public function onBeforeWrite() { if (!$this->owner->NewsletterTrackingToken) { $generator = new RandomGenerator(); $this->owner->NewsletterTrackingToken = $generator->generateHash('md5'); } }
/** * Ensure we populate these fields before a save. */ public function onBeforeWrite() { // Run other beforewrites first. parent::onBeforeWrite(); if (!$this->isBrowser()) { return false; } // If this is the first save... if (!$this->ID) { // Ensure the session exists before querying it. if (!Session::request_contains_session_id()) { Session::start(); } // Store the sesion and has information in the database. $this->SessionID = SecurityToken::getSecurityID(); if (is_null($this->SessionID)) { return false; } $gen = new RandomGenerator(); $uniqueurl = substr($gen->randomToken(), 0, 32); while (ShortList::get()->filter('URL', $uniqueurl)->count() > 0) { $uniqueurl = substr($gen->randomToken(), 0, 32); } $this->URL = $uniqueurl; $this->UserAgent = Controller::curr()->getRequest()->getHeader('User-Agent'); } }
/** * Generates the One Time code that is passed to the redirect URL as GET param ott * Supports extension via extendGenerateOneTime, with a max token length of 255 */ public function generateOneTime() { $randomGen = new RandomGenerator(); $random = substr($randomGen->randomToken(), 0, 10); $this->extend('extendGenerateOneTime', $random); $this->OneTimeCode = $random; }
protected function onBeforeWrite() { if (!$this->isInDB()) { $generator = new RandomGenerator(); $this->Token = $generator->randomToken(); } parent::onBeforeWrite(); }
/** * @return string */ public function generateConfirmationToken() { $generator = new RandomGenerator(); $token = $generator->randomToken(); $hash = self::HashConfirmationToken($token); $this->setField('ConfirmationHash', $hash); return $token; }
/** * Generates an encrypted random token. * @param \Member $user * @throws \PasswordEncryptor_NotFoundException * @return string */ public static function generate_token($user) { $generator = new \RandomGenerator(); $tokenString = $generator->randomToken(); $e = \PasswordEncryptor::create_for_algorithm('blowfish'); $salt = $e->salt($tokenString); $token = sha1($e->encrypt($tokenString, $salt)) . substr(md5($user->Created . $user->LastEdited . $user->ID), 7); return $token; }
/** * Generate and store the authentication tokens required * * @TODO Rework this, it's not really any better than storing text passwords */ public function generateTokens() { $generator = new RandomGenerator(); $token = $generator->randomToken('sha1'); $this->owner->Token = $this->owner->encryptWithUserSettings($token); $this->authToken = $token; $authToken = $generator->randomToken('whirlpool'); $this->owner->AuthPrivateKey = $authToken; }
/** * @return string */ public function generateConfirmationToken() { $generator = new RandomGenerator(); $this->token = $generator->randomToken(); $hash = self::HashConfirmationToken($this->token); $this->setField('ConfirmationHash', $hash); Session::set(self::ConfirmationTokenParamName . '_' . $this->Speaker()->ID, $this->token); return $this->token; }
protected function genToken() { // Generate a new random token (as random as possible) require_once dirname(dirname(dirname(__FILE__))) . '/security/RandomGenerator.php'; $rg = new RandomGenerator(); $token = $rg->randomToken('md5'); // Store a file in the session save path (safer than /tmp, as open_basedir might limit that) file_put_contents($this->pathForToken($token), $token); return $token; }
protected function onBeforeWrite() { if (!$this->isInDB()) { $generator = new RandomGenerator(); $this->Token = $generator->randomToken(); if ($this->getManagerEmail()) { $this->sendEmail(); } } parent::onBeforeWrite(); }
function onBeforeWrite() { parent::onBeforeWrite(); if (!$this->ValidUntil) { $this->setValidInMinutesFromNow(); } if (!$this->RequestedFromIP) { $this->RequestedFromIP = $_SERVER['REMOTE_ADDR']; } if (!$this->UID) { $generator = new RandomGenerator(); $this->UID = $generator->randomToken('sha1'); } }
