Rev 277 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 277 | Rev 360 | ||
|---|---|---|---|
| Line 54... | Line 54... | ||
| 54 | protected function sessionSafeStart() { |
54 | protected function sessionSafeStart() { |
| 55 | if (!isset($_SESSION)) { |
55 | if (!isset($_SESSION)) { |
| 56 | // TODO: session_name() makes some problems. Leave it away for now. |
56 | // TODO: session_name() makes some problems. Leave it away for now. |
| 57 | //session_name('OIDplus_SESHDLR'); |
57 | //session_name('OIDplus_SESHDLR'); |
| 58 | if (!session_start()) { |
58 | if (!session_start()) { |
| 59 | throw new OIDplusException("Session could not be started"); |
59 | throw new OIDplusException(_L('Session could not be started')); |
| 60 | } |
60 | } |
| 61 | } |
61 | } |
| 62 | 62 | ||
| 63 | if (!isset($_SESSION['ip'])) { |
63 | if (!isset($_SESSION['ip'])) { |
| 64 | if (!isset($_SERVER['REMOTE_ADDR'])) return; |
64 | if (!isset($_SERVER['REMOTE_ADDR'])) return; |
| Line 140... | Line 140... | ||
| 140 | $iv . $ciphertext, |
140 | $iv . $ciphertext, |
| 141 | mb_substr($key, 32, null, '8bit'), |
141 | mb_substr($key, 32, null, '8bit'), |
| 142 | true |
142 | true |
| 143 | ); |
143 | ); |
| 144 | if (!hash_equals($hmac, $hmacNew)) { |
144 | if (!hash_equals($hmac, $hmacNew)) { |
| 145 | throw new OIDplusException('Authentication failed'); |
145 | throw new OIDplusException(_L('Authentication failed')); |
| 146 | } |
146 | } |
| 147 | // Decryption |
147 | // Decryption |
| 148 | return openssl_decrypt( |
148 | return openssl_decrypt( |
| 149 | $ciphertext, |
149 | $ciphertext, |
| 150 | 'AES-256-CBC', |
150 | 'AES-256-CBC', |