@@ -54,8 +54,8 @@ discard block |
||
54 | 54 | private $saltedKey; |
55 | 55 | |
56 | 56 | /** |
57 | - * @param $key a per-site secret string which is used as the base encryption key. |
|
58 | - * @param $salt a per-session random string which is used as a salt to generate a per-session key |
|
57 | + * @param string $key a per-site secret string which is used as the base encryption key. |
|
58 | + * @param string $salt a per-session random string which is used as a salt to generate a per-session key |
|
59 | 59 | * |
60 | 60 | * The base encryption key needs to stay secret. If an attacker ever gets it, they can read their session, |
61 | 61 | * and even modify & re-sign it. |
@@ -79,7 +79,7 @@ discard block |
||
79 | 79 | /** |
80 | 80 | * Encrypt and then sign some cleartext |
81 | 81 | * |
82 | - * @param $cleartext - The cleartext to encrypt and sign |
|
82 | + * @param string $cleartext - The cleartext to encrypt and sign |
|
83 | 83 | * @return string - The encrypted-and-signed message as base64 ASCII. |
84 | 84 | */ |
85 | 85 | public function encrypt($cleartext) { |
@@ -101,8 +101,8 @@ discard block |
||
101 | 101 | /** |
102 | 102 | * Check the signature on an encrypted-and-signed message, and if valid decrypt the content |
103 | 103 | * |
104 | - * @param $data - The encrypted-and-signed message as base64 ASCII |
|
105 | - * @return bool|string - The decrypted cleartext or false if signature failed |
|
104 | + * @param string $data - The encrypted-and-signed message as base64 ASCII |
|
105 | + * @return string|false - The decrypted cleartext or false if signature failed |
|
106 | 106 | */ |
107 | 107 | public function decrypt($data) { |
108 | 108 | $data = base64_decode($data); |
@@ -422,6 +422,9 @@ discard block |
||
422 | 422 | $this->setKey($this->getKey()); |
423 | 423 | } |
424 | 424 | |
425 | + /** |
|
426 | + * @param string $key |
|
427 | + */ |
|
425 | 428 | public function setKey($key) { |
426 | 429 | parent::setKey($key); |
427 | 430 | foreach($this->handlers as $handler) { |
@@ -7,7 +7,7 @@ discard block |
||
7 | 7 | * Then, either way, add a new function "register_sessionhandler" which takes a SessionHandlerInterface and |
8 | 8 | * registers it (including registering session_write_close as a shutdown function) |
9 | 9 | */ |
10 | -if(!interface_exists('SessionHandlerInterface')) { |
|
10 | +if (!interface_exists('SessionHandlerInterface')) { |
|
11 | 11 | interface SessionHandlerInterface { |
12 | 12 | /* Methods */ |
13 | 13 | public function close(); |
@@ -19,7 +19,7 @@ discard block |
||
19 | 19 | } |
20 | 20 | } |
21 | 21 | |
22 | -if(version_compare(PHP_VERSION, '5.4.0', '<')) { |
|
22 | +if (version_compare(PHP_VERSION, '5.4.0', '<')) { |
|
23 | 23 | function register_sessionhandler($handler) { |
24 | 24 | session_set_save_handler( |
25 | 25 | array($handler, 'open'), |
@@ -95,7 +95,7 @@ discard block |
||
95 | 95 | |
96 | 96 | $hash = hash_hmac('sha256', $enc, $this->saltedKey); |
97 | 97 | |
98 | - return base64_encode($iv.$hash.$enc); |
|
98 | + return base64_encode($iv . $hash . $enc); |
|
99 | 99 | } |
100 | 100 | |
101 | 101 | /** |
@@ -161,8 +161,8 @@ discard block |
||
161 | 161 | */ |
162 | 162 | protected function getLifetime() { |
163 | 163 | $params = session_get_cookie_params(); |
164 | - $cookieLifetime = (int)$params['lifetime']; |
|
165 | - $gcLifetime = (int)ini_get('session.gc_maxlifetime'); |
|
164 | + $cookieLifetime = (int) $params['lifetime']; |
|
165 | + $gcLifetime = (int) ini_get('session.gc_maxlifetime'); |
|
166 | 166 | return $cookieLifetime ? min($cookieLifetime, $gcLifetime) : $gcLifetime; |