/** * @return string */ public function generateConfirmationToken() { $generator = new RandomGenerator(); $already_exists = false; $repository = new SapphireSpeakerRegistrationRequestRepository(); do { $this->token = $generator->randomToken(); $already_exists = $repository->existsConfirmationToken($this->token); } while ($already_exists); $hash = self::HashConfirmationToken($this->token); $this->setField('ConfirmationHash', $hash); Session::set(self::ConfirmationTokenParamName . '_' . $this->Speaker()->ID, $this->token); return $this->token; }
/** * Flags the current comment * * @return bool */ public function doFlag() { if (!$this->owner->canFlag()) { return false; } $this->owner->Flagged = true; $this->owner->FlaggedAndRemoved = false; $random = new RandomGenerator(); $this->owner->FlaggedSecurityToken = $random->randomToken(); try { $this->owner->write(); } catch (ValidationException $e) { SS_Log::log($e->getMessage(), SS_Log::WARN); return false; } $this->owner->extend('afterFlag'); return true; }
public function testMany() { $output = RandomGenerator::generate(); $this->assertFalse(is_array($output), 'Output is array'); $this->assertRegExp('/^([a-zA-Z0-9]{10})$/', $output, 'Single match not ok'); $output = RandomGenerator::generate(3, 120, RandomGenerator::TYPE_ALPHANUM, 'start:X:end', 8, '-'); $this->assertTrue(is_array($output), 'Not array'); if (is_array($output)) $this->assertEquals(count($output), 3, 'Array count not 3'); foreach ($output as $out) { $this->assertRegExp('/^start:([a-zA-Z0-9-]{134}):end$/', $out, 'Element not ok'); } }
/** * Tests security ID check */ public function testSecurityID() { // Mock token $securityToken = SecurityToken::inst(); $generator = new RandomGenerator(); $token = $generator->randomToken('sha1'); $session = array($securityToken->getName() => $token); $tokenError = _t('SpellController.SecurityMissing', 'Your session has expired. Please refresh your browser to continue.'); // Test request sans token $response = $this->get('spellcheck', Injector::inst()->create('Session', $session)); $this->assertEquals(400, $response->getStatusCode()); $jsonBody = json_decode($response->getBody()); $this->assertEquals($tokenError, $jsonBody->error->errstr); // Test request with correct token (will fail with an unrelated error) $response = $this->get('spellcheck/?SecurityID=' . urlencode($token), Injector::inst()->create('Session', $session)); $jsonBody = json_decode($response->getBody()); $this->assertNotEquals($tokenError, $jsonBody->error->errstr); // Test request with check disabled Config::inst()->update('SpellController', 'enable_security_token', false); $response = $this->get('spellcheck', Injector::inst()->create('Session', $session)); $jsonBody = json_decode($response->getBody()); $this->assertNotEquals($tokenError, $jsonBody->error->errstr); }
public static function generate($options = array()) { $options = self::_normalizeOptions($options); extract(array_merge(self::$defaultOptions, self::$_options, $options)); self::$_options = array(); $unique = false; $first_alaphabet = false; for ($i = 0; $i < strlen($type); $i++) { switch ($type[$i]) { case 'u': $unique = true; break; case 'f': $first_alaphabet = true; } } $result = ''; $result_length = 0; do { $c = self::generateCharacter($possible, $options); if ($first_alaphabet && $result_length == 0 && preg_match('/[a-z]/i', $possible)) { if (!preg_match('/[a-z]/', strtolower($c))) { continue; } } if ($unique && strstr($result, $c)) { if ($result_length === strlen($possible)) { trigger_error('Possible characters length is less than max length'); } continue; } $result .= $c; $result_length++; if ($random_length) { $minLength = isset($random_length['min']) ? $random_length['min'] : 1; if ($minLength <= $result_length) { $rand = $generator(1, $length); if ($result_length < $rand) { return $result; } } } } while ($result_length < $length); return $result; }
