psecio/session-encrypt

An encrypted session handler for PHP

Maintainers

Details

github.com/psecio/session-encrypt

Homepage

Source

Issues

Installs: 18

Dependents: 0

Suggesters: 0

Security: 0

Stars: 6

Watchers: 4

Forks: 1

Open Issues: 4

0.1 2014-03-22 14:20 UTC

MIT 36244e6f2b818e7da2ba7810ec06567af9d14f8a

sessionencryptionhandlerencrypt

This package is not auto-updated.

Last update: 2024-04-23 01:19:22 UTC

README

This is a custom encrypted session handler for PHP (using session_set_save_handler). It is compatible with just about any version of PHP out there and doesn't use the newer SessionHandler interface.

Example Usage

<?php

require_once 'vendor/autoload.php';

$salt = 'b6a8904db8ef59b3a4c6841e6eddf048a9194208';
Psecio\SessionEncrypt\Handler::init($salt);
session_start();

?>

The value for $salt should be as randomized as possible as it's used to encrypt the data with mcrypt_decrypt. The handler uses MCRYPT_RIJNDAEL_256 and MCRYPT_MODE_CBC to encrypt the data. It will store the session files in the path defined by the session.save_path or, if it's not set, will default to /tmp.

NOTE: Because of the need for encryption in this handler, you are required to have the mcrypt functionality included in your PHP installation.