ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
CookieJar.php
Go to the documentation of this file.
1<?php
55
59 protected $_secret = '';
60
64 protected $_algorithm = MCRYPT_RIJNDAEL_256;
65
69 protected $_mode = MCRYPT_MODE_CBC;
70
74 protected $_cryptModule = null;
75
79 protected $_highConfidentiality = true;
80
84 protected $_ssl = false;
85
89 protected $_cookies = array();
90
101 public function __construct( $secret, $config = null ) {
102 if ( empty($secret) ) {
103 throw new Exception('You must provide a secret key');
104 }
105 $this->_secret = $secret;
106 if ( $config !== null && !is_array($config) ) {
107 throw new Exception('Config must be an array');
108 }
109 if ( is_array($config) ) {
110 if ( isset($config['high_confidentiality']) ) {
111 $this->_highConfidentiality = $config['high_confidentiality'];
112 }
113 if ( isset($config['mcrypt_algorithm']) ) {
114 $this->_algorithm = $config['mcrypt_algorithm'];
115 }
116 if ( isset($config['mcrypt_mode']) ) {
117 $this->_mode = $config['mcrypt_mode'];
118 }
119 if ( isset($config['enable_ssl']) ) {
120 $this->_ssl = $config['enable_ssl'];
121 }
122 }
123 if ( extension_loaded('mcrypt') ) {
124 $this->_cryptModule = mcrypt_module_open($this->_algorithm, '', $this->_mode, '');
125 if ( $this->_cryptModule === false ) {
126 throw new Exception('Error while loading mcrypt module');
127 }
128 }
129 }
130
136 public function getHighConfidentiality() {
138 }
139
146 public function setHighConfidentiality( $enable ) {
147 $this->_highConfidentiality = (bool)$enable;
148 return $this;
149 }
150
156 public function getSSL() {
157 return $this->_ssl;
158 }
159
169 public function setSSL( $enable ) {
170 $this->_ssl = (bool)$enable;
171 return $this;
172 }
173
180 public function getResponseCookies() {
181 return $this->_cookies;
182 }
183
191 public function getResponseCookie( $cookiename ) {
192 return isset($this->_cookies[$cookiename]) ? $this->_cookies[$cookiename] : null;
193 }
194
207 public function setCookie( $cookiename, $value, $username, $expire = 0, $path = '/', $domain = '', $secure = false, $httponly = null ) {
208 $secureValue = extension_loaded('mcrypt') ? $this->_secureCookieValue($value, $username, $expire) : $value;
209 $this->setClassicCookie($cookiename, $secureValue, $expire, $path, $domain, $secure, $httponly);
210 }
211
221 public function deleteCookie( $name, $path = '/', $domain = '', $secure = false, $httponly = null ) {
222 $expire = 315554400; /* 1980-01-01 */
223 $this->_cookies[$name] = new Slim_Http_Cookie($name, '', $expire, $path, $domain, $secure, $httponly);
224 //setcookie($name, '', $expire, $path, $domain, $secure, $httponly);
225 }
226
237 public function getCookieValue( $cookiename, $deleteIfInvalid = true ) {
238 if ( $this->cookieExists($cookiename) ) {
239 if ( extension_loaded('mcrypt') ) {
240 $cookieValues = explode('|', $_COOKIE[$cookiename]);
241 if ( (count($cookieValues) === 4) && ($cookieValues[1] == 0 || $cookieValues[1] >= time()) ) {
242 $key = hash_hmac('sha1', $cookieValues[0] . $cookieValues[1], $this->_secret);
243 $cookieData = base64_decode($cookieValues[2]);
244 if ( $cookieData !== '' && $this->getHighConfidentiality() ) {
245 $data = $this->_decrypt($cookieData, $key, md5($cookieValues[1]));
246 } else {
247 $data = $cookieData;
248 }
249 if ( $this->_ssl && isset($_SERVER['SSL_SESSION_ID']) ) {
250 $verifKey = hash_hmac('sha1', $cookieValues[0] . $cookieValues[1] . $data . $_SERVER['SSL_SESSION_ID'], $key);
251 } else {
252 $verifKey = hash_hmac('sha1', $cookieValues[0] . $cookieValues[1] . $data, $key);
253 }
254 if ( $verifKey == $cookieValues[3] ) {
255 return $data;
256 }
257 }
258 } else {
259 return $_COOKIE[$cookiename];
260 }
261 }
262 if ( $deleteIfInvalid ) {
263 $this->deleteCookie($cookiename);
264 }
265 return false;
266 }
267
279 public function setClassicCookie( $cookiename, $value, $expire = 0, $path = '/', $domain = '', $secure = false, $httponly = null ) {
280 /* httponly option is only available for PHP version >= 5.2 */
281 if ( $httponly === null ) {
282 $this->_cookies[$cookiename] = new Slim_Http_Cookie($cookiename, $value, $expire, $path, $domain, $secure);
283 //setcookie($cookiename, $value, $expire, $path, $domain, $secure);
