/** * Verify the Facebook credentials. * * @throws Kohana_Exception * @param string the service name * @return boolean */ public function verify($service = MMI_API::SERVICE_FACEBOOK) { $access_token = NULL; if (!array_key_exists('fragment', $_GET)) { $this->_convert_fragment_to_parameter(); } else { $fragment = urldecode(Security::xss_clean($_GET['fragment'])); parse_str($fragment, $parms); $access_token = Arr::get($parms, 'access_token'); unset($parms); } // Ensure the access token is set if (empty($access_token)) { MMI_Log::log_error(__METHOD__, __LINE__, 'Access token parameter missing'); throw new Kohana_Exception('Access token parameter missing in :method.', array(':method' => __METHOD__)); } // Load existing data from the database $auth_config = $this->_auth_config; $username = Arr::get($auth_config, 'username'); $model; if (!empty($username)) { $model = Model_MMI_API_Tokens::select_by_service_and_username($service, $username, FALSE); } else { $consumer_key = Arr::get($auth_config, 'api_key'); $model = Model_MMI_API_Tokens::select_by_service_and_consumer_key($service, $consumer_key, FALSE); } $success = FALSE; $previously_verified = FALSE; if ($model->loaded()) { // Check if the credentials were previously verified $previously_verified = $model->verified; $success = $previously_verified; } if (!$previously_verified) { // Create an access token $token = new OAuthToken($access_token, $service . '-' . time()); // Update the token credentials in the database $svc = MMI_API::factory($service); if (isset($token) and $svc->is_valid_token($token)) { $encrypt = Encrypt::instance(); $model->service = $service; $model->consumer_key = 'consumer-' . $service; $model->consumer_secret = $encrypt->encode($service . '-' . time()); $model->token_key = $token->key; $model->token_secret = $encrypt->encode($token->secret); unset($encrypt); $model->verified = 1; $model->verification_code = $service . '-' . time(); $model->username = $username; if (array_key_exists('expires_in', $_GET)) { $model->attributes = array('expires_in' => urldecode(Security::xss_clean($_GET['expires_in']))); } $success = MMI_Jelly::save($model, $errors); if (!$success and $this->_debug) { MMI_Debug::dead($errors); } } } return $success; }
public function __construct() { // Load configuration $config = Kohana::config('session'); if ( ! empty($config['encryption'])) { // Load encryption $this->encrypt = Encrypt::instance(); } if (is_array($config['storage'])) { if ( ! empty($config['storage']['group'])) { // Set the group name $this->db = $config['storage']['group']; } if ( ! empty($config['storage']['table'])) { // Set the table name $this->table = $config['storage']['table']; } } // Load database $this->db = Database::instance($this->db); Kohana::log('debug', 'Session Database Driver Initialized'); }
public function __construct() { $this->cookie_name = Lemon::config('session.name') . '_data'; if (Lemon::config('session.encryption')) { $this->encrypt = Encrypt::instance(); } }
/** * Verify the Flickr credentials. * * @throws Kohana_Exception * @return boolean */ public function verify() { // Set the service $service = $this->_service; if (empty($service)) { MMI_Log::log_error(__METHOD__, __LINE__, 'Service not set'); throw new Kohana_Exception('Service not set in :method.', array(':method' => __METHOD__)); } // Ensure the frob is set $frob = NULL; if (array_key_exists('frob', $_GET)) { $frob = urldecode(Security::xss_clean($_GET['frob'])); } if (empty($frob)) { MMI_Log::log_error(__METHOD__, __LINE__, 'Frob parameter missing'); throw new Kohana_Exception('Frob parameter missing in :method.', array(':method' => __METHOD__)); } // Load existing data from the database $auth_config = $this->_auth_config; $username = Arr::get($auth_config, 'username'); $model; if (!empty($username)) { $model = Model_MMI_API_Tokens::select_by_service_and_username($service, $username, FALSE); } else { $model = Jelly::factory('MMI_API_Tokens'); } $success = FALSE; if ($model->loaded()) { // Check if the credentials were previously verified $previously_verified = $model->verified; if ($previously_verified) { $success = TRUE; } else { // Create a dummy verification code $verification_code = $service . '-' . time(); } // Do database update if (!$previously_verified) { // Get an access token $svc = MMI_API::factory($service); $token = $svc->get_access_token($verification_code, array('token_key' => $frob, 'token_secret' => $service . '-' . time())); // Update the token credentials in the database if (isset($token) and $svc->is_valid_token($token)) { $model->token_key = $token->key; $model->token_secret = Encrypt::instance()->encode($token->secret); $model->verified = 1; $model->verification_code = $verification_code; if (!empty($token->attributes)) { $model->attributes = $token->attributes; } $success = MMI_Jelly::save($model, $errors); if (!$success and $this->_debug) { MMI_Debug::dead($errors); } } } } return $success; }
