public function createState()
{
$factory = new \RandomLib\Factory();
$generator = $factory->getGenerator(new \SecurityLib\Strength(\SecurityLib\Strength::MEDIUM));
$state = $generator->generateString(128, "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ");
return $state;
}
/**
* @param RandomLib\Generator $generator
*/
public function __construct(\RandomLib\Generator $generator = null)
{
if ($generator === null) {
$factory = new \RandomLib\Factory();
$this->generator = $factory->getGenerator(new \SecurityLib\Strength(\SecurityLib\Strength::MEDIUM));
}
}
public function testMakeRequest()
{
$factory = new \RandomLib\Factory();
$generator = $factory->getGenerator(new \SecurityLib\Strength(\SecurityLib\Strength::MEDIUM));
$order_reference = $generator->generateString(32, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ');
$auth = $this->service->request('card/auth');
$auth->populate(array('billing' => array('amount' => 100, 'amount[currencycode]' => 'GBP', 'email' => '*****@*****.**', 'name' => array('first' => 'Foo', 'last' => 'Bar'), 'payment' => array('pan' => '4111110000000211', 'securitycode' => '123', 'expirydate' => '10/2031'), 'payment[type]' => 'VISA'), 'merchant' => array('orderreference' => $order_reference), 'customer' => array('name' => array('first' => 'Foo', 'last' => 'Bar'), 'email' => '*****@*****.**')), '/requestblock/request');
$response = $auth->request();
$transaction = $response->getTransaction();
$this->assertNotNull($transaction, 'Card Auth transaction cannot be NULL.');
$this->assertNotNull($transaction['request_reference'], 'Card Auth transaction must resolve "request_reference".');
$this->assertNotNull($transaction['transaction_type'], 'Card Auth transaction must resolve "transaction_type".');
$this->assertNotNull($transaction['transaction_reference'], 'Card Auth transaction must resolve "transaction_reference".');
$this->assertNotNull($transaction['timestamp'], 'Card Auth transaction must resolve "timestamp".');
$this->assertNull($transaction['parent_transaction_reference'], 'Card Auth transaction must not resolve "parent_transaction_reference".');
$this->assertNotNull($transaction['authcode'], 'Card Auth transaction must resolve "authcode".');
$this->assertNotNull($transaction['amount'], 'Card Auth transaction must resolve "amount.');
$this->assertNull($transaction['paypal_token'], 'Card Auth transaction must not resolve "paypal_token".');
$this->assertCount(8, $transaction, 'Transaction must consist of 8 entities.');
$this->assertSame('VISA', $transaction['transaction_type'], '"transaction_type" must be "VISA"');
// Valid "card/auth" must not produce an error.
$this->assertNull($response->getError());
// "card/auth" must not redirect user.
$this->assertNull($response->getRedirectUrl());
}
/**
* Generates a random string
*
* @param int Size
* @return string
*/
function noise($size = 32)
{
$pool = 'abcefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890';
$factory = new RandomLib\Factory();
$generator = $factory->getMediumStrengthGenerator();
return $generator->generateString($size, $pool);
}
public function testMakeRequest()
{
$factory = new \RandomLib\Factory();
$generator = $factory->getGenerator(new \SecurityLib\Strength(\SecurityLib\Strength::MEDIUM));
$order_reference = $generator->generateString(32, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ');
$auth = $this->service->request('paypal/order');
$auth->populate(array('billing' => array('amount' => 100, 'amount[currencycode]' => 'GBP', 'email' => '*****@*****.**', 'name' => array('first' => 'Foo', 'last' => 'Bar')), 'merchant' => array('orderreference' => $order_reference, 'returnurl' => 'http://gajus.com/', 'cancelurl' => 'http://gajus.com/'), 'customer' => array('name' => array('first' => 'Foo', 'last' => 'Bar'), 'email' => '*****@*****.**')), '/requestblock/request');
$response = $auth->request();
$response_xml = $this->normaliseXML($response->getXML());
$this->assertXmlStringEqualsXmlString($this->normaliseXML($this->loadXML('request_paypal_order/test_make_request')), $response_xml);
$transaction = $response->getTransaction();
$this->assertNotNull($transaction, 'PayPal Order transaction cannot be NULL.');
