File: examples/security.php

Recommend this page to a friend!

???

File:	`examples/???`
Role:	Example script
Content typex:	`text/plain`
Description:	Apply security checks to session (>=5.5.4)
Class:	Stackable PHP Session Handler Store session data with multiple session handlers
Author:	By Colin McKinnon
Last change:
Date:	9 years ago
Size:	`1,174 bytes`

Download


<?php

require_once('utils.inc.php');

require_once('../handlers/stackSess.inc.php');

require_once('../handlers/compat.inc.php');

require_once('../handlers/security.inc.php');



session_name('SESS_SS');



logger("started");

$storage=new compatSessionHandler();

$storage->setLogger('logger');

$handler=new securitySession($storage);

$handler->setLogger('logger');



if (!$handler->install()) {

    print "set handler failed";

    exit;

}

logger("* about to call session_start()");



session_start();

if (!isset($_SESSION['c'])) $_SESSION['c']=0;



if ((integer)$_SESSION['c'] && !($_SESSION['c'] % 3)) {

    logger("* about to regenerate");

    session_regenerate_id();

}

if (4>rand(0,10)) {

    logger("*session changed");

    ++$_SESSION['c'];

}

logger("Session contains " . var_export($_SESSION, true));

logger("about to finish");

session_write_close();

?>

<html>

<H1>The Security Check handler</H1>

<p>

This handler will destroy the session if the IP address or browser changes.

</p><p>

Note that it must be layered on top of a storage handler.

</p><p>

The logging output of the handler is shown below:<br />

<?php

print "OK:++\$_SESSION['c']=" . $_SESSION['c'] . "<pre>$statuslog</pre>";

exit;

About us

Advertise on this site

For more information send a message to info at phpclasses dot org.

File: examples/security.php

Contents