keep the current session
	return session_regenerate_id(true);

	}

	public function Kill_session()
	{
	// TODO : Kill session
	session_unset();
	setcookie($this->Session_name, '', time() - 3600, $this->Path, $this->Domain, $this->SSL, $this->HTTP_ONLY);
	setcookie('SID', '1', time()-3600);
	session_destroy();

	}

	private function generateFingerPrint()
	{
	// TODO : Generate Finger Print
	$userAgentId = $_SERVER['HTTP_USER_AGENT'];
	// session code
	$this->CipherKey = openssl_random_pseudo_bytes(16);
	$session_ID = session_id();
	// session fingerPrint
	$this->fingerPrint = sha1($userAgentId . $this->CipherKey . $session_ID);

	}

	public function isValidFingerPrint()
	{
	// TODO : check if isset Finger Print or not and generate them of not
	if (!isset($this->fingerPrint)) {
	$this->generateFingerPrint();

	}
	$fingerPrint = sha1($_SERVER['HTTP_USER_AGENT'] . $this->CipherKey . session_id());
	// if user in the same ip (some browser )
	if ($fingerPrint === $this->fingerPrint) {
	return true;

	}
	return false;

	}


	private function decrypt($edata, $password) {
	// TODO : decrypt AES 256
	$data = base64_decode($edata);
	$salt = substr($data, 0, 16);
	$ct = substr($data, 16);

	$rounds = 3; // depends on key length
	$data00 = $password.$salt;
	$hash = array();
	$hash[0] = hash('sha256', $data00, true);
	$result = $hash[0];
	for ($i = 1; $i < $rounds; $i++) {
	$hash[$i] = hash('sha256', $hash[$i - 1].$data00, true);
	$result .= $hash[$i];
	}
	$key = substr($result, 0, 32);
	$iv = substr($result, 32,16);

	return openssl_decrypt($ct, $this->Cipher, $key, true, $iv);
	}


	private function encrypt($data, $password) {
	// TODO : crypt AES 256
	// Set a random salt
	$salt = openssl_random_pseudo_bytes(16);

	$salted = '';
	$dx = '';
	// Salt the key(32) and iv(16) = 48
	while (strlen($salted) < 48) {
	$dx = hash('sha256', $dx.$password.$salt, true);
	$salted .= $dx;
	}

	$key = substr($salted, 0, 32);
	$iv = substr($salted, 32,16);

	$encrypted_data = openssl_encrypt($data, $this->Cipher, $key, true, $iv);
	return base64_encode($salt . $encrypted_data);
	}


	}