encrypt sensitive parts of accountContainer in session

This commit is contained in:
Roland Gruber 2005-08-05 08:49:03 +00:00
parent a53375aaf0
commit f3f37da4a6
1 changed files with 41 additions and 17 deletions

View File

@ -1635,5 +1635,29 @@ class accountContainer {
return $return; return $return;
} }
/**
* Encrypts sensitive data before storing in session.
*
* @return array list of attributes which are serialized
*/
function __sleep() {
// encrypt data
$this->attributes = $_SESSION['ldap']->encrypt(serialize($this->attributes));
$this->attributes_orig = $_SESSION['ldap']->encrypt(serialize($this->attributes_orig));
$this->module = $_SESSION['ldap']->encrypt(serialize($this->module));
// save all attributes
return array_keys(get_object_vars(&$this));
} }
/**
* Decrypts sensitive data after accountContainer was loaded from session.
*/
function __wakeup() {
// decrypt data
$this->attributes = unserialize($_SESSION['ldap']->decrypt($this->attributes));
$this->attributes_orig = unserialize($_SESSION['ldap']->decrypt($this->attributes_orig));
$this->module = unserialize($_SESSION['ldap']->decrypt($this->module));
}
}
?> ?>