encrypt sensitive parts of accountContainer in session
This commit is contained in:
Roland Gruber
parent
a53375aaf0
commit
f3f37da4a6
|
|
@ -1618,22 +1618,46 @@ class accountContainer {
|
||||||
}
|
}
|
||||||
if (count($errors)!=0) return $errors;
|
if (count($errors)!=0) return $errors;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Returns a list of possible PDF entries for this account.
|
|
||||||
*
|
|
||||||
* @return list of PDF entries (array(<name> => <PDF lines>))
|
|
||||||
*/
|
|
||||||
function get_pdfEntries() {
|
|
||||||
$return = array();
|
|
||||||
while(($current = current($this->module)) != null) {
|
|
||||||
$return = array_merge($return,$current->get_pdfEntries($this->type));
|
|
||||||
next($this->module);
|
|
||||||
}
|
|
||||||
$return = array_merge($return,array('main_dn' => array('<block><key>' . _('DN') . '</key><value>' . $this->dn . '</value></block>')));
|
|
||||||
return $return;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns a list of possible PDF entries for this account.
|
||||||
|
*
|
||||||
|
* @return list of PDF entries (array(<name> => <PDF lines>))
|
||||||
|
*/
|
||||||
|
function get_pdfEntries() {
|
||||||
|
$return = array();
|
||||||
|
while(($current = current($this->module)) != null) {
|
||||||
|
$return = array_merge($return,$current->get_pdfEntries($this->type));
|
||||||
|
next($this->module);
|
||||||
|
}
|
||||||
|
$return = array_merge($return,array('main_dn' => array('<block><key>' . _('DN') . '</key><value>' . $this->dn . '</value></block>')));
|
||||||
|
return $return;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Encrypts sensitive data before storing in session.
|
||||||
|
*
|
||||||
|
* @return array list of attributes which are serialized
|
||||||
|
*/
|
||||||
|
function __sleep() {
|
||||||
|
// encrypt data
|
||||||
|
$this->attributes = $_SESSION['ldap']->encrypt(serialize($this->attributes));
|
||||||
|
$this->attributes_orig = $_SESSION['ldap']->encrypt(serialize($this->attributes_orig));
|
||||||
|
$this->module = $_SESSION['ldap']->encrypt(serialize($this->module));
|
||||||
|
// save all attributes
|
||||||
|
return array_keys(get_object_vars(&$this));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Decrypts sensitive data after accountContainer was loaded from session.
|
||||||
|
*/
|
||||||
|
function __wakeup() {
|
||||||
|
// decrypt data
|
||||||
|
$this->attributes = unserialize($_SESSION['ldap']->decrypt($this->attributes));
|
||||||
|
$this->attributes_orig = unserialize($_SESSION['ldap']->decrypt($this->attributes_orig));
|
||||||
|
$this->module = unserialize($_SESSION['ldap']->decrypt($this->module));
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
?>
|
?>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue