I’d like to have sessions data encrypted like they are in suhosin, is there any library out there providing that?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’d like to have sessions data encrypted like they are in suhosin, is there any library out there providing that?
You could easily use mcrypt or a custom AES encryption to encrypt session data. The best bet would to create a session wrapper class that encrypts variables when you set them.
For key management, you could create a unique key and store it in a cookie, so that only the user can decrypt their own session data.