public function __construct() { $this->cookie_name = Kohana::config('session.name') . '_data'; if (Kohana::config('session.encryption')) { $this->encrypt = Encrypt::instance(); } Kohana_Log::add('debug', 'Session Cookie Driver Initialized'); }
public function __construct() { $this->cookie_name = Eight::config('session.name') . '_data'; if (Eight::config('session.encryption')) { $this->encrypt = Encrypt::instance(); } Eight::log('debug', 'Session Cookie Driver Initialized'); }
/** * Necessary override to enable per-column encryption. * @param String $column * @return mixed */ public function __get($column) { if (in_array($column, $this->_encrypted_compressed_columns)) { return gzuncompress(Encrypt::instance()->decode(parent::__get($column))); } if (in_array($column, $this->_encrypted_columns)) { return Encrypt::instance()->decode(parent::__get($column)); } return parent::__get($column); }
public function action_company() { $visitor_data = Arr::get($_POST, 'data') ? unserialize(Encrypt::instance('statistics')->decode($_POST['data'])) : NULL; $company = ORM::factory('service', $this->request->param('id')); if (!$company->loaded() or !$visitor_data) { return FALSE; } $request = Request::factory(Route::get('company_info')->uri(array('id' => $company->id, 'company_type' => Model_Service::$type_urls[$company->type]))); // Если URI не совпадает или истекло время if ($request->uri() != $visitor_data['uri'] or strtotime(Date::formatted_time()) - $visitor_data['time_created'] > 60) { return FALSE; } $visit_data = array('date' => Date::formatted_time(), 'uri' => $request->uri(), 'directory' => $request->directory(), 'controller' => $request->controller(), 'action' => $request->action(), 'params' => json_encode($request->get_params()), 'client_ip' => $visitor_data['client_ip'], 'referrer' => $visitor_data['referrer']); ORM::factory('visit')->save_visit($visit_data); }
public function identifyUser() { $whereQuery = array(); $i = 0; foreach ($this->auth->userCredentials as $key => $value) { if ($i === 0) { $whereQuery[$key . ' ='] = $value; $this->username = $value; } if ($i == 2 || $key == 'status') { $whereQuery["{$key} ="] = $value; } $i++; } try { $userCredentials = $this->auth->where($whereQuery)->findAll(); } catch (\Exception $ex) { throw new \Exception($ex->getMessage()); } if (($this->auth->rowCount() && count($userCredentials)) > 0) { if (Encrypt::instance()->decode($userCredentials[0]->password) == $this->auth->userCredentials['password']) { $credentials['isLoggedIn'] = true; $credentials['flashMsg'] = ucfirst($this->username) . ' ' . $this->msg; $this->sessionDetails = $this->auth->getSessionConfig(); foreach ($this->sessionDetails['value'] as $key => $val) { $credentials[$val] = $userCredentials[0]->{$val}; unset($userCredentials[0]->{$val}); } $isSessionExists = Session::instance()->save($this->sessionDetails['key'], $credentials); //show($isSessionExists); $this->setUserDetails($credentials); return $isSessionExists == true ? true : false; } else { return false; } // password validation end } else { return false; } // row count end }
/** * Loads existing session data. * * $session->read(); * * @param string session id * @return void */ public function read($id = NULL) { $data = NULL; try { if (is_string($data = $this->_read($id))) { if ($this->_encrypted) { // Decrypt the data using the default key $data = Encrypt::instance($this->_encrypted)->decode($data); } else { // Decode the base64 encoded data $data = base64_decode($data); } // Unserialize the data $data = unserialize($data); } else { Kohana::$log->add(Log::ERROR, 'Error reading session data: ' . $id); } } catch (Exception $e) { // Ignore all reading errors, but log them Kohana::$log->add(Log::ERROR, 'Error reading session data: ' . $id); } if (is_array($data)) { // Load the data locally $this->_data = $data; } }
