當前位置: 首頁>>代碼示例>>PHP>>正文


PHP session_regenerate_id函數代碼示例

本文整理匯總了PHP中session_regenerate_id函數的典型用法代碼示例。如果您正苦於以下問題:PHP session_regenerate_id函數的具體用法?PHP session_regenerate_id怎麽用?PHP session_regenerate_id使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。


在下文中一共展示了session_regenerate_id函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。

示例1: sec_session_start

function sec_session_start()
{
    $session_name = 'exatest_session_id';
    //Asignamos un nombre de sesión
    $secure = false;
    //mejor en config.php Lo ideal sería true para trabajar con https
    $httponly = true;
    // Obliga a la sesión a utilizar solo cookies.
    // Habilitar este ajuste previene ataques que impican pasar el id de sesión en la URL.
    if (ini_set('session.use_only_cookies', 1) === FALSE) {
        $action = "error";
        $error = "No puedo iniciar una sesion segura (ini_set)";
    }
    // Obtener los parámetros de la cookie de sesión
    $cookieParams = session_get_cookie_params();
    session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly);
    //Marca la cookie como accesible sólo a través del protocolo HTTP.
    //Esto siginifica que la cookie no será accesible por lenguajes de script,
    // tales como JavaScript.
    //Este ajuste puede ayudar de manera efectiva a reducir robos de
    //indentidad a través de ataques
    // Incia la sesión PHP
    session_name($session_name);
    session_start();
    // Actualiza el id de sesión actual con uno generado más reciente
    //Ayuda a evitar ataques de fijación de sesión
    session_regenerate_id(true);
}
開發者ID:andoniaf,項目名稱:GBD_exatest,代碼行數:28,代碼來源:functions.php

示例2: xoonips_session_regenerate

function xoonips_session_regenerate()
{
    $old_sessid = session_id();
    session_regenerate_id();
    $new_sessid = session_id();
    session_id($old_sessid);
    session_destroy();
    $old_session = $_SESSION;
    session_id($new_sessid);
    $sess_handler =& xoops_gethandler('session');
    session_set_save_handler(array(&$sess_handler, 'open'), array(&$sess_handler, 'close'), array(&$sess_handler, 'read'), array(&$sess_handler, 'write'), array(&$sess_handler, 'destroy'), array(&$sess_handler, 'gc'));
    session_start();
    $_SESSION = array();
    foreach (array_keys($old_session) as $key) {
        $_SESSION[$key] = $old_session[$key];
    }
    // write and close session for xnp_is_valid_session_id()
    session_write_close();
    // restart session
    session_set_save_handler(array(&$sess_handler, 'open'), array(&$sess_handler, 'close'), array(&$sess_handler, 'read'), array(&$sess_handler, 'write'), array(&$sess_handler, 'destroy'), array(&$sess_handler, 'gc'));
    session_start();
    $_SESSION = array();
    foreach (array_keys($old_session) as $key) {
        $_SESSION[$key] = $old_session[$key];
    }
}
開發者ID:XoopsModules25x,項目名稱:xcl-module-xoonips,代碼行數:26,代碼來源:session.php

示例3: loggedOutProtect

 public function loggedOutProtect()
 {
     if ($this->loggedIn() === false) {
         header('Location: ' . BASE_URL . 'login');
         exit;
     }
     // source: http://stackoverflow.com/a/1270960/2790481
     // last request was more than 1 day ago
     if (isset($_SESSION['LAST_ACTIVITY']) && time() - $_SESSION['LAST_ACTIVITY'] > 86400) {
         session_unset();
         // unset $_SESSION variable for the run-time
         session_destroy();
         // destroy session data in storage
         header('Location: ' . BASE_URL . 'login');
         exit;
     }
     $_SESSION['LAST_ACTIVITY'] = time();
     // update last activity time stamp
     if (!isset($_SESSION['CREATED'])) {
         $_SESSION['CREATED'] = time();
     } else {
         if (time() - $_SESSION['CREATED'] > 3600) {
             // session started more than 1 hour ago
             $id = $_SESSION['id'];
             // better security - avoid fixation attack.
             session_regenerate_id(true);
             // change session ID for the current session and invalidate old session ID
             $_SESSION['CREATED'] = time();
             // update creation time
             $_SESSION['id'] = $id;
             $_SESSION['LAST_ACTIVITY'] = time();
             // update last activity time stamp
         }
     }
 }
開發者ID:sass-team,項目名稱:sass-app,代碼行數:35,代碼來源:General.class.php

