Coossions is a php plugin to store sessions in encrypted cookie
Coossions (stands for cookie-sessions) is a php plugin to store sessions in encrypted cookie
composer require arthurkushman/coossions
$coossions = new CoossionsHandler('your_digest_secrete'); // any secret word$coossions->startSession();
And then, as usual, in any code-space - set session global variables:
$_SESSION['foo'] = 123;$_SESSION['bar'] = 'baz';
Get session global variables:
echo $_SESSION['foo'] . ' ' . $_SESSION['bar'];
Session will be written in cookie on client-side with openssl cipher code (in aes-256-ctr cipher algorithm by default)
and digested with your_digest_secrete (in sha256 by default).
Also, whole message will be merged with hash_hmac, based on salt consisting of dynamic SID + message,
which will then checked by hash_equals to additionally identify non-fraudulent data stored in cookie.
To create reliable/secure cryptographic signature, it would be better if your_digest_secrete will be in both upper/lower case letters and mashed with digits + long enough.
Although, there are already set the best known, at the moment, hash and crypto algos - You can set Your preferable ones:
$coossions = new CoossionsHandler('your_digest_secrete');$encryptor = new Encryptor('your_digest_secrete');$encryptor->setDigestAlgo('sha512'); // defaults to sha256$encryptor->setCipherAlgo('aes-128-ctr'); // defaults to aes-256-ctr$coossions->setEncryption($encryptor);$coossions->startSession();
Tested performance of write/read 2 $_SESSION vars (3 symbols long int/string):