|
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Created by PhpStorm.
|
|
|
|
|
* User: user
|
|
|
|
|
* Date: 22/09/2017
|
|
|
|
|
* Time: 09:20
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Class Sessao
|
|
|
|
|
*/
|
|
|
|
|
class Sessao extends SessionHandler implements SessionHandlerInterface {
|
|
|
|
|
|
|
|
|
|
private static $namePattern = "sess_%s";
|
|
|
|
|
private $savePath;
|
|
|
|
|
|
|
|
|
|
public static function getTmpFileName($idProgSrc, $prefix = '_report') {
|
|
|
|
|
$sessionName = static::getSessionName();
|
|
|
|
|
|
|
|
|
|
return "{$sessionName}{$prefix}{$idProgSrc}";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function getSessionName() {
|
|
|
|
|
$idSessao = session_id();
|
|
|
|
|
|
|
|
|
|
return sprintf(static::$namePattern, $idSessao);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @inheritdoc
|
|
|
|
|
*/
|
|
|
|
|
public function open($savePath, $sessionName) {
|
|
|
|
|
$this->savePath = $savePath;
|
|
|
|
|
if (!is_dir($this->savePath)) {
|
|
|
|
|
@mkdir($this->savePath, 0777);
|
|
|
|
|
}
|
|
|
|
|
if (!is_readable($this->savePath) || !is_writable($this->savePath)) {
|
|
|
|
|
@chmod($this->savePath, 0777);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @inheritdoc
|
|
|
|
|
*/
|
|
|
|
|
public function close() {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @inheritdoc
|
|
|
|
|
*/
|
|
|
|
|
public function destroy($session_id) {
|
|
|
|
|
$sessionPath = static::getPath('session', $session_id);
|
|
|
|
|
$files = glob($sessionPath);
|
|
|
|
|
foreach ($files as $file) {
|
|
|
|
|
if (file_exists($file)) {
|
|
|
|
|
@unlink($file);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$tmpPath = static::getPath('tmp', $session_id);
|
|
|
|
|
$filesReport = glob($tmpPath);
|
|
|
|
|
foreach ($filesReport as $fileReport) {
|
|
|
|
|
if (file_exists($fileReport)) {
|
|
|
|
|
@unlink($fileReport);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function getPath($for = 'tmp', $sessionId = null, $isForGlob = true) {
|
|
|
|
|
|
|
|
|
|
$idSessao = is_null($sessionId) || empty($sessionId) ? session_id() : $sessionId;
|
|
|
|
|
|
|
|
|
|
$for = strtolower($for);
|
|
|
|
|
$path = null;
|
|
|
|
|
switch ($for) {
|
|
|
|
|
case 'tmp':
|
|
|
|
|
$path = (sys_get_temp_dir() . DIRECTORY_SEPARATOR);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
$sessionSavePath = session_save_path();
|
|
|
|
|
$lastCharacter = substr($sessionSavePath, -1);
|
|
|
|
|
if ($lastCharacter != DIRECTORY_SEPARATOR) {
|
|
|
|
|
$sessionSavePath = $sessionSavePath . DIRECTORY_SEPARATOR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$path = $sessionSavePath;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$path .= sprintf(static::$namePattern, $idSessao);
|
|
|
|
|
|
|
|
|
|
if ($isForGlob) {
|
|
|
|
|
return $path . '*';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $path;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @inheritdoc
|
|
|
|
|
*/
|
|
|
|
|
public function gc($maxlifetime) {
|
|
|
|
|
$sessionPath = static::getPath('session');
|
|
|
|
|
$files = glob($sessionPath);
|
|
|
|
|
//array que armazena os id's das sess<EFBFBD>es que foram removidas