167 | 167 | } |
168 | 168 | |
@@ -172,7 +172,7 @@ discard block |
||
172 | 172 | * @return int |
173 | 173 | */ |
174 | 174 | protected function getNow() { |
175 | - return (int)SS_Datetime::now()->Format('U'); |
|
175 | + return (int) SS_Datetime::now()->Format('U'); |
|
176 | 176 | } |
177 | 177 | } |
178 | 178 | |
@@ -227,7 +227,7 @@ discard block |
||
227 | 227 | protected $currentCookieData; |
228 | 228 | |
229 | 229 | public function open($save_path, $name) { |
230 | - $this->cookie = $name.'_2'; |
|
230 | + $this->cookie = $name . '_2'; |
|
231 | 231 | // Read the incoming value, then clear the cookie - we might not be able |
232 | 232 | // to do so later if write() is called after headers are sent |
233 | 233 | // This is intended to force a failover to the database store if the |
@@ -247,7 +247,7 @@ discard block |
||
247 | 247 | */ |
248 | 248 | protected function getCrypto($session_id) { |
249 | 249 | $key = $this->getKey(); |
250 | - if(!$key) return null; |
|
250 | + if (!$key) return null; |
|
251 | 251 | if (!$this->crypto || $this->crypto->salt != $session_id) { |
252 | 252 | $this->crypto = new HybridSessionStore_Crypto($key, $session_id); |
253 | 253 | } |
@@ -256,7 +256,7 @@ discard block |
||
256 | 256 | |
257 | 257 | public function read($session_id) { |
258 | 258 | // Check ability to safely decrypt content |
259 | - if(!$this->currentCookieData |
|
259 | + if (!$this->currentCookieData |
|
260 | 260 | || !($crypto = $this->getCrypto($session_id)) |
261 | 261 | ) return; |
262 | 262 | |
@@ -266,7 +266,7 @@ discard block |
||
266 | 266 | |
267 | 267 | // Verify expiration |
268 | 268 | if ($cookieData) { |
269 | - $expiry = (int)substr($cookieData, 0, 10); |
|
269 | + $expiry = (int) substr($cookieData, 0, 10); |
|
270 | 270 | $data = substr($cookieData, 10); |
271 | 271 | |
272 | 272 | if ($expiry > $this->getNow()) return $data; |
@@ -284,7 +284,7 @@ discard block |
||
284 | 284 | |
285 | 285 | public function write($session_id, $session_data) { |
286 | 286 | // Check ability to safely encrypt and write content |
287 | - if(!$this->canWrite() |
|
287 | + if (!$this->canWrite() |
|
288 | 288 | || (strlen($session_data) > Config::inst()->get(__CLASS__, 'max_length')) |
289 | 289 | || !($crypto = $this->getCrypto($session_id)) |
290 | 290 | ) return false; |
@@ -301,7 +301,7 @@ discard block |
||
301 | 301 | ); |
302 | 302 | |
303 | 303 | // Respect auto-expire on browser close for the session cookie (in case the cookie lifetime is zero) |
304 | - $cookieLifetime = min((int)$params['lifetime'], $lifetime); |
|
304 | + $cookieLifetime = min((int) $params['lifetime'], $lifetime); |
|
305 | 305 | Cookie::set( |
306 | 306 | $this->cookie, |
307 | 307 | $this->currentCookieData, |
@@ -335,7 +335,7 @@ discard block |
||
335 | 335 | */ |
336 | 336 | protected function isDatabaseReady() { |
337 | 337 | // Such as during setup of testsession prior to DB connection. |
338 | - if(!DB::isActive()) return false; |
|
338 | + if (!DB::isActive()) return false; |
|
339 | 339 | |
340 | 340 | // If we have a DB of the wrong type then complain |
341 | 341 | if (!(DB::getConn() instanceof MySQLDatabase)) { |
@@ -353,7 +353,7 @@ discard block |
||
353 | 353 | } |
354 | 354 | |
355 | 355 | public function read($session_id) { |
356 | - if(!$this->isDatabaseReady()) return null; |
|
356 | + if (!$this->isDatabaseReady()) return null; |
|
357 | 357 | |
358 | 358 | $result = DB::query(sprintf( |
359 | 359 | 'SELECT "Data" FROM "HybridSessionDataObject" |
@@ -369,7 +369,7 @@ discard block |
