|
<?php |
|
|
|
ini_set('session.gc_probability', 0); |
|
ini_set('session.cookie_domain', '.plantarium.ru'); |
|
session_set_cookie_params(pow(2, 31) - 1, '/', '.plantarium.ru'); |
|
|
|
define('COOKIED_SESSION_COOKIE_NAME', 'cookied_session'); |
|
define('COOKIED_SESSION_KEY', |
|
pack('H*', '8c355bad1cfb778eacf3627511c5a345d6c2705739dff770f844893f2e05cae3')); |
|
|
|
function base64url_encode($data) { |
|
return strtr(base64_encode($data), array('+' => '-', '/' => '_')); |
|
} |
|
|
|
function base64url_decode($data) { |
|
return base64_decode(strtr($data, array('-' => '+', '_' => '/'))); |
|
} |
|
|
|
class AES { |
|
private $td; |
|
private $key; |
|
|
|
public function AES($key) { |
|
$this->td = mcrypt_module_open('rijndael-256', '', 'cbc', ''); |
|
$this->key = substr($key, 0, mcrypt_enc_get_key_size($this->td)); |
|
} |
|
|
|
private function init($iv) { |
|
return @mcrypt_generic_init($this->td, $this->key, $iv) != -1; |
|
} |
|
|
|
public function encrypt($plaintext) { |
|
$iv_size = mcrypt_enc_get_iv_size($this->td); |
|
$iv = mcrypt_create_iv($iv_size, MCRYPT_DEV_URANDOM); |
|
if (!$this->init($iv)) return false; |
|
|
|
$ciphertext = mcrypt_generic($this->td, $plaintext . "\xFF"); |
|
mcrypt_generic_deinit($this->td); |
|
|
|
return chr($iv_size) . $iv . $ciphertext; |
|
} |
|
|
|
public function decrypt($data) { |
|
$iv_size = ord(substr($data, 0, 1)); |
|
$iv = substr($data, 1, $iv_size); |
|
if (!$this->init($iv)) return false; |
|
|
|
$ciphertext = substr($data, $iv_size + 1); |
|
$plaintext = @mdecrypt_generic($this->td, $ciphertext); |
|
$plaintext = substr(rtrim($plaintext, "\0"), 0, -1); |
|
mcrypt_generic_deinit($this->td); |
|
|
|
return $plaintext; |
|
} |
|
} |
|
|
|
$cookied_session_cipher = new AES(COOKIED_SESSION_KEY); |
|
|
|
function cookied_session_read($id) { |
|
global $cookied_session_cipher; |
|
if (!isset($_COOKIE[COOKIED_SESSION_COOKIE_NAME])) { |
|
return ''; |
|
} |
|
$sess_data = base64url_decode($_COOKIE[COOKIED_SESSION_COOKIE_NAME]); |
|
$sess_data = bzdecompress($cookied_session_cipher->decrypt($sess_data)); |
|
if ($sess_data < 0) return ''; |
|
return $sess_data; |
|
} |
|
|
|
function cookied_session_write($id, $sess_data) { |
|
global $cookied_session_cipher; |
|
$value = base64url_encode($cookied_session_cipher->encrypt(bzcompress($sess_data))); |
|
$params = session_get_cookie_params(); |
|
setcookie(COOKIED_SESSION_COOKIE_NAME, $value, $params['lifetime'], |
|
$params['path'], $params['domain'], $params['secure'], $params['httponly']); |
|
return true; |
|
} |
|
|
|
function cookied_session_destroy($id) { |
|
setcookie(COOKIED_SESSION_COOKIE_NAME, '', time() - 60 * 60 * 24); |
|
return true; |
|
} |
|
|
|
function cookied_session_noop() { return true; } |
|
|
|
session_set_save_handler( |
|
'cookied_session_noop', |
|
'cookied_session_noop', |
|
'cookied_session_read', |
|
'cookied_session_write', |
|
'cookied_session_destroy', |
|
'cookied_session_noop' |
|
); |
