ILIAS
release_4-3 Revision
|
Slim - a micro PHP 5 framework. More...
Public Member Functions | |
__construct ($secret, $config=null) | |
Constructor. | |
getHighConfidentiality () | |
Get the high confidentiality mode. | |
setHighConfidentiality ($enable) | |
Enable or disable cookie data encryption. | |
getSSL () | |
Get the SSL status (enabled or disabled?) | |
setSSL ($enable) | |
Enable SSL support (not enabled by default) | |
getResponseCookies () | |
Get Cookies for Response. | |
getResponseCookie ($cookiename) | |
Get Cookie with name for Response. | |
setCookie ($cookiename, $value, $username, $expire=0, $path= '/', $domain= '', $secure=false, $httponly=null) | |
Set a secure cookie. | |
deleteCookie ($name, $path= '/', $domain= '', $secure=false, $httponly=null) | |
Delete a cookie. | |
getCookieValue ($cookiename, $deleteIfInvalid=true) | |
Get a secure cookie value. | |
setClassicCookie ($cookiename, $value, $expire=0, $path= '/', $domain= '', $secure=false, $httponly=null) | |
Send a classic (unsecure) cookie. | |
cookieExists ($cookiename) | |
Verify if a cookie exists. |
Protected Member Functions | |
_secureCookieValue ($value, $username, $expire) | |
Secure a cookie value. | |
_encrypt ($data, $key, $iv) | |
Encrypt a given data with a given key and a given initialisation vector. | |
_decrypt ($data, $key, $iv) | |
Decrypt a given data with a given key and a given initialisation vector. | |
_validateIv ($iv) | |
Validate Initialization vector. | |
_validateKey ($key) | |
Validate key. |
Protected Attributes | |
$_secret = '' | |
$_algorithm = MCRYPT_RIJNDAEL_256 | |
$_mode = MCRYPT_MODE_CBC | |
$_cryptModule = null | |
$_highConfidentiality = true | |
$_ssl = false | |
$_cookies = array() |
Slim - a micro PHP 5 framework.
Definition at line 54 of file CookieJar.php.
Slim_Http_CookieJar::__construct | ( | $secret, | |
$config = null |
|||
) |
Constructor.
Initialize cookie manager and mcrypt module.
string | $secret | Server's secret key |
array | $config |
Definition at line 101 of file CookieJar.php.
|
protected |
Decrypt a given data with a given key and a given initialisation vector.
string | $data | Data to crypt |
string | $key | Secret key |
string | $iv | Initialisation vector |
Definition at line 359 of file CookieJar.php.
References $data, $res, _validateIv(), and _validateKey().
Referenced by getCookieValue().
|
protected |
Encrypt a given data with a given key and a given initialisation vector.
string | $data | Data to crypt |
string | $key | Secret key |
string | $iv | Initialisation vector |
Definition at line 342 of file CookieJar.php.
References $data, $res, _validateIv(), and _validateKey().
Referenced by _secureCookieValue().
|
protected |
Secure a cookie value.
The initial value is transformed with this protocol:
secureValue = username|expire|base64((value)k,expire)|HMAC(user|expire|value,k) where k = HMAC(user|expire, sk) and sk is server's secret key (value)k,md5(expire) is the result an cryptographic function (ex: AES256) on "value" with key k and initialisation vector = md5(expire)
string | $value | Unsecure value |
string | $username | User identifier |
integer | $expire | Expiration time |
Definition at line 315 of file CookieJar.php.
References $result, _encrypt(), and getHighConfidentiality().
Referenced by setCookie().
|
protected |
Validate Initialization vector.
If given IV is too long for the selected mcrypt algorithm, it will be truncated
string | $iv | Initialization vector |
Definition at line 377 of file CookieJar.php.
Referenced by _decrypt(), and _encrypt().
|
protected |
Validate key.
If given key is too long for the selected mcrypt algorithm, it will be truncated
string | $key | key |
string |
Definition at line 393 of file CookieJar.php.
Referenced by _decrypt(), and _encrypt().
Slim_Http_CookieJar::cookieExists | ( | $cookiename | ) |
Verify if a cookie exists.
string | $cookiename |
Definition at line 296 of file CookieJar.php.
References $_COOKIE.
Referenced by getCookieValue().