示例4: checkLogin

 public function checkLogin()
 {
     session_start();
     if (isset($_SESSION['LAST_ACTIVITY']) && time() - $_SESSION['LAST_ACTIVITY'] > 1800) {
         // last request was more than 30 minutes ago
         session_unset();
         // unset $_SESSION variable for the run-time
         session_destroy();
         // destroy session data in storage
         session_write_close();
         setcookie(session_name(), '', 0, '/');
         session_regenerate_id(true);
     }
     $_SESSION['LAST_ACTIVITY'] = time();
     // update last activity time stamp
     $input = Request::only('username', 'password');
     // param was set in the query string
     if (!empty($input['username']) && !is_null($input['username'])) {
         // query string had param set to nothing ie ?param=&param2=something
         $_SESSION['username'] = $input['username'];
         $_SESSION['password'] = $input['password'];
     }
     if (!empty($_SESSION['username']) && !is_null($_SESSION['password'])) {
         $count = Admin::where('username', $_SESSION['username'])->where('password', md5(md5($_SESSION['password'])))->count();
         if ($count) {
             return true;
         }
     }
     session_unset();
     session_destroy();
     session_write_close();
     setcookie(session_name(), '', 0, '/');
     session_regenerate_id(true);
     return false;
 }
開發者ID:haclongkim,項目名稱:newsedu,代碼行數:35,代碼來源:Controller.php

示例5: regenerate

 /**
  * セッションIDを再生成する
  *
  * @param boolean $destroy trueの場合は古いセッションを破棄する
  */
 public function regenerate($destroy = true)
 {
     if (!self::$sessionIdRegenerated) {
         session_regenerate_id($destroy);
         self::$sessionIdRegenerated = true;
     }
 }
開發者ID:takahashi21,項目名稱:light,代碼行數:12,代碼來源:Session.php

示例6: Authenticate

 public function Authenticate(\model\User $user)
 {
     if ($this->users->GetUserLoginsForHour($user) > self::$MAX_LOGINS_PER_HOUR) {
         throw new \Exception("Max login attempts for username '" . $user->GetUserName() . "' reached. Please try again in 30-60 minutes.");
     }
     // Assert that the password is in plain text.
     assert($user->IsPasswordHashed() == false);
     // Log this login attempt in DAL
     $this->users->AddLoginAttempt($user);
     // Get user from database, if user exists
     $userFromDB = $this->users->GetUserByUsername($user->GetUserName());
     if ($userFromDB) {
         // Verify password in user object against password in db table row.
         if (password_verify($user->GetPassword(), $userFromDB->GetPassword())) {
             // Hash password in user object. Does no need to be in clear text anymore.
             $user->HashPassword();
             // Add id from DBuser to user
             $user->SetUserId($userFromDB->GetUserId());
             // Regenerate session
             session_regenerate_id(true);
             // Return user from DB
             return $user;
         }
     }
     return false;
 }
開發者ID:johnnypesola,項目名稱:1dv608-Assignment-2,代碼行數:26,代碼來源:AuthService.php

示例7: tryLogin

 public function tryLogin($data)
 {
     // Reject requests
     if ($this->isExceedingRateLimit(2)) {
         $this->response->setStatusCode(429, 'Too many requests');
         $this->flash->notice('Too many requests.');
         return false;
     }
     /** @var User $user */
     $user = User::findFirst(['email = :email:', 'bind' => ['email' => $data['user']]]);
     // Sleep for 1-500ms
     usleep(mt_rand(1000, 500000));
     if ($user && $user->validatePassword($data['password'])) {
         // Validate TOTP token
         // This needs to be done at this stage as the two factor auth key is
         // encrypted with the user's password.
         if ($otpKey = $user->getOtpKey($data['password'])) {
             $otp = new \Rych\OTP\TOTP($otpKey);
             if (!$otp->validate($data['token'])) {
                 $this->flash->error('Incorrect login details');
                 return false;
             }
         }
         $keyService = new \Stecman\Passnote\AccountKeyService();
         $keyService->unlockAccountKeyForSession($user, $data['password']);
         $this->session->set(Security::SESSION_USER_ID, $user->id);
         $this->session->set(Security::SESSION_KEY, $user->getSessionKey());
         session_regenerate_id();
         $this->response->redirect('');
     } else {
         // Keep timing
         $this->security->hash(openssl_random_pseudo_bytes(12));
         $this->flash->error('Incorrect login details');
     }
 }
開發者ID:stecman,項目名稱:passnote,代碼行數:35,代碼來源:AuthController.php

