f42f28a602525b94a794f06b11861cdf40bbfe38
[Packages/TYPO3.CMS.git] / typo3 / sysext / rsaauth / Classes / Storage / SessionStorage.php
1 <?php
2 namespace TYPO3\CMS\Rsaauth\Storage;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 /**
18 * This class contains a session-based storage for private keys. This storage
19 * is not secure enough because its implementation stores keys completely in the
20 * PHP sessions. PHP sessions usually store data in the file system and it is
21 * easy to extract. This storage is useful only as an example. It is better to
22 * use "split" storage for keys.
23 */
24 class SessionStorage extends AbstractStorage
25 {
26 /**
27 * Creates an instance of this class. It checks and initializes PHP
28 * sessions if necessary.
29 */
30 public function __construct()
31 {
32 if (!isset($_SESSION) || !is_array($_SESSION)) {
33 session_start();
34 }
35 }
36
37 /**
38 * Obtains key from the session
39 *
40 * @return string The key or NULL
41 * @see \TYPO3\CMS\Rsaauth\Storage\AbstractStorage::get()
42 */
43 public function get()
44 {
45 return isset($_SESSION['tx_rsaauth_key']) ? $_SESSION['tx_rsaauth_key'] : null;
46 }
47
48 /**
49 * Puts key to the session
50 *
51 * @param string $key The key
52 * @see \TYPO3\CMS\Rsaauth\Storage\AbstractStorage::put()
53 */
54 public function put($key)
55 {
56 $_SESSION['tx_rsaauth_key'] = $key;
57 }
58 }