||
369 | 369 | } |
370 | 370 | |
371 | 371 | public function write($session_id, $session_data) { |
372 | - if(!$this->isDatabaseReady()) return false; |
|
372 | + if (!$this->isDatabaseReady()) return false; |
|
373 | 373 | |
374 | 374 | $expiry = $this->getNow() + $this->getLifetime(); |
375 | 375 | DB::query($str = sprintf( |
@@ -389,7 +389,7 @@ discard block |
||
389 | 389 | } |
390 | 390 | |
391 | 391 | public function gc($maxlifetime) { |
392 | - if(!$this->isDatabaseReady()) return; |
|
392 | + if (!$this->isDatabaseReady()) return; |
|
393 | 393 | DB::query(sprintf( |
394 | 394 | 'DELETE FROM "HybridSessionDataObject" WHERE "Expiry" < %u', |
395 | 395 | $this->getNow() |
@@ -424,7 +424,7 @@ discard block |
||
424 | 424 | |
425 | 425 | public function setKey($key) { |
426 | 426 | parent::setKey($key); |
427 | - foreach($this->handlers as $handler) { |
|
427 | + foreach ($this->handlers as $handler) { |
|
428 | 428 | $handler->setKey($key); |
429 | 429 | } |
430 | 430 | } |
@@ -444,7 +444,7 @@ discard block |
||
444 | 444 | return true; |
445 | 445 | } |
446 | 446 | |
447 | - public function close(){ |
|
447 | + public function close() { |
|
448 | 448 | foreach ($this->handlers as $handler) { |
449 | 449 | $handler->close(); |
450 | 450 | } |
@@ -485,7 +485,7 @@ discard block |
||
485 | 485 | */ |
486 | 486 | public static function init($key = null) { |
487 | 487 | $instance = Injector::inst()->get(__CLASS__); |
488 | - if(empty($key)) { |
|
488 | + if (empty($key)) { |
|
489 | 489 | user_error( |
490 | 490 | 'HybridSessionStore::init() was not given a $key. Disabling cookie-based storage', |
491 | 491 | E_USER_WARNING |
@@ -508,7 +508,7 @@ discard block |
||
508 | 508 | } |
509 | 509 | |
510 | 510 | public function postRequest(SS_HTTPRequest $request, SS_HTTPResponse $response, DataModel $model) { |
511 | - if(HybridSessionStore::is_enabled()) { |
|
511 | + if (HybridSessionStore::is_enabled()) { |
|
512 | 512 | session_write_close(); |
513 | 513 | } |
514 | 514 | } |
@@ -32,8 +32,7 @@ discard block |
||
32 | 32 | |
33 | 33 | register_shutdown_function('session_write_close'); |
34 | 34 | } |
35 | -} |
|
36 | -else { |
|
35 | +} else { |
|
37 | 36 | function register_sessionhandler($handler) { |
38 | 37 | session_set_save_handler($handler, true); |
39 | 38 | } |
@@ -122,7 +121,9 @@ discard block |
||
122 | 121 | // Needs to be after decrypt so it always runs, to avoid timing attack |
123 | 122 | $gen_hash = hash_hmac('sha256', $enc, $this->saltedKey); |
124 | 123 | |
125 | - if ($gen_hash == $hash) return $cleartext; |
|
124 | + if ($gen_hash == $hash) { |
|
125 | + return $cleartext; |
|
126 | + } |
|
126 | 127 | return false; |
127 | 128 | } |
128 | 129 | } |
@@ -233,7 +234,9 @@ discard block |
||
233 | 234 | // This is intended to force a failover to the database store if the |
234 | 235 | // modified session cannot be emitted. |
235 | 236 | $this->currentCookieData = Cookie::get($this->cookie); |
236 | - if ($this->currentCookieData) Cookie::set($this->cookie, ''); |
|
237 | + if ($this->currentCookieData) { |
|
238 | + Cookie::set($this->cookie, ''); |
|
239 | + } |
|
237 | 240 | } |
238 | 241 | |
239 | 242 | public function close() { |
@@ -247,7 +250,9 @@ discard block |
||
247 | 250 | */ |
248 | 251 | protected function getCrypto($session_id) { |
249 | 252 | $key = $this->getKey(); |
250 | - if(!$key) return null; |
|
253 | + if(!$key) { |
|
254 | + return null; |
|
255 | + } |
|
251 | 256 | if (!$this->crypto || $this->crypto->salt != $session_id) { |
252 | 257 | $this->crypto = new HybridSessionStore_Crypto($key, $session_id); |