Slim_Http_CookieJar::deleteCookie | ( | $name, | |
$path = '/' , |
|||
$domain = '' , |
|||
$secure = false , |
|||
$httponly = null |
|||
) |
Delete a cookie.
string | $name | Cookie name |
string | $path | Cookie path |
string | $domain | Cookie domain |
bool | $secure | When TRUE, send the cookie only on a secure connection |
bool | $httponly | When TRUE the cookie will be made accessible only through the HTTP protocol |
Definition at line 221 of file CookieJar.php.
References $path.
Referenced by getCookieValue().
Slim_Http_CookieJar::getCookieValue | ( | $cookiename, | |
$deleteIfInvalid = true |
|||
) |
Get a secure cookie value.
Verify the integrity of cookie data and decrypt it. If the cookie is invalid, it can be automatically destroyed (default behaviour)
string | $cookiename | Cookie name |
bool | $delete | Destroy the cookie if invalid? |
Definition at line 237 of file CookieJar.php.
References $_COOKIE, $data, _decrypt(), cookieExists(), deleteCookie(), and getHighConfidentiality().
Slim_Http_CookieJar::getHighConfidentiality | ( | ) |
Get the high confidentiality mode.
Definition at line 136 of file CookieJar.php.
References $_highConfidentiality.
Referenced by _secureCookieValue(), and getCookieValue().
Slim_Http_CookieJar::getResponseCookie | ( | $cookiename | ) |
Get Cookie with name for Response.
string | $cookiename | The name of the Cookie |
Definition at line 191 of file CookieJar.php.
Slim_Http_CookieJar::getResponseCookies | ( | ) |
Get Cookies for Response.
Definition at line 180 of file CookieJar.php.
References $_cookies.
Slim_Http_CookieJar::getSSL | ( | ) |
Get the SSL status (enabled or disabled?)
Definition at line 156 of file CookieJar.php.
References $_ssl.
Slim_Http_CookieJar::setClassicCookie | ( | $cookiename, | |
$value, | |||
$expire = 0 , |
|||
$path = '/' , |
|||
$domain = '' , |
|||
$secure = false , |
|||
$httponly = null |
|||
) |
Send a classic (unsecure) cookie.
string | $name | Cookie name |
string | $value | Cookie value |
integer | $expire | Expiration time |
string | $path | Cookie path |
string | $domain | Cookie domain |
bool | $secure | When TRUE, send the cookie only on a secure connection |
bool | $httponly | When TRUE the cookie will be made accessible only through the HTTP protocol |
Definition at line 279 of file CookieJar.php.
References $path.
Referenced by setCookie().
Slim_Http_CookieJar::setCookie | ( | $cookiename, | |
$value, | |||
$username, | |||
$expire = 0 , |
|||
$path = '/' , |
|||
$domain = '' , |
|||
$secure = false , |
|||
$httponly = null |
|||
) |
Set a secure cookie.
string | $name | Cookie name |
string | $value | Cookie value |
string | $username | User identifier |
integer | $expire | Expiration time |
string | $path | Cookie path |
string | $domain | Cookie domain |
bool | $secure | When TRUE, send the cookie only on a secure connection |
bool | $httponly | When TRUE the cookie will be made accessible only through the HTTP protocol |
Definition at line 207 of file CookieJar.php.
References $path, _secureCookieValue(), and setClassicCookie().
Slim_Http_CookieJar::setHighConfidentiality | ( | $enable | ) |
Enable or disable cookie data encryption.
bool | $enable | TRUE to enable, FALSE to disable |
Definition at line 146 of file CookieJar.php.
Slim_Http_CookieJar::setSSL | ( | $enable | ) |
Enable SSL support (not enabled by default)
Pro: Protect against replay attack Con: Cookie's lifetime is limited to SSL session's lifetime
bool | $enable | TRUE to enable, FALSE to disable |
Definition at line 169 of file CookieJar.php.
|
protected |
Definition at line 64 of file CookieJar.php.
|
protected |
Definition at line 89 of file CookieJar.php.
Referenced by getResponseCookies().
|
protected |
Definition at line 74 of file CookieJar.php.
|
protected |
Definition at line 79 of file CookieJar.php.
Referenced by getHighConfidentiality().
|
protected |
Definition at line 69 of file CookieJar.php.
|
protected |
Definition at line 59 of file CookieJar.php.
|
protected |
Definition at line 84 of file CookieJar.php.
Referenced by getSSL().