phpSec

Settings | Report Duplicate

3

I Use This!

Inactive

Commits : Listings

Analyzed about 23 hours ago. based on code collected about 23 hours ago.

Commit Message	Contributor	Files Modified	Lines Added	Lines Removed	Code Location	Date
May 29, 2023 — May 29, 2024 Showing page 12 of 18 Search / Filter on:
Fix bug that causes PHP notice when no session cookie is passed from browser.	xqus as Audun Larsen	More...				over 12 years ago
Don't use the build in session cookies.	xqus as Audun Larsen	More...				over 12 years ago
Since we set a session cookie on our session handler, disable the build in cookies.	xqus as Audun Larsen	More...				over 12 years ago
Use default charset for random stuff.	xqus as Audun Larsen	More...				over 12 years ago
Updated default charset for random functions to include uppercase letters.	xqus as Audun Larsen	More...				over 12 years ago
Added back the regeneration of session encryption key. Issue not fixed but this is due to how PHP works. Not how phpSec works. As for now this closes #36.	xqus as Audun Larsen	More...				almost 13 years ago
#36 Some changes to the session hijacking protection of sessions. Instead of regeneration encryption key we change the session ID. Also generate a stronger session encryption key.	xqus as Audun Larsen	More...				almost 13 years ago
Don't mess with users encryption key. Fixes #37.	xqus as Audun Larsen	More...				almost 13 years ago
Partial solution for #36. This does not fix the problem, but should reduce the risk of it to happen.	xqus as Audun Larsen	More...				almost 13 years ago
Use bigger charset with capital letters when generation Uid.	xqus as Audun Larsen	More...				almost 13 years ago
Don't hash Uid, to allow for longer Uids.	xqus as Audun Larsen	More...				almost 13 years ago
Create a PBKDF2 MAC to ensure message integrity in phpsecCrypt. This breaks compability with older versions of phpSec.	xqus as Audun Larsen	More...				almost 13 years ago
Close up libmcrypt after use.	xqus as Audun Larsen	More...				almost 13 years ago
Changed order of data in JSON string returned by phpsecCrypt::encrypt()	xqus as Audun Larsen	More...				almost 13 years ago
Encryption algorithm and mode now public static strings, allowing user to change if needed. Also changing algorithms now works.	xqus as Audun Larsen	More...				almost 13 years ago
Changed default encryption algorithm to RIJNDAEL-256.	xqus as Audun Larsen	More...				almost 13 years ago
Implement PBKDF2 as described in RFC 2898 to improve key generation (#35).	xqus as Audun Larsen	More...				almost 13 years ago
Renamed phpsec::f() to phpsec::t(), fixes #33 Added phpsec::f() as simple XSS filter, fixes #34	xqus as Audun Larsen	More...				almost 13 years ago
Removed phpsec.pgp.php as this will never be stable enough for production.	xqus as Audun Larsen	More...				almost 13 years ago
Improved phpSec::pwInject() method. Now inject the salt at random position in the original password depending what the password is.	xqus as Audun Larsen	More...				almost 13 years ago
Check User-Agent when starting sessions. Fixes #30.	xqus as Audun Larsen	More...				almost 13 years ago
Removed examples.php	xqus as Audun Larsen	More...				almost 13 years ago
Cleanup.	xqus as Audun Larsen	More...				almost 13 years ago
Generate new session encryption key for each request as a replacement for session_regenerate_id().	xqus as Audun Larsen	More...				almost 13 years ago
Generate the secret inside the phpsecSession::setSecret() method.	xqus as Audun Larsen	More...				almost 13 years ago
Added phpsecSession::setSecret()	xqus as Audun Larsen	More...				almost 13 years ago
Don't destroy key cookie when destroying a session.	xqus as Audun Larsen	More...				almost 13 years ago
Generate custom session ID.	xqus as Audun Larsen	More...				almost 13 years ago
Removed examples.php	xqus as Audun Larsen	More...				almost 13 years ago
Added examples.php to gitignore.	xqus as Audun Larsen	More...				almost 13 years ago

←
1
2
…
8
9
10
11
12
13
14
15
16
17
18
→