Juan Ligero jligerofleitas
jligerofleitas
/ SecureSession.php
Last active
September 29, 2015 00:08
Inspired by Enrizo Zimmel' secure sessions, I just added extra code to allow filesystem and DB session storage (via PDO), configured in the constructor. get(), set() and flash() methods added for daily usage.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * ------------------------------------------------ | |
| * Encrypt PHP session data using files | |
| * ------------------------------------------------ | |
| * The encryption is built using mcrypt extension | |
| * and the randomness is managed by openssl | |
| * The default encryption algorithm is AES (Rijndael-128) | |
| * and we use CBC+HMAC (Encrypt-then-mac) with SHA-256 |