PHP Classes

File: examples/security.php

Recommend this page to a friend!
  Classes of Colin McKinnon   Stackable PHP Session Handler   examples/security.php   Download  
File: examples/security.php
Role: Example script
Content type: text/plain
Description: Apply security checks to session (>=5.5.4)
Class: Stackable PHP Session Handler
Store session data with multiple session handlers
Author: By
Last change:
Date: 8 years ago
Size: 1,174 bytes
 

Contents

Class file image Download
<?php
require_once('utils.inc.php');
require_once(
'../handlers/stackSess.inc.php');
require_once(
'../handlers/compat.inc.php');
require_once(
'../handlers/security.inc.php');

session_name('SESS_SS');

logger("started");
$storage=new compatSessionHandler();
$storage->setLogger('logger');
$handler=new securitySession($storage);
$handler->setLogger('logger');

if (!
$handler->install()) {
    print
"set handler failed";
    exit;
}
logger("* about to call session_start()");

session_start();
if (!isset(
$_SESSION['c'])) $_SESSION['c']=0;

if ((integer)
$_SESSION['c'] && !($_SESSION['c'] % 3)) {
   
logger("* about to regenerate");
   
session_regenerate_id();
}
if (
4>rand(0,10)) {
   
logger("*session changed");
    ++
$_SESSION['c'];
}
logger("Session contains " . var_export($_SESSION, true));
logger("about to finish");
session_write_close();
?>
<html>
<H1>The Security Check handler</H1>
<p>
This handler will destroy the session if the IP address or browser changes.
</p><p>
Note that it must be layered on top of a storage handler.
</p><p>
The logging output of the handler is shown below:<br />
<?php
print "OK:++\$_SESSION['c']=" . $_SESSION['c'] . "<pre>$statuslog</pre>";
exit;