/[dtapublic]/to_be_filed/webprojs/php_libraries/php_library/fboprime/sid.inc
ViewVC logotype

Contents of /to_be_filed/webprojs/php_libraries/php_library/fboprime/sid.inc

Parent Directory Parent Directory | Revision Log Revision Log


Revision 35 - (show annotations) (download)
Sat Oct 8 23:35:33 2016 UTC (6 years, 3 months ago) by dashley
File size: 3605 byte(s)
Initial commit.
1 <?php
2 //$Header: /hl/cvsroots/gpl01/gpl01/webprojs/fboprime/sw/phplib/sid.inc,v 1.3 2006/04/08 07:14:16 dashley Exp $
3 //********************************************************************************
4 //Copyright (C) 2006 David T. Ashley
5 //********************************************************************************
6 //This program or source file is free software; you can redistribute it and/or
7 //modify it under the terms of the GNU General Public License as published by
8 //the Free Software Foundation; either version 2 of the License, or (at your
9 //option) any later version.
10 //
11 //This program or source file is distributed in the hope that it will
12 //be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
13 //MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 //GNU General Public License for more details.
15 //
16 //You may have received a copy of the GNU General Public License
17 //along with this program; if not, write to the Free Software
18 //Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 //********************************************************************************
20 //Dave Ashley, 04/06
21 //
22 //This source file provides the code to create and manipulate session
23 //identifiers (SIDs). The format of the SGUID is documented in the
24 //FBO-Prime manual.
25 //
26 require_once("sguid.inc"); //Necesssary to generate SGUIDs.
27 require_once("crhsh.inc");
28 //
29 //
30 //--------------------------------------------------------------------------------
31 //Returns a complete SID (including the "SI" prefix).
32 //
33 function SID_sid()
34 {
35 return("SI" . SID_sid_raw());
36 }
37 //
38 //
39 //--------------------------------------------------------------------------------
40 //Returns a raw SID (without the "SI" prefix).
41 //
42 function SID_sid_raw()
43 {
44 $sguid = SGUID_sguid();
45 $crhash = CRHSH_hashva($sguid);
46
47 //Convert any lower-case letters in the hash to upper-case. This is canonical form.
48 $crhash = StrToUpper($crhash);
49
50 return($sguid . $crhash);
51 }
52 //
53 //
54 //--------------------------------------------------------------------------------
55 //Returns the length of a SID (in characters).
56 //
57 function SID_sid_len()
58 {
59 return(66);
60 }
61 //
62 //
63 //--------------------------------------------------------------------------------
64 //Validates the syntactic form of a SID. Returns 0 if it isn't
65 //valid or 1 if it is. Note that this validates only the form and the
66 //hash--the server session state aspect is not validated.
67 //
68 function SID_is_syntactically_valid($sid_to_check)
69 {
70 //Must be a string.
71 if (! is_string($sid_to_check))
72 return(0);
73
74 //Must be of the right length.
75 if (strlen($sid_to_check) != 66)
76 return(0);
77
78 //First two characters must be "SI".
79 if (substr($sid_to_check, 0, 2) !== "SI")
80 return(0);
81
82 //The encapsulated SGUID must be valid.
83 if (! SGUID_is_syntactically_valid(SubStr($sid_to_check, 2, 32)))
84 return(0);
85
86 //Generate a hash to match against.
87 $original_hash = SubStr($sid_to_check, 34, 32);
88 $comparison_hash = StrToUpper(CRHSH_hashva(SubStr($sid_to_check, 2, 32)));
89
90 //Compare the hashes. Note that we don't have to check the string to be sure
91 //hash chars are digits and hexadecimal digits--the comparison indirectly does
92 //that for us.
93 if ($original_hash != $comparison_hash)
94 return(0);
95
96 //If we're here, nothing obvious wrong with it.
97 return(1);
98 }
99 //--------------------------------------------------------------------------------
100 ?>

dashley@gmail.com
ViewVC Help
Powered by ViewVC 1.1.25