|
|
|
|
|
$outdatedSessions = [];
|
|
|
|
|
foreach ($files as $file) {
|
|
|
|
|
clearstatcache(true, $file);
|
|
|
|
|
if (filemtime($file) + $maxlifetime < time() && file_exists($file)) {
|
|
|
|
|
$name = explode('_', $file);
|
|
|
|
|
$outdatedSessions[] = $name[1];
|
|
|
|
|
@unlink($file);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
//varre o diret<EFBFBD>rio onde os arquivos tempor<EFBFBD>rios de relat<EFBFBD>rios foram salvos
|
|
|
|
|
//e apaga todos os arquivos gerados pelo usu<EFBFBD>rio durante a sess<EFBFBD>o
|
|
|
|
|
if (!empty($outdatedSessions)) {
|
|
|
|
|
foreach ($outdatedSessions as $idSessao) {
|
|
|
|
|
$path = static::getPath('tmp', $idSessao);
|
|
|
|
|
$reportFiles = glob($path);
|
|
|
|
|
foreach ($reportFiles as $reportFile) {
|
|
|
|
|
if (file_exists($reportFile)) {
|
|
|
|
|
@unlink($reportFile);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @inheritdoc
|
|
|
|
|
*/
|
|
|
|
|
public function read($session_id) {
|
|
|
|
|
// $path = static::getPath('session', $session_id, false);
|
|
|
|
|
// return (string)@file_get_contents($path);
|
|
|
|
|
return parent::read($session_id);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @inheritdoc
|
|
|
|
|
*/
|
|
|
|
|
public function write($session_id, $session_data) {
|
|
|
|
|
return parent::write($session_id, $session_data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* decrypt AES 256
|
|
|
|
|
*
|
|
|
|
|
* @param string $edata
|
|
|
|
|
* @param string $password
|
|
|
|
|
*
|
|
|
|
|
* @return string decrypted data
|
|
|
|
|
*/
|
|
|
|
|
function decrypt($edata, $password) {
|
|
|
|
|
$data = base64_decode($edata);
|
|
|
|
|
$salt = substr($data, 0, 16);
|
|
|
|
|
$ct = substr($data, 16);
|
|
|
|
|
|
|
|
|
|
$rounds = 3; // depends on key length
|
|
|
|
|
$data00 = $password . $salt;
|
|
|
|
|
$hash = array();
|
|
|
|
|
$hash[0] = hash('sha256', $data00, true);
|
|
|
|
|
$result = $hash[0];
|
|
|
|
|
for ($i = 1; $i < $rounds; $i++) {
|
|
|
|
|
$hash[$i] = hash('sha256', $hash[$i - 1] . $data00, true);
|
|
|
|
|
$result .= $hash[$i];
|
|
|
|
|
}
|
|
|
|
|
$key = substr($result, 0, 32);
|
|
|
|
|
$iv = substr($result, 32, 16);
|
|
|
|
|
|
|
|
|
|
return openssl_decrypt($ct, 'AES-256-CBC', $key, true, $iv);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* crypt AES 256
|
|
|
|
|
*
|
|
|
|
|
* @param string $data
|
|
|
|
|
* @param string $password
|
|
|
|
|
*
|
|
|
|
|
* @return string base64 encrypted data
|
|
|
|
|
*/
|
|
|
|
|
function encrypt($data, $password) {
|
|
|
|
|
// Set a random salt
|
|
|
|
|
$salt = openssl_random_pseudo_bytes(16);
|
|
|
|
|
|
|
|
|
|
$salted = '';
|
|
|
|
|
$dx = '';
|
|
|
|
|
// Salt the key(32) and iv(16) = 48
|
|
|
|
|
while (strlen($salted) < 48) {
|
|
|
|
|
$dx = hash('sha256', $dx . $password . $salt, true);
|
|
|
|
|
$salted .= $dx;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$key = substr($salted, 0, 32);
|
|
|
|
|
$iv = substr($salted, 32, 16);
|
|
|
|
|
|
|
|
|
|
$encrypted_data = openssl_encrypt($data, 'AES-256-CBC', $key, true, $iv);
|
|
|
|
|
|
|
|
|
|
return base64_encode($salt . $encrypted_data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|