News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Michael Nitschinger's Blog:
Session Encryption with Lithium
January 20, 2012 @ 12:09:08

Michael Nitschinger has a new post for the Lithium framework users out there - a quick tutorial about encrypting your session information with the new built in "Encrypt" strategy feature.

If you check out the master branch, you can use the new Encrypt strategy to encrypt your session data automatically. This means that you can read and write session data in cleartext and they will be encrypted on the fly before getting stored (in a cookie, for example).

You'll need the mcrypt extension installed for it to work correctly, but it makes storing the encrypted version of your data more or less automatic. Just set up your Session configuration to use it as a strategy and any time you call a "read" or "write" the hard work is handled for you. For those more interests in what's "under the hood" he goes on to talk about how the strategy works, what cipher it uses by default, how to change it and the default string to use in hashing.

0 comments voice your opinion now!
lithium framework session encryption strategy configuration secret hash


blog comments powered by Disqus

Similar Posts

Padraic Brady's Blog: Self-Contained Reusable Zend Framework Modules With Standardised Configurators

Symfony Project: symfony 1.0 beta 4 released

Zend Developer Zone: The ZendCon Sessions Episode 4: IBM DB2 with PHP 5.2 and AJAX

PHPFreaks.com: Sessions and cookies: Adding state to a stateless protocol

SANIsoft Blog: The longer Lithium Blog tutorial using MySQL – Part 1


Community Events

Don't see your event here?
Let us know!


voicesoftheelephpant laravel interview podcast laravel5 community unittest series release api opinion language security video library version php7 introduction framework example

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework