|
|
<?php |
|
|
|
|
|
/** |
|
|
* Created by PhpStorm. |
|
|
* User: user |
|
|
* Date: 22/09/2017 |
|
|
* Time: 09:20 |
|
|
*/ |
|
|
|
|
|
/** |
|
|
* Class Sessao |
|
|
*/ |
|
|
class Sessao extends SessionHandler implements SessionHandlerInterface { |
|
|
|
|
|
private static $namePattern = "sess_%s"; |
|
|
private $savePath; |
|
|
|
|
|
public static function getTmpFileName($idProgSrc, $prefix = '_report') { |
|
|
$sessionName = static::getSessionName(); |
|
|
|
|
|
return "{$sessionName}{$prefix}{$idProgSrc}"; |
|
|
} |
|
|
|
|
|
public static function getSessionName() { |
|
|
$idSessao = session_id(); |
|
|
|
|
|
return sprintf(static::$namePattern, $idSessao); |
|
|
} |
|
|
|
|
|
/** |
|
|
* @inheritdoc |
|
|
*/ |
|
|
public function open($savePath, $sessionName) { |
|
|
$this->savePath = $savePath; |
|
|
if (!is_dir($this->savePath)) { |
|
|
@mkdir($this->savePath, 0777); |
|
|
} |
|
|
if (!is_readable($this->savePath) || !is_writable($this->savePath)) { |
|
|
@chmod($this->savePath, 0777); |
|
|
} |
|
|
|
|
|
return true; |
|
|
} |
|
|
|
|
|
/** |
|
|
* @inheritdoc |
|
|
*/ |
|
|
public function close() { |
|
|
return true; |
|
|
} |
|
|
|
|
|
/** |
|
|
* @inheritdoc |
|
|
*/ |
|
|
public function destroy($session_id) { |
|
|
$sessionPath = static::getPath('session', $session_id); |
|
|
$files = glob($sessionPath); |
|
|
foreach ($files as $file) { |
|
|
if (file_exists($file)) { |
|
|
@unlink($file); |
|
|
} |
|
|
} |
|
|
|
|
|
$tmpPath = static::getPath('tmp', $session_id); |
|
|
$filesReport = glob($tmpPath); |
|
|
foreach ($filesReport as $fileReport) { |
|
|
if (file_exists($fileReport)) { |
|
|
@unlink($fileReport); |
|
|
} |
|
|
} |
|
|
|
|
|
return true; |
|
|
} |
|
|
|
|
|
public static function getPath($for = 'tmp', $sessionId = null, $isForGlob = true) { |
|
|
|
|
|
$idSessao = is_null($sessionId) || empty($sessionId) ? session_id() : $sessionId; |
|
|
|
|
|
$for = strtolower($for); |
|
|
$path = null; |
|
|
switch ($for) { |
|
|
case 'tmp': |
|
|
$path = (sys_get_temp_dir() . DIRECTORY_SEPARATOR); |
|
|
break; |
|
|
default: |
|
|
$sessionSavePath = session_save_path(); |
|
|
$lastCharacter = substr($sessionSavePath, -1); |
|
|
if ($lastCharacter != DIRECTORY_SEPARATOR) { |
|
|
$sessionSavePath = $sessionSavePath . DIRECTORY_SEPARATOR; |
|
|
} |
|
|
|
|
|
$path = $sessionSavePath; |
|
|
break; |
|
|
} |
|
|
|
|
|
$path .= sprintf(static::$namePattern, $idSessao); |
|
|
|
|
|
if ($isForGlob) { |
|
|
return $path . '*'; |
|
|
} |
|
|
|
|
|
return $path; |
|
|
} |
|
|
|
|
|
/** |
|
|
* @inheritdoc |
|
|
*/ |
|
|
public function gc($maxlifetime) { |
|
|
$sessionPath = static::getPath('session'); |
|
|
$files = glob($sessionPath); |
|
|
//array que armazena os id's das sess<EFBFBD>es que foram removidas |
|
|
