public function testSecureUniqueIdHash64()
{
foreach (range(1, 3) as $method) {
foreach (range(1, 2) as $hash) {
$id = EncryptUtil::secureUniqueIdHash64($method, $hash);
if (VERBOSE_MODE >= 1) {
echo "\nmethod {$method} hash {$hash} {$id}";
}
$this->assertEquals(64, strlen($id));
}
}
}
/**
* Check user password and echo either an error message or a unique id which gets used on
* subsequent requests to ensure that the user confirmed the action with their password
*/
public static function superMassActionPasswordConfirmation()
{
if (!isset($_POST['password'])) {
throw new CHttpException(400, Yii::t('app', 'Bad Request'));
}
$loginForm = new LoginForm();
$loginForm->username = Yii::app()->params->profile->username;
$loginForm->password = $_POST['password'];
if ($loginForm->validate()) {
do {
$uid = EncryptUtil::secureUniqueIdHash64();
} while (isset($_SESSION[self::SESSION_KEY_PREFIX_PASS_CONFIRM . $uid]));
$_SESSION[self::SESSION_KEY_PREFIX_PASS_CONFIRM . $uid] = true;
echo CJSON::encode(array(true, $uid));
} else {
echo CJSON::encode(array(false, Yii::t('app', 'incorrect password')));
}
}
public function insert($attributes = null)
{
$this->id = EncryptUtil::secureUniqueIdHash64();
$this->requested = time();
$this->getIpAddr();
return parent::insert($attributes);
}
