+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: Transfering sessions across domains (/showthread.php?tid=13278)
Pages:
1
2
Transfering sessions across domains - El Forum - 12-30-2008
[eluser]The Wizard[/eluser]
heheh thank you
yes, thats true indeed.
so we make a special table, link it with the users id (via secret key).
on the table, we store all information about the user, (browser type, IP etc.)
and compare it with the user, which try's to login via the secret key.
At least, this would bring somehow a little bit security
i remember a prominent example where gmail was a subject to those session
hijacking where you could gain access to a gmail account of choice.
damn. security is hard.
Transfering sessions across domains - El Forum - 12-30-2008
[eluser]simshaun[/eluser]
Here's an interesting article I found about sessions between domains:
http://www.melbournechapter.net/wordpress/programming-languages/php/cman/2006/06/15/sharing-a-session-across-multiple-domainsservers-with-php/
Transfering sessions across domains - El Forum - 12-30-2008
[eluser]The Wizard[/eluser]
Thank you
i will read it right away.
Transfering sessions across domains - El Forum - 12-30-2008
[eluser]The Wizard[/eluser]
Thanks
this are very good informations, i will keep them in my mind while i'm building my System.
Thank you very very much.
Transfering sessions across domains - El Forum - 12-31-2008
[eluser]The Wizard[/eluser]
Hello again friends
dunno if it helps, i want to share a custom code
i use myself. Maybe its easy to develop but i still
want to share it with you so, here it is.
Code:
function Security_BrowserInfo () {
$this->load->library('user_agent');
$data_browser['user_id'] = $this->Session_UserID();
$data_browser['ip'] = $this->Custom_ReturnClientIP();
$data_browser['agent_string'] = $this->agent->agent_string();
$data_browser['version'] = $this->agent->version();
$data_browser['platform'] = $this->agent->platform();
$data_browser['is_browser'] = $this->agent->is_browser();
//$data_browser['is_referral'] = $this->agent->is_referral();
return $data_browser;
}
function Security_StoreBrowserInfo( $data_browser ) {
$this->load->helper('date');
$data_browser['datetime'] = mdate( "%Y-%m-%d %H:%i:%s" );
$this->db->insert( 'c88v2_user_account_info_browser', $data_browser );
}
function Security_returnBrowserInfo( $user_id ) {
$this->db->select('user_id, ip, agent_string, version, platform, is_browser, is_referral');
$this->db->from('c88v2_user_account_info_browser');
$this->db->where('user_id', $user_id );
$this->db->order_by("datetime", "desc");
$this->db->limit( 1 );
$query = $this->db->get();
$num_rows = $query->num_rows();
if ( $num_rows <= 0)
{
die ('nothing returned');
}
else
{
$row = $query->row_array();
$data_browser_db['user_id'] = $row['user_id'];
$data_browser_db['ip'] = $row['ip'];
$data_browser_db['agent_string'] = $row['agent_string'];
$data_browser_db['version'] = $row['version'];
$data_browser_db['platform'] = $row['platform'];
$data_browser_db['is_browser'] = $row['is_browser'];
//$data_browser_db['is_referral'] = $row['is_referral'];
return $data_browser_db;
}
}
function Security_CheckBrowserInfo ( $user_id ) {
$data_browser_db = $this->Security_returnBrowserInfo( $user_id );
$data_browser = $this->Security_BrowserInfo();
// DEBUG
// echo '<pre>';
// print_r( $data_browser_db );
// echo '</pre>';
//
//
// echo '<pre>';
// print_r( $data_browser );
// echo '</pre>';
$result = array_diff( $data_browser_db, $data_browser );
if ( count( $result ) > 0 )
{
return FALSE;
}
else
{
return TRUE;
}
}
function Security_Key_Regenerate( $user_id ) {
$key_secret = md5( uniqid( rand( 100, 99999999 ), TRUE ) );
$data_user['user_key_secret'] = $key_secret;
$this->db->where( 'user_id', $user_id );
$this->db->update( 'c88v2_user_account', $data_user );
}its a set of functions, which may be of help to you so, i hope its
useful
take care friends