253 | 258 | } |
@@ -258,7 +263,9 @@ discard block |
||
258 | 263 | // Check ability to safely decrypt content |
259 | 264 | if(!$this->currentCookieData |
260 | 265 | || !($crypto = $this->getCrypto($session_id)) |
261 | - ) return; |
|
266 | + ) { |
|
267 | + return; |
|
268 | + } |
|
262 | 269 | |
263 | 270 | // Decrypt and invalidate old data |
264 | 271 | $cookieData = $crypto->decrypt($this->currentCookieData); |
@@ -269,7 +276,9 @@ discard block |
||
269 | 276 | $expiry = (int)substr($cookieData, 0, 10); |
270 | 277 | $data = substr($cookieData, 10); |
271 | 278 | |
272 | - if ($expiry > $this->getNow()) return $data; |
|
279 | + if ($expiry > $this->getNow()) { |
|
280 | + return $data; |
|
281 | + } |
|
273 | 282 | } |
274 | 283 | } |
275 | 284 | |
@@ -287,7 +296,9 @@ discard block |
||
287 | 296 | if(!$this->canWrite() |
288 | 297 | || (strlen($session_data) > Config::inst()->get(__CLASS__, 'max_length')) |
289 | 298 | || !($crypto = $this->getCrypto($session_id)) |
290 | - ) return false; |
|
299 | + ) { |
|
300 | + return false; |
|
301 | + } |
|
291 | 302 | |
292 | 303 | // Prepare content for write |
293 | 304 | $params = session_get_cookie_params(); |
@@ -335,7 +346,9 @@ discard block |
||
335 | 346 | */ |
336 | 347 | protected function isDatabaseReady() { |
337 | 348 | // Such as during setup of testsession prior to DB connection. |
338 | - if(!DB::isActive()) return false; |
|
349 | + if(!DB::isActive()) { |
|
350 | + return false; |
|
351 | + } |
|
339 | 352 | |
340 | 353 | // If we have a DB of the wrong type then complain |
341 | 354 | if (!(DB::getConn() instanceof MySQLDatabase)) { |
@@ -353,7 +366,9 @@ discard block |
||
353 | 366 | } |
354 | 367 | |
355 | 368 | public function read($session_id) { |
356 | - if(!$this->isDatabaseReady()) return null; |
|
369 | + if(!$this->isDatabaseReady()) { |
|
370 | + return null; |
|
371 | + } |
|
357 | 372 | |
358 | 373 | $result = DB::query(sprintf( |
359 | 374 | 'SELECT "Data" FROM "HybridSessionDataObject" |
@@ -369,7 +384,9 @@ discard block |
||
369 | 384 | } |
370 | 385 | |
371 | 386 | public function write($session_id, $session_data) { |
372 | - if(!$this->isDatabaseReady()) return false; |
|
387 | + if(!$this->isDatabaseReady()) { |
|
388 | + return false; |
|
389 | + } |
|
373 | 390 | |
374 | 391 | $expiry = $this->getNow() + $this->getLifetime(); |
375 | 392 | DB::query($str = sprintf( |
@@ -389,7 +406,9 @@ discard block |
||
389 | 406 | } |
390 | 407 | |
391 | 408 | public function gc($maxlifetime) { |
392 | - if(!$this->isDatabaseReady()) return; |
|
409 | + if(!$this->isDatabaseReady()) { |
|
410 | + return; |
|
411 | + } |
|
393 | 412 | DB::query(sprintf( |
394 | 413 | 'DELETE FROM "HybridSessionDataObject" WHERE "Expiry" < %u', |
395 | 414 | $this->getNow() |
@@ -454,7 +473,9 @@ discard block |
||
454 | 473 | |
455 | 474 | public function read($session_id) { |
456 | 475 | foreach ($this->handlers as $handler) { |
457 | - if ($data = $handler->read($session_id)) return $data; |
|
476 | + if ($data = $handler->read($session_id)) { |
|
477 | + return $data; |
|
478 | + } |
|
458 | 479 | } |
459 | 480 | |
460 | 481 | return ''; |
@@ -462,7 +483,9 @@ discard block |
||
462 | 483 | |
463 | 484 | public function write($session_id, $session_data) { |
464 | 485 | foreach ($this->handlers as $handler) { |
465 | - if ($handler->write($session_id, $session_data)) return; |
|
486 | + if ($handler->write($session_id, $session_data)) { |
|
487 | + return; |
|
488 | + } |
|
466 | 489 | } |
467 | 490 | } |
468 | 491 |