marcocesarato / php-aio-security Goto Github PK

As i know, the id column should be INTEGER, in your case there is no id column, there is an ip column, so why don't you change in the following way?
line: 188

id VARCHAR(128) NOT NULL,

maybe better to change to:

ip VARCHAR(128) NOT NULL,

?

Because as i know the id column should look like:

id INT(11) NOT NULL AUTO_INCREMENT...

and PRIMARY KEY should be INTEGER, am i right? So, if you want, you can just add id before ip column, maybe it whould be better?

Hi Marco,

For some reason my logout stops working with the security class activated. Any idea why that is happening?

My logout code is:

session_start();
$_SESSION = array();
session_unset();
session_destroy();
header("location: index.php");

I also tried to delete the cookies with the code below but seems that it's not helping...

if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}

Thanks.

Unfortunately seems that the class is not working properly on PHP 8...

Any plans to update?

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• chore(deps): update dependency friendsofphp/php-cs-fixer to v3.18.0

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

Hi Marco,

For some reason sometimes the session closes too quickly (after 5 or 10 seconds). In the class Security the session lifetime is public static $session_lifetime = 288000;

Any idea why this is happening?

Hello,

Can this be used in a php application hosted on windows IIS using SQL server for database?

Thanks,
Kris

Hi Marco,

I'm trying to use your code but for some reason my forms just stop working when the class is activated, I keep getting the "_Undefined index: CSRFTOKEN" error on post request.

On this line:

$GLOBALS[self::$csrf_session . $csrf_key] = $_SESSION[self::$csrf_session . $csrf_key];
$token                                    = $GLOBALS[self::$csrf_session . $csrf_key];

Any idea what im doing wrong?

Thanks,

Hi Marco,

It seems that the function "static function secureHTML" is breaking my template.

I think the code $doc->loadHTML($buffer); is responsible for the issue since everything seems to work until that that line...

Any idea why is happening and how I can fix it without just disabling the function?

Hi Marco,

For some reason, I get the error "Array to string conversion in Security.php on line 550" just from a simple form with multiselection options, any idea how I can fix this issue?

Thanks,

Respected Developers, Its work very slow and take times too to response.It always return Permission deny when user input some JS codes.

Hi Marco,

Hope you are doing well in this current climate.

Seems that the security class is renaming the <script type="application/ld+json"> (used for Google markups) to <script type="text/javascript"> creating several issues.

Any idea how I can fix this issue without disabling the class?

Thanks,