示例8: reset

 /**
  * Reset session
  */
 public function reset()
 {
     // Clear session vars
     session_unset();
     // Create new session id
     session_regenerate_id(false);
 }
開發者ID:richardhoppes,項目名稱:Yarbles,代碼行數:10,代碼來源:Session.php

示例9: sec_session_start

function sec_session_start()
{
    session_start();
    // Start the php session
    session_regenerate_id(true);
    // regenerated the session, delete the old one
}
開發者ID:janedc,項目名稱:steamlug.org,代碼行數:7,代碼來源:session.php

示例10: open

 /**
  * Open a session
  *
  * @access public
  * @param  string   $base_path    Cookie path
  */
 public function open($base_path = '/')
 {
     // HttpOnly and secure flags for session cookie
     session_set_cookie_params(SESSION_DURATION, $base_path ?: '/', null, Request::isHTTPS(), true);
     // Avoid session id in the URL
     ini_set('session.use_only_cookies', '1');
     // Enable strict mode
     if (version_compare(PHP_VERSION, '7.0.0') < 0) {
         ini_set('session.use_strict_mode', '1');
     }
     // Ensure session ID integrity
     ini_set('session.entropy_file', '/dev/urandom');
     ini_set('session.entropy_length', '32');
     ini_set('session.hash_bits_per_character', 6);
     // If the session was autostarted with session.auto_start = 1 in php.ini destroy it
     if (isset($_SESSION)) {
         session_destroy();
     }
     // Custom session name
     session_name('__S');
     // Start the session
     session_start();
     // Regenerate the session id to avoid session fixation issue
     if (empty($_SESSION['__validated'])) {
         session_regenerate_id(true);
         $_SESSION['__validated'] = 1;
     }
 }
開發者ID:namaljayathunga,項目名稱:kanboard,代碼行數:34,代碼來源:Session.php

示例11: sec_session_start

function sec_session_start()
{
    $session_name = 'sec_session_id';
    // Set a custom session name
    $secure = false;
    // Set to true if using https.
    $httponly = true;
    // This stops javascript being able to access the session id.
    ini_set('session.use_only_cookies', 1);
    // Forces sessions to only use cookies.
    $cookieParams = session_get_cookie_params();
    // Gets current cookies params.
    session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly);
    session_name($session_name);
    // Sets the session name to the one set above.
    session_start();
    // Start the php session
    session_regenerate_id(false);
    // regenerated the session, delete the old one.
    $inactive = 600;
    // check to see if $_SESSION['timeout'] is set
    if (isset($_SESSION['timeout'])) {
        $session_life = time() - $_SESSION['timeout'];
        if ($session_life > $inactive) {
            echo "<script language=javascript>\n\t\talert('Sesi Telah Habis');</script>";
            echo '<script type=text/javascript>
		window.location = "logout.php";
		</script>';
        }
    }
    $_SESSION['timeout'] = time();
}
開發者ID:lillongcillong,項目名稱:TA-LabMS-LSKK-STEI-ITB,代碼行數:32,代碼來源:functions.php