$this->assertNotNull($transaction['request_reference'], 'PayPal Order transaction must resolve "request_reference".');
$this->assertNotNull($transaction['transaction_type'], 'PayPal Order transaction must resolve "transaction_type".');
$this->assertNotNull($transaction['transaction_reference'], 'PayPal Order transaction must resolve "transaction_reference".');
$this->assertNotNull($transaction['timestamp'], 'PayPal Order transaction must resolve "timestamp".');
$this->assertNull($transaction['parent_transaction_reference'], 'PayPal Order transaction must not resolve "parent_transaction_reference".');
$this->assertNull($transaction['authcode'], 'PayPal Order transaction must not resolve "authcode".');
$this->assertNull($transaction['amount'], 'PayPal Order transaction must not resolve "amount.');
$this->assertNotNull($transaction['paypal_token'], 'PayPal Order transaction must resolve "paypal_token".');
$this->assertCount(8, $transaction, 'Transaction must consist of 8 entities.');
$this->assertSame('PAYPAL', $transaction['transaction_type'], '"transaction_type" must be "PAYPAL"');
$this->assertNull($response->getError(), 'Valid "paypal/order" must not produce an error.');
$this->assertNotNull($response->getRedirectUrl(), '"paypal/order" must redirect user.');
}
function randomString()
{
require "vendor/autoload.php";
$factory = new RandomLib\Factory();
$generator = $factory->getGenerator(new SecurityLib\Strength(SecurityLib\Strength::MEDIUM));
return $generator->generateString(32, '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
}
/**
* Execute this task
*
* @param \TYPO3\Surf\Domain\Model\Node $node
* @param \TYPO3\Surf\Domain\Model\Application $application
* @param \TYPO3\Surf\Domain\Model\Deployment $deployment
* @param array $options Supported options: "scriptBasePath" and "scriptIdentifier"
* @return void
* @throws \TYPO3\Surf\Exception\InvalidConfigurationException
* @throws \TYPO3\Surf\Exception\TaskExecutionException
*/
public function execute(Node $node, Application $application, Deployment $deployment, array $options = array())
{
$workspacePath = $deployment->getWorkspacePath($application);
$scriptBasePath = isset($options['scriptBasePath']) ? $options['scriptBasePath'] : Files::concatenatePaths(array($workspacePath, 'Web'));
if (!isset($options['scriptIdentifier'])) {
// Generate random identifier
$factory = new \RandomLib\Factory();
$generator = $factory->getMediumStrengthGenerator();
$scriptIdentifier = $generator->generateString(32, \RandomLib\Generator::CHAR_ALNUM);
// Store the script identifier as an application option
$application->setOption('TYPO3\\Surf\\Task\\Php\\WebOpcacheResetExecuteTask[scriptIdentifier]', $scriptIdentifier);
} else {
$scriptIdentifier = $options['scriptIdentifier'];
}
$localhost = new Node('localhost');
$localhost->setHostname('localhost');
$commands = array('cd ' . escapeshellarg($scriptBasePath), 'rm -f surf-opcache-reset-*');
$this->shell->executeOrSimulate($commands, $localhost, $deployment);
if (!$deployment->isDryRun()) {
$scriptFilename = $scriptBasePath . '/surf-opcache-reset-' . $scriptIdentifier . '.php';
$result = file_put_contents($scriptFilename, '<?php
if (function_exists("opcache_reset")) {
opcache_reset();
}
@unlink(__FILE__);
echo "success";
');
if ($result === false) {
throw new \TYPO3\Surf\Exception\TaskExecutionException('Could not write file "' . $scriptFilename . '"', 1421932414);
}
}
}
public function test()
{
$factory = new RandomLib\Factory();
$generator = $factory->getGenerator(new SecurityLib\Strength(SecurityLib\Strength::MEDIUM));
// $generator = $factory->getLowStrengthGenerator();
$bytes = $generator->generate(32);
var_dump($bytes);
}
/**
* {@inheritDoc}
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
$factory = new \RandomLib\Factory();
$generator = $factory->getGenerator(new \SecurityLib\Strength(\SecurityLib\Strength::MEDIUM));
$pp = new PasswordPlease($generator);
$password = $pp->generatePassword($input->getOption('length'), $input->getOption('complexity'));
$output->writeln($password);
}
/**
* Retourne un chaîne aléatoire sécuritaire, url safe
* @param integer $length Longeur de la chaîne à générer
* @return string $string La chaîne générée
*/
public static function randomString($length = 80)
{