$outdatedSessions = []; |
|
|
foreach ($files as $file) { |
|
|
clearstatcache(true, $file); |
|
|
if (filemtime($file) + $maxlifetime < time() && file_exists($file)) { |
|
|
$name = explode('_', $file); |
|
|
$outdatedSessions[] = $name[1]; |
|
|
@unlink($file); |
|
|
} |
|
|
} |
|
|
//varre o diret<EFBFBD>rio onde os arquivos tempor<EFBFBD>rios de relat<EFBFBD>rios foram salvos |
|
|
//e apaga todos os arquivos gerados pelo usu<EFBFBD>rio durante a sess<EFBFBD>o |
|
|
if (!empty($outdatedSessions)) { |
|
|
foreach ($outdatedSessions as $idSessao) { |
|
|
$path = static::getPath('tmp', $idSessao); |
|
|
$reportFiles = glob($path); |
|
|
foreach ($reportFiles as $reportFile) { |
|
|
if (file_exists($reportFile)) { |
|
|
@unlink($reportFile); |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
return true; |
|
|
} |
|
|
|
|
|
/** |
|
|
* @inheritdoc |
|
|
*/ |
|
|
public function read($session_id) { |
|
|
// $path = static::getPath('session', $session_id, false); |
|
|
// return (string)@file_get_contents($path); |
|
|
return parent::read($session_id); |
|
|
} |
|
|
|
|
|
/** |
|
|
* @inheritdoc |
|
|
*/ |
|
|
public function write($session_id, $session_data) { |
|
|
return parent::write($session_id, $session_data); |
|
|
} |
|
|
|
|
|
/** |
|
|
* decrypt AES 256 |
|
|
* |
|
|
* @param string $edata |
|
|
* @param string $password |
|
|
* |
|
|
* @return string decrypted data |
|
|
*/ |
|
|
function decrypt($edata, $password) { |
|
|
$data = base64_decode($edata); |
|
|
$salt = substr($data, 0, 16); |
|
|
$ct = substr($data, 16); |
|
|
|
|
|
$rounds = 3; // depends on key length |
|
|
$data00 = $password . $salt; |
|
|
$hash = array(); |
|
|
$hash[0] = hash('sha256', $data00, true); |
|
|
$result = $hash[0]; |
|
|
for ($i = 1; $i < $rounds; $i++) { |
|
|
$hash[$i] = hash('sha256', $hash[$i - 1] . $data00, true); |
|
|
$result .= $hash[$i]; |
|
|
} |
|
|
$key = substr($result, 0, 32); |
|
|
$iv = substr($result, 32, 16); |
|
|
|
|
|
return openssl_decrypt($ct, 'AES-256-CBC', $key, true, $iv); |
|
|
} |
|
|
|
|
|
/** |
|
|
* crypt AES 256 |
|
|
* |
|
|
* @param string $data |
|
|
* @param string $password |
|
|
* |
|
|
* @return string base64 encrypted data |
|
|
*/ |
|
|
function encrypt($data, $password) { |
|
|
// Set a random salt |
|
|
$salt = openssl_random_pseudo_bytes(16); |
|
|
|
|
|
$salted = ''; |
|
|
$dx = ''; |
|
|
// Salt the key(32) and iv(16) = 48 |
|
|
while (strlen($salted) < 48) { |
|
|
$dx = hash('sha256', $dx . $password . $salt, true); |
|
|
$salted .= $dx; |
|
|
} |
|
|
|
|
|
$key = substr($salted, 0, 32); |
|
|
$iv = substr($salted, 32, 16); |
|
|
|
|
|
$encrypted_data = openssl_encrypt($data, 'AES-256-CBC', $key, true, $iv); |
|
|
|
|
|
return base64_encode($salt . $encrypted_data); |
|
|
} |
|
|
|
|
|
}
|
|
|
|
