Rev 277 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 277 | Rev 360 | ||
---|---|---|---|
Line 54... | Line 54... | ||
54 | protected function sessionSafeStart() { |
54 | protected function sessionSafeStart() { |
55 | if (!isset($_SESSION)) { |
55 | if (!isset($_SESSION)) { |
56 | // TODO: session_name() makes some problems. Leave it away for now. |
56 | // TODO: session_name() makes some problems. Leave it away for now. |
57 | //session_name('OIDplus_SESHDLR'); |
57 | //session_name('OIDplus_SESHDLR'); |
58 | if (!session_start()) { |
58 | if (!session_start()) { |
59 | throw new OIDplusException("Session could not be started"); |
59 | throw new OIDplusException(_L('Session could not be started')); |
60 | } |
60 | } |
61 | } |
61 | } |
62 | 62 | ||
63 | if (!isset($_SESSION['ip'])) { |
63 | if (!isset($_SESSION['ip'])) { |
64 | if (!isset($_SERVER['REMOTE_ADDR'])) return; |
64 | if (!isset($_SERVER['REMOTE_ADDR'])) return; |
Line 140... | Line 140... | ||
140 | $iv . $ciphertext, |
140 | $iv . $ciphertext, |
141 | mb_substr($key, 32, null, '8bit'), |
141 | mb_substr($key, 32, null, '8bit'), |
142 | true |
142 | true |
143 | ); |
143 | ); |
144 | if (!hash_equals($hmac, $hmacNew)) { |
144 | if (!hash_equals($hmac, $hmacNew)) { |
145 | throw new OIDplusException('Authentication failed'); |
145 | throw new OIDplusException(_L('Authentication failed')); |
146 | } |
146 | } |
147 | // Decryption |
147 | // Decryption |
148 | return openssl_decrypt( |
148 | return openssl_decrypt( |
149 | $ciphertext, |
149 | $ciphertext, |
150 | 'AES-256-CBC', |
150 | 'AES-256-CBC', |