$possibleChars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-';
$factory = new \RandomLib\Factory();
$generator = $factory->getGenerator(new \SecurityLib\Strength(\SecurityLib\Strength::MEDIUM));
$string = $generator->generateString($length, $possibleChars);
return $string;
}
public static function generate($usr_id)
{
$factory = new RandomLib\Factory();
$generator = $factory->getMediumStrengthGenerator();
$token = $generator->generateString(32, \RandomLib\Generator::CHAR_ALNUM);
self::saveToken($usr_id, $token);
return $token;
}
/** Generate a CSRF token. */
protected function _generateHash()
{
$factory = new \RandomLib\Factory();
$generator = $factory->getMediumStrengthGenerator();
$random1 = $generator->generateString(32);
$random2 = $generator->generateString(32);
$this->_hash = hash('sha256', $random1 . $this->getSalt() . $this->getName() . $random2);
$this->setValue($this->_hash);
}
public static function provideGenerators()
{
$factory = new \RandomLib\Factory();
$generator = $factory->getLowStrengthGenerator();
$sources = $generator->getSources();
$ret = array();
$ret[] = array(new Generator($sources, new \RandomLib\Mixer\Hash()), 10000, 'hash');
return $ret;
}
function generate_random_string($length, $alphabet = null)
{
$factory = new RandomLib\Factory();
$generator = $factory->getMediumStrengthGenerator();
if (empty($alphabet)) {
return $generator->generateString($length);
} else {
return $generator->generateString($length, $alphabet);
}
}
public function forgotPassword()
{
$userManager = new UserManager();
$succes = "";
$error = "";
if (!empty($_POST)) {
$factory = new \RandomLib\Factory();
$generator = $factory->getGenerator(new \SecurityLib\Strength(\SecurityLib\Strength::MEDIUM));
$token = $generator->generateString(32, '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
$email = $_POST['email'];
// Verif si email existe dans la BDD
if ($userManager->emailExists($email)) {
$user = $userManager->getUserByUsernameOrEmail($email);
$userManager->update(array("token" => $token), $user['id']);
// Envois du mail
$mail = new \PHPMailer();
$mail->isSMTP();
$mail->setLanguage('fr');
$mail->CharSet = 'UTF-8';
$mail->SMTPDebug = 2;
//0 pour désactiver les infos de débug
$mail->Debugoutput = 'html';
$mail->Host = 'smtp.gmail.com';
$mail->Port = 587;
$mail->SMTPSecure = 'tls';
$mail->SMTPAuth = true;
$mail->Username = "******";
$mail->Password = "******";
$mail->setFrom('ServiceMessagerie@BDloc', 'Service de Messagerie BDloc');
$mail->addAddress($email, $user['username']);
$mail->isHTML(true);
$mail->Subject = 'Envoyé par PHP !';
$app = getApp();
$router = $app->getRouter();
$url = $router->generate("resetMotdepasse", array("token" => $token));
$mail->Body = 'Nous avons bien reçu votre demande de renouvellement de mot de passe <br>
pour changer votre mot de passe <a href="http://www.bdloc.dev' . $url . '">Cliquer ici</a>';
// SI email est bien envoyer
if (!$mail->send()) {
echo "Mailer Error: " . $mail->ErrorInfo;
} else {
echo "Message envoyé";
}
$_SESSION['mail_succes'] = "Le mail a bien été envoyé !";
$this->redirectToRoute('oublieMotdepasse');
} else {
$error = "Adresse Email non trouvé !";
}
}
$data = [];
$data['succes'] = $succes;
$data['error'] = $error;
$this->show('user/forgotPassword', $data);
}
private function generateApiKey()
{
$factory = new \RandomLib\Factory();
$generator = $factory->getGenerator(new \SecurityLib\Strength(\SecurityLib\Strength::MEDIUM));
$key = $generator->generateString(32, "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ");
while (true) {
$apiKey = ApiKeysModel::findFirst("key = '{$key}'");
if (!$apiKey) {
break;
}
$key = $generator->generateString(32);
}
return $key;
}
/**
* Register the application services.
*
* @return void
*/
public function register()
{
$this->mergeConfigFrom(__DIR__ . '/config/laravel-random.php', 'laravel-random');
$this->app->singleton('random', function ($app) {
$factory = new \RandomLib\Factory();
$strength = $app['config']->get('laravel-random.strength');
if ($strength === 'high') {
return $factory->getHighStrengthGenerator();
}
if ($strength === 'medium') {
return $factory->getMediumStrengthGenerator();
}
return $factory->getLowStrengthGenerator();
});
}
/**
* Generate a random byte string of the requested size.