public function actionCreate() { $model = new Clients(); $account = new Accounts(); $preference = new Preferences(); if (isset($_POST['Clients'], $_POST['Accounts'], $_POST['Preferences'])) { $model->attributes = $_POST['Clients']; $account->attributes = $_POST['Accounts']; $preference->attributes = $_POST['Preferences']; $model->login_name = $account->login_name; $model->client_code = RandomGenerator::generateString(AdminGlobals::CLIENT_CODE_LENGTH); $model->subscription_status = "active"; $preference->prepaid_passwd = RandomGenerator::generateString(AdminGlobals::PREPAID_PASSWD_LENGTH); $account->account_name = $model->client_name; $account->email = $model->email; $account->is_visible = 0; $valid = $model->validate(); $valid = $account->validate() && $valid; $valid = $preference->validate() && $valid; if ($valid) { $transaction = Yii::app()->db->beginTransaction(); $success = $model->save(false); if ($success) { $account->client_id = $preference->client_id = $model->id; } $success = $success && $account->save(false); $success = $success && $preference->save(false); if ($success) { $transaction->commit(); if (Yii::app()->request->isAjaxRequest) { $this->renderPartial('view', array('model' => $this->loadModel($model->id), 'account' => $account, 'preference' => $preference), false, true); Yii::app()->end(); } $this->redirect(array('view', 'id' => $model->id)); } $transaction->rollBack(); } } if (Yii::app()->request->isAjaxRequest) { $this->renderPartial('create', array('model' => $model, 'account' => $account, 'preference' => $preference), false, true); Yii::app()->end(); } $this->render('create', array('model' => $model, 'account' => $account, 'preference' => $preference)); }
/** * Generate an auto login token which can be used to reset the password, * at the same time hashing it and storing in the database. * * @param int $lifetime The lifetime of the auto login hash in days (by default 2 days) * * @returns string Token that should be passed to the client (but NOT persisted). * * @todo Make it possible to handle database errors such as a "duplicate key" error */ public function generateAutologinTokenAndStoreHash($lifetime = 2) { do { $generator = new RandomGenerator(); $token = $generator->randomToken(); $hash = $this->encryptWithUserSettings($token); } while (DataObject::get_one('Member', "\"AutoLoginHash\" = '{$hash}'")); $this->AutoLoginHash = $hash; $this->AutoLoginExpired = date('Y-m-d', time() + 86400 * $lifetime); $this->write(); return $token; }
<?php include 'random-generator.class.php'; header('Content-Type: text/plain'); $seed = 12345; $generator = new RandomGenerator($seed); echo "seed : {$seed}\n"; for ($n = 0; $n < 100; $n++) { $value = $generator->random() % 100; echo "{$n} : {$value}\n"; }
/** * Returns a unique filename, including project/environment/timestamp details. * @return string */ public function generateFilename(DNDataTransfer $dataTransfer) { $generator = new RandomGenerator(); $filter = FileNameFilter::create(); return sprintf('%s-%s-%s-%s-%s', $filter->filter(strtolower($this->OriginalEnvironment()->Project()->Name)), $filter->filter(strtolower($this->OriginalEnvironment()->Name)), $dataTransfer->Mode, date('Ymd'), sha1($generator->generateEntropy())); }
/** * Generates an encrypted random token * and an expiry date * * @param boolean $expired Set to true to generate an outdated token * @return array token data array('token' => HASH, 'expire' => EXPIRY_DATE) */ private function generateToken($expired = false) { $life = $this->tokenConfig['life']; if (!$expired) { $expire = time() + $life; } else { $expire = time() - $life * 2; } $generator = new RandomGenerator(); $tokenString = $generator->randomToken(); $e = PasswordEncryptor::create_for_algorithm('blowfish'); //blowfish isn't URL safe and maybe too long? $salt = $e->salt($tokenString); $token = $e->encrypt($tokenString, $salt); return array('token' => substr($token, 7), 'expire' => $expire); }
/** * Return a string value stored in the {@link Member->Salt} property. * * @uses RandomGenerator * * @param String $password Cleartext password * @param Member $member (Optional) * @return String Maximum of 50 characters */ function salt($password, $member = null) { $generator = new RandomGenerator(); return substr($generator->generateHash('sha1'), 0, 50); }
function testGenerateHashWithAlgorithm() { $r = new RandomGenerator(); $this->assertNotNull($r->generateHash('md5')); $this->assertNotEquals($r->generateHash(), $r->generateHash('md5')); }
/** * Generates new random key * * @param integer $length * * @return string */ protected function generate($length = null) { $generator = new RandomGenerator(); $result = $generator->randomToken('sha256'); if ($length !== null) { return substr($result, 0, $length); } return $result; }