示例12: checkLogin

function checkLogin($mysqli)
{
    $email = trim(htmlentities($_POST['email'], ENT_QUOTES, "UTF-8"));
    $email = $mysqli->real_escape_string($email);
    $emailExist = $mysqli->query("SELECT id, password FROM users WHERE email = '{$email}' ");
    if ($emailExist->num_rows == 1) {
        $userArray = $emailExist->fetch_array();
        $userId = $userArray['id'];
        $password = $userArray['password'];
    }
    if ($emailExist->num_rows == 0 || md5($_POST['password']) != $password) {
        return false;
    }
    /* Neue Session erstellen */
    session_regenerate_id();
    $sessionId = session_id();
    $_SESSION['userId'] = $userId;
    $_SESSION['sessionId'] = $sessionId;
    $time = time();
    $date = date('Y-m-d H:i:s');
    /* Gucken ob noch alte Session */
    $deleteOldSession = $mysqli->query("DELETE FROM sessions WHERE userId = '{$userId}' ");
    $write = $mysqli->query("INSERT INTO sessions VALUES ('{$userId}', '{$sessionId}', '{$time}')");
    $update = $mysqli->query("UPDATE users SET lastLogin = '{$date}' WHERE id = '{$userId}' ");
    return true;
}
開發者ID:vladvoth,項目名稱:adviceList,代碼行數:26,代碼來源:login_functions.php

示例13: forum_session_start

function forum_session_start()
{
    static $forum_session_started = FALSE;
    $return = ($hook = get_hook('fn_forum_session_start_start')) ? eval($hook) : null;
    if ($return != null) {
        return;
    }
    // Check if session already started
    if ($forum_session_started && session_id()) {
        return;
    }
    session_cache_limiter(FALSE);
    // Check session id
    $forum_session_id = NULL;
    if (isset($_COOKIE['PHPSESSID'])) {
        $forum_session_id = $_COOKIE['PHPSESSID'];
    } else {
        if (isset($_GET['PHPSESSID'])) {
            $forum_session_id = $_GET['PHPSESSID'];
        }
    }
    if (empty($forum_session_id) || !preg_match('/^[a-z0-9]{16,32}$/', $forum_session_id)) {
        // Create new session id
        $forum_session_id = random_key(32, FALSE, TRUE);
        session_id($forum_session_id);
    }
    session_start();
    if (!isset($_SESSION['initiated'])) {
        session_regenerate_id();
        $_SESSION['initiated'] = TRUE;
    }
    $forum_session_started = TRUE;
}
開發者ID:torepublicStartpageCode,項目名稱:torepublic2,代碼行數:33,代碼來源:functions.php

示例14: __new__

 /**
  * セッションを開始する
  * @param string $name
  * @return $this
  */
 protected function __new__($name = 'sess')
 {
     $this->ses_n = $name;
     if ('' === session_id()) {
         $session_name = \org\rhaco\Conf::get('session_name', 'SID');
         if (!ctype_alpha($session_name)) {
             throw new \InvalidArgumentException('session name is is not a alpha value');
         }
         session_cache_limiter(\org\rhaco\Conf::get('session_limiter', 'nocache'));
         session_cache_expire((int) (\org\rhaco\Conf::get('session_expire', 10800) / 60));
         session_name();
         if (static::has_module('session_read')) {
             ini_set('session.save_handler', 'user');
             session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'read'), array($this, 'write'), array($this, 'destroy'), array($this, 'gc'));
             if (isset($this->vars[$session_name])) {
                 session_regenerate_id(true);
             }
         }
         session_start();
         register_shutdown_function(function () {
             if ('' != session_id()) {
                 session_write_close();
             }
         });
     }
 }
開發者ID:tokushima,項目名稱:rhaco3,代碼行數:31,代碼來源:Session.php

示例15: regenerate_id

    /**
    * Regenerates session id
    */
    function regenerate_id()
    {
        // copy old session data, including its id
        $old_session_id = session_id();
        $old_session_data = $_SESSION;

        // regenerate session id and store it
        session_regenerate_id();
        $new_session_id = session_id();
        
        // switch to the old session and destroy its storage
        session_id($old_session_id);
        session_destroy();
        
        // switch back to the new session id and send the cookie
        session_id($new_session_id);
        session_start();
        
        // restore the old session data into the new session
        $_SESSION = $old_session_data;
        
        // update the session creation time
        $_SESSION['regenerated'] = time();

        // session_write_close() patch based on this thread
        // http://www.codeigniter.com/forums/viewthread/1624/
        // there is a question mark ?? as to side affects

        // end the current session and store session data.
        session_write_close();
    }
開發者ID:neutrum,項目名稱:Hoppallaaa,代碼行數:34,代碼來源:Session_native.php


注:本文中的session_regenerate_id函數示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。