*
* Uses Medium Strength Generator
*
* @link https://github.com/ircmaxell/RandomLib#factory-getlowstrengthgenerator
*
* @param int $size
* @return string
*/
public static function generateRandom($size = 32)
{
$factory = new RandomLib\Factory();
$generator = $factory->getMediumStrengthGenerator();
return $generator->generate($size);
}
<?php
session_start();
/*Préparation et connexion à la base de donnees*/
//include("config.php");
require_once "db.php";
include "vendor/autoload.php";
include "functions.php";
//create token
$factory = new RandomLib\Factory();
$generator = $factory->getMediumStrengthGenerator();
$token = $generator->generateString(80, '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-');
//date expiration du token
$expiry = date("Y-m-d H:i:s", strtotime("+ 1 day"));
if (!empty($_POST)) {
$email = $_POST["email"];
$sql = "SELECT email\n\t\t\t\tFROM users\n\t\t\t\tWHERE email = :email\n\t\t\t\tLIMIT 1";
$sth = $dbh->prepare($sql);
$sth->bindValue(":email", $email);
$sth->execute();
$forgottenPassword = $sth->fetch();
//ptr($token);
if ($_POST['email'] == $forgottenPassword['email']) {
//send a mail
//echo "Whaouh !";
include "send_mail_forgotten_password.php";
$sql = "UPDATE users\n\t\t\t\t\t\tSET token = '{$token}'\n\t\t\t\t\t\tWHERE email = '{$email}'";
$sth = $dbh->prepare($sql);
$sth->bindValue(":email", $email);
$sth->execute();
}
/**
* 生成 cookie ,如果传入 selector 就 代表刷新 cookie 的token
* 否则就是 生成一个全新的 cookie
* @param string $selector
* @return array
*/
private function _generate_cookie($selector = '')
{
$factory = new RandomLib\Factory();
$generator = $factory->getGenerator(new SecurityLib\Strength(SecurityLib\Strength::MEDIUM));
$token = $generator->generate($this->token_size);
$token = hash('sha256', $token);
if ($selector == '') {
$selector = $generator->generateString($this->selector_size);
}
$cookie_value = $selector . $token;
$this->_set_cookie($cookie_value);
return array('selector' => $selector, 'token' => $token);
}
return new Comment();
});
$app->container->singleton('mail', function () use($app) {
$mailer = new PHPMailer();
$mailer->isSMTP();
$mailer->Host = $app->config->get('mail.host');
$mailer->SMTPAuth = $app->config->get('mail.smtp_auth');
$mailer->SMTPSecure = $app->config->get('mail.smtp_secure');
$mailer->Port = $app->config->get('mail.port');
$mailer->Username = $app->config->get('mail.username');
$mailer->Password = $app->config->get('mail.password');
$mailer->isHTML($app->config->get('mail.html'));
return $mailer;
});
$app->container->singleton('randomlib', function () {
$factory = new RandomLib\Factory();
return $factory->getMediumStrengthGenerator();
});
$app->container->singleton('hash', function () use($app) {
return new Hash($app->config);
});
$app->container->singleton('slug', function () {
return new Slugify();
});
$app->container->singleton('validation', function () use($app) {
return new Validator(new User(), $app->hash, $app->auth);
});
$app->container->singleton('log', function () {
$log = new Logger('log');
$log->pushHandler(new StreamHandler(ROOT_PATH . '/app/logs/app.log', Logger::DEBUG));
return $log;
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error = "Votre email n'est pas valide !";
} elseif (strlen($email) > 100) {
$error = "Votre email est long !";
}
//Si valide : email présent ?
if ($error == "") {
$sql = "SELECT * \n\t\t\t\tFROM users \n\t\t\t\tWHERE email = :email";
$sth = $dbh->prepare($sql);
$sth->execute(array(":email" => $email));
$user = $sth->fetch();
}
//SI on le trouve
if ($user) {
//token pour l'utilisateur
$factory = new RandomLib\Factory();
$generator = $factory->getGenerator(new SecurityLib\Strength(SecurityLib\Strength::MEDIUM));
$token = $generator->generateString(80, '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-');
$expiry = date("Y-m-d H:i:s", strtotime("+ 1 day"));
$sql = "UPDATE users \n\t\t\t\t\t\tSET token = :token \n\t\t\t\t\t\ttoken_expery = :expiry \n\t\t\t\t\t\tdate_modified = NOW()\n\t\t\t\t\t\tWHERE id = :id";
$hashedToken = password_hash($token, PASSWORD_DEFAULT);
$sth = $dbh->prepare($sql);
$sth->bindValue(":token", $hashedToken);
$sth->bindValue(":expiry", $expiry);
$sth->bindValue(":id", $user['id']);
if ($sth->execute()) {
//on génère le lien complet
$resetLink = ROOTURL . "/forgot_password_2.php?token={$token}&email={$email}";
//instance de PHPMailer
$mail = getConfiguredMailer();
//qui envoie, et qui reçoit
/**
* Generates a random string of characters.