284 } else {
285 $this->_cookies[$cookiename] = new Slim_Http_Cookie($cookiename, $value, $expire, $path, $domain, $secure, $httponly);
286 //setcookie($cookiename, $value, $expire, $path, $domain, $secure, $httponly);
287 }
288 }
289
296 public function cookieExists($cookiename) {
297 return isset($_COOKIE[$cookiename]);
298 }
299
315 protected function _secureCookieValue( $value, $username, $expire ) {
316 if ( is_string($expire) ) {
317 $expire = strtotime($expire);
318 }
319 $key = hash_hmac('sha1', $username . $expire, $this->_secret);
320 if ( $value !== '' && $this->getHighConfidentiality() ) {
321 $encryptedValue = base64_encode($this->_encrypt($value, $key, md5($expire)));
322 } else {
323 $encryptedValue = base64_encode($value);
324 }
325 if ( $this->_ssl && isset($_SERVER['SSL_SESSION_ID']) ) {
326 $verifKey = hash_hmac('sha1', $username . $expire . $value . $_SERVER['SSL_SESSION_ID'], $key);
327 } else {
328 $verifKey = hash_hmac('sha1', $username . $expire . $value, $key);
329 }
330 $result = array($username, $expire, $encryptedValue, $verifKey);
331 return implode('|', $result);
332 }
333
342 protected function _encrypt( $data, $key, $iv ) {
343 $iv = $this->_validateIv($iv);
344 $key = $this->_validateKey($key);
345 mcrypt_generic_init($this->_cryptModule, $key, $iv);
346 $res = @mcrypt_generic($this->_cryptModule, $data);
347 mcrypt_generic_deinit($this->_cryptModule);
348 return $res;
349 }
350
359 protected function _decrypt( $data, $key, $iv ) {
360 $iv = $this->_validateIv($iv);
361 $key = $this->_validateKey($key);
362 mcrypt_generic_init($this->_cryptModule, $key, $iv);
363 $decryptedData = mdecrypt_generic($this->_cryptModule, $data);
364 $res = str_replace("\x0", '', $decryptedData);
365 mcrypt_generic_deinit($this->_cryptModule);
366 return $res;
367 }
368
377 protected function _validateIv($iv) {
378 $ivSize = mcrypt_enc_get_iv_size($this->_cryptModule);
379 if ( strlen($iv) > $ivSize ) {
380 $iv = substr($iv, 0, $ivSize);
381 }
382 return $iv;
383 }
384
393 protected function _validateKey($key) {
394 $keySize = mcrypt_enc_get_key_size($this->_cryptModule);
395 if ( strlen($key) > $keySize ) {
396 $key = substr($key, 0, $keySize);
397 }
398 return $key;
399 }
400
401}
$result
Slim - a micro PHP 5 framework.
Definition: CookieJar.php:54
_decrypt( $data, $key, $iv)
Decrypt a given data with a given key and a given initialisation vector.
Definition: CookieJar.php:359
deleteCookie( $name, $path='/', $domain='', $secure=false, $httponly=null)
Delete a cookie.
Definition: CookieJar.php:221
_secureCookieValue( $value, $username, $expire)
Secure a cookie value.
Definition: CookieJar.php:315
getResponseCookies()
Get Cookies for Response.
Definition: CookieJar.php:180
getResponseCookie( $cookiename)
Get Cookie with name for Response.
Definition: CookieJar.php:191
setCookie( $cookiename, $value, $username, $expire=0, $path='/', $domain='', $secure=false, $httponly=null)
Set a secure cookie.
Definition: CookieJar.php:207
getHighConfidentiality()
Get the high confidentiality mode.
Definition: CookieJar.php:136
cookieExists($cookiename)
Verify if a cookie exists.
Definition: CookieJar.php:296
__construct( $secret, $config=null)
Constructor.
Definition: CookieJar.php:101
getCookieValue( $cookiename, $deleteIfInvalid=true)
Get a secure cookie value.
Definition: CookieJar.php:237
_validateKey($key)
Validate key.
Definition: CookieJar.php:393
setClassicCookie( $cookiename, $value, $expire=0, $path='/', $domain='', $secure=false, $httponly=null)
Send a classic (unsecure) cookie.
Definition: CookieJar.php:279
_validateIv($iv)
Validate Initialization vector.
Definition: CookieJar.php:377
setSSL( $enable)
Enable SSL support (not enabled by default)
Definition: CookieJar.php:169
_encrypt( $data, $key, $iv)
Encrypt a given data with a given key and a given initialisation vector.
Definition: CookieJar.php:342
setHighConfidentiality( $enable)
Enable or disable cookie data encryption.
Definition: CookieJar.php:146
getSSL()
Get the SSL status (enabled or disabled?)
Definition: CookieJar.php:156
$_COOKIE["ilClientId"]
Definition: cron.php:11
$data
$path
Definition: index.php:22
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']