| 381 | // Is Suhosin transparent cookie encryption enabled? |
| 382 | $suhosin = ini_get('suhosin.cookie.encrypt'); |
| 383 | if ( 1 == $suhosin || 'On' == $suhosin || 'on' == $suhosin ) { |
| 384 | $crypt_cookie = explode('; ', $_SERVER['RAW_HTTP_COOKIE']); // Variable set by Suhosin |
| 385 | foreach ( $crypt_cookie as $tasty ) { |
| 386 | if ( false !== strpos($tasty, USER_COOKIE) ) |
| 387 | $crypt_user = substr(strstr($tasty, '='), 1); |
| 388 | if ( false !== strpos($tasty, PASS_COOKIE) ) |
| 389 | $crypt_pass = substr(strstr($tasty, '='), 1); |
| 390 | } |
| 391 | // Does the encrypted cookie match the tasty cookie? |
| 392 | if($crypt_user === $user && $crypt_pass === $pass) |
| 393 | { |
| 394 | $user = $_COOKIE[USER_COOKIE]; |
| 395 | $pass = $_COOKIE[PASS_COOKIE]; |
| 396 | } else |
| 397 | die('-1'); |
| 398 | } |
| 399 | |