[eluser]WanWizard[/eluser]
I noticed that the session library eats away quite lot of processing time for every page request.
Xdebug reveals that this is due to the calls to _xor_encode() and _xor_decode(). Is this still needed when you have mcrypt available, or could you do this instead?
Code:
function encode($string, $key = '')
{
$key = $this->get_key($key);
if ($this->_mcrypt_exists === TRUE)
{
$enc = $this->mcrypt_encode($string, $key);
}
else
{
$enc = $this->_xor_encode($string, $key);
}
return base64_encode($enc);
}
It seams to me that this doesn't have any serious security implications...