/** * Generate an auto login token which can be used to reset the password, * at the same time hashing it and storing in the database. * * @param int $lifetime The lifetime of the auto login hash in days (by default 2 days) * * @returns string Token that should be passed to the client (but NOT persisted). * * @todo Make it possible to handle database errors such as a "duplicate key" error */ public function generateValidateHashAndStore($lifetime = 2) { do { $generator = new RandomGenerator(); $hash = $generator->randomToken(); } while (DataObject::get_one('Recipient', "\"ValidateHash\" = '{$hash}'")); $this->ValidateHash = $hash; $this->ValidateHashExpired = date('Y-m-d H:i:s', time() + 86400 * $lifetime); $this->write(); return $hash; }
/** * @uses RandomGenerator * * @return String */ protected function generate() { $generator = new RandomGenerator(); return $generator->generateHash('sha1'); }
/** * Creates a new random token and hashes it using the * member information * @param Member The logged in user * @return string The hash to be stored in the database */ public function getNewHash(Member $member) { $generator = new RandomGenerator(); $this->setToken($generator->randomToken('sha1')); return $member->encryptWithUserSettings($this->token); }
public function testDisableSecurityTokenAcceptsSubmissionWithoutToken() { SecurityToken::enable(); $expectedToken = SecurityToken::inst()->getValue(); $response = $this->get('FormTest_ControllerWithSecurityToken'); // can't use submitForm() as it'll automatically insert SecurityID into the POST data $response = $this->post('FormTest_ControllerWithSecurityToken/Form', array('Email' => '*****@*****.**', 'action_doSubmit' => 1)); $this->assertEquals(400, $response->getStatusCode(), 'Submission fails without security token'); // Generate a new token which doesn't match the current one $generator = new RandomGenerator(); $invalidToken = $generator->randomToken('sha1'); $this->assertNotEquals($invalidToken, $expectedToken); // Test token with request $response = $this->get('FormTest_ControllerWithSecurityToken'); $response = $this->post('FormTest_ControllerWithSecurityToken/Form', array('Email' => '*****@*****.**', 'action_doSubmit' => 1, 'SecurityID' => $invalidToken)); $this->assertEquals(200, $response->getStatusCode(), 'Submission reloads form if security token invalid'); $this->assertTrue(stripos($response->getBody(), 'name="SecurityID" value="' . $expectedToken . '"') !== false, 'Submission reloads with correct security token after failure'); $this->assertTrue(stripos($response->getBody(), 'name="SecurityID" value="' . $invalidToken . '"') === false, 'Submission reloads without incorrect security token after failure'); $matched = $this->cssParser()->getBySelector('#Form_Form_Email'); $attrs = $matched[0]->attributes(); $this->assertEquals('*****@*****.**', (string) $attrs['value'], 'Submitted data is preserved'); $response = $this->get('FormTest_ControllerWithSecurityToken'); $tokenEls = $this->cssParser()->getBySelector('#Form_Form_SecurityID'); $this->assertEquals(1, count($tokenEls), 'Token form field added for controller without disableSecurityToken()'); $token = (string) $tokenEls[0]; $response = $this->submitForm('Form_Form', null, array('Email' => '*****@*****.**', 'SecurityID' => $token)); $this->assertEquals(200, $response->getStatusCode(), 'Submission suceeds with security token'); }
/** * Generate an auto login hash * * This creates an auto login hash that can be used to reset the password. * * @param int $lifetime The lifetime of the auto login hash in days (by default 2 days) * * @todo Make it possible to handle database errors such as a "duplicate key" error */ function generateAutologinHash($lifetime = 2) { do { $generator = new RandomGenerator(); $hash = $generator->generateHash('sha1'); } while (DataObject::get_one('Member', "\"AutoLoginHash\" = '{$hash}'")); $this->AutoLoginHash = $hash; $this->AutoLoginExpired = date('Y-m-d', time() + 86400 * $lifetime); $this->write(); }
/** * @uses RandomGenerator * * @return String */ protected function generate() { $generator = new RandomGenerator(); return $generator->randomToken('sha1'); }