*
* @param int $amount
* @param string $keyset
* @return string
* @static
*/
public static function keygen($amount, $keyset = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789')
{
$amount = $amount >= 5 ? $amount : 5;
$factory = new \RandomLib\Factory();
$generator = $factory->getGenerator(new \SecurityLib\Strength(\SecurityLib\Strength::MEDIUM));
$string = $generator->generateString($amount - 3, $keyset);
$position = $generator->generateInt(0, $amount - 4);
return substr($string, 0, $position) . $generator->generateString(1, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ') . $generator->generateInt(0, 9) . $generator->generateString(1, 'abcdefghijklmnopqrstuvwxyz') . substr($string, $position);
}
/**
* Generate the token value
*
* @return string Token hash
*/
public function generateToken()
{
$factory = new \RandomLib\Factory();
$generator = $factory->getMediumStrengthGenerator();
return base64_encode($generator->generate(24));
}
public function setUp()
{
$factory = new \RandomLib\Factory();
$this->generator = $factory->getGenerator(new \SecurityLib\Strength(\SecurityLib\Strength::MEDIUM));
$this->pp = new PasswordPlease($this->generator);
}
public function validate_email($uid, $email)
{
//生成 token
$factory = new RandomLib\Factory();
$generator = $factory->getGenerator(new SecurityLib\Strength(SecurityLib\Strength::MEDIUM));
$token = md5(md5($generator->generate(128)) . time());
//发邮件
$this->send_email($email, $token);
$this->email_model->insert_token($uid, $token);
}
/**
* Get a random string
*
* @param integer $length of the random string
* @param boolean $high strength of the random source (since 9.2)
*
* @return random string
**/
static function getRandomString($length, $high = false)
{
$factory = new RandomLib\Factory();
if ($high) {
/* Notice "High" imply mcrypt extension, unwanted for now
See https://github.com/ircmaxell/RandomLib/issues/57 */
$generator = $factory->getMediumStrengthGenerator();
} else {
$generator = $factory->getLowStrengthGenerator();
}
return $generator->generateString($length, RandomLib\Generator::CHAR_LOWER + RandomLib\Generator::CHAR_DIGITS);
}
/**
* Generate a secure, random, 32-character nonce for use in the 'jti' claim
*
* @return string
*/
private function generateNonce()
{
$factory = new \RandomLib\Factory();
$generator = $factory->getMediumStrengthGenerator();
$string = $generator->generateString(32, '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
return $string;
}
/**
*
*/
public function initProviders()
{
// Setup Swiftmailer, with optional SMTP settings. If no settings are provided in config.yml, mail() is used.
$this->register(new \Silex\Provider\SwiftmailerServiceProvider());
if ($this['config']->get('general/mailoptions')) {
$this['swiftmailer.options'] = $this['config']->get('general/mailoptions');
}
// Set up our secure random generator.
$factory = new \RandomLib\Factory();
$this['randomgenerator'] = $factory->getGenerator(new \SecurityLib\Strength(\SecurityLib\Strength::MEDIUM));
$this->register(new \Silex\Provider\UrlGeneratorServiceProvider());
$this->register(new \Silex\Provider\FormServiceProvider());
$this->register(new \Silex\Provider\ValidatorServiceProvider());
$this->register(new Provider\PermissionsServiceProvider());
$this->register(new Provider\StorageServiceProvider());
$this->register(new Provider\UsersServiceProvider());
$this->register(new Provider\CacheServiceProvider());
$this->register(new Provider\ExtensionServiceProvider());
$this->register(new Provider\StackServiceProvider());
$this['paths'] = getPaths($this['config']);
$this['twig']->addGlobal('paths', $this['paths']);
// Add the Bolt Twig functions, filters and tags.
$this['twig']->addExtension(new TwigExtension($this));
$this['twig']->addTokenParser(new SetcontentTokenParser());
// Initialize enabled extensions.
$this['extensions']->initialize();
// @todo: make a provider for the Integrity checker and Random generator..
// Set up the integrity checker for the Database, to periodically check if the Database
// is up to date, and if needed: repair it.
$this['integritychecker'] = new \Bolt\Database\IntegrityChecker($this);
}