/** * Test to multiple calls to the instance() method returns same instance * also test if the instances are appropriately configured. * * @param string $instance_name instance name * @param array $config_array array of config variables missing from config * * @dataProvider provider_instance_returns_singleton */ public function test_instance_returns_singleton($instance_name, array $config_array) { // load config $config = Kohana::$config->load('encrypt'); // if instance name is NULL the config group should be the default $config_group = $instance_name ?: Encrypt::$default; // if config group does not exists, create if (!array_key_exists($config_group, $config)) { $config[$config_group] = array(); } // fill in the missing config variables $config[$config_group] = $config[$config_group] + $config_array; // call instance twice $e = Encrypt::instance($instance_name); $e2 = Encrypt::instance($instance_name); // assert instances $this->assertInstanceOf('Encrypt', $e); $this->assertInstanceOf('Encrypt', $e2); $this->assertSame($e, $e2); // test if instances are well configured // prepare expected variables $expected_cipher = $config[$config_group]['cipher']; $expected_mode = $config[$config_group]['mode']; $expected_key_size = mcrypt_get_key_size($expected_cipher, $expected_mode); $expected_key = substr($config[$config_group]['key'], 0, $expected_key_size); // assert $this->assertSameProtectedProperty($expected_key, $e, '_key'); $this->assertSameProtectedProperty($expected_cipher, $e, '_cipher'); $this->assertSameProtectedProperty($expected_mode, $e, '_mode'); }
/** * Save the cookie and user modhash to the database. * * @param string the cookie value * @param string the user modhash value * @return boolean */ protected function _save_cookie_to_db($cookie, $usermodhash) { $service = $this->_service; $model = $this->_model; if (!$model instanceof Jelly_Model) { $model = $this->_get_db_model(); } if ($model instanceof Jelly_Model) { $encrypt = Encrypt::instance(); $username = $this->_username; $model->service = $service; $model->consumer_key = 'consumer-' . $service; $model->consumer_secret = $encrypt->encode($service . '-' . time()); if (!empty($username)) { $model->username = $username; } $model->token_key = $cookie; $model->token_secret = $encrypt->encode($usermodhash); $model->verified = TRUE; $model->verification_code = $service . '-' . time(); unset($encrypt); } $success = MMI_Jelly::save($model, $errors); if (!$success and $this->_debug) { MMI_Debug::dead($errors); } $this->_model = $model; return $success; }
/** * Overload catch exception with session destroy and log * * Loads existing session data. * * Example: * ~~~ * $session->read(); * ~~~ * * @param string session id * * @return void */ public function read($id = NULL) { $data = NULL; try { if (is_string($data = $this->_read($id))) { if ($this->_encrypted) { // Decrypt the data using the default key $data = Encrypt::instance($this->_encrypted)->decode($data); } else { // Decode the base64 encoded data $data = base64_decode($data); } // Unserialize the data $data = unserialize($data); } else { // Ignore these, session is valid, likely no data though. } } catch (Exception $e) { // Destroy the session $this->destroy(); // Log & ignore all errors when a read fails Log::error(Gleez_Exception::text($e))->write(); return; } if (is_array($data)) { // Load the data locally $this->_data = $data; } }
/** * Sets a signed cookie. Note that all cookie values must be strings and no * automatic serialization will be performed! * * ~~By default, Cookie::$expiration is 0 - if you skip/pass NULL for the optional * lifetime argument your cookies will expire immediately unless you have separately * configured Cookie::$expiration.~~ * * * ```// Set the "theme" cookie * Cookie::set('theme', 'red');``` * @uses Stativo\Helpers\Encrypt * @param string $name name of cookie * @param string $value value of cookie * @param integer $lifetime lifetime in seconds * @uses Stativo\Core\Response * @return boolean */ public static function set($name, $value, $lifetime = NULL) { if ($lifetime === NULL) { // Use the default expiration $lifetime = Cookie::$expiration; } if ($lifetime !== 0) { // The expiration is expected to be a UNIX timestamp $lifetime += static::_time(); } // Add the salt to the cookie value $value = Encrypt::instance()->encode(Cookie::salt($name, $value) . '~' . $value); self::__setcookie($name, $value, $lifetime, Cookie::$path, Cookie::$domain, Cookie::$secure, Cookie::$httponly); }
public function action_view() { $open_coupon = Arr::get($_GET, 'print_coupon', FALSE); $service = ORM::factory('service', $this->request->param('id', NULL)); $last_modified = $service->date_edited ? $service->date_edited : $service->date_create; $this->response->headers('Last-Modified', gmdate("D, d M Y H:i:s \\G\\M\\T", strtotime($last_modified))); /*if (!$service->loaded() || !$service->active) throw new HTTP_Exception_404; */ // if (!$service->loaded() || !$service->active) if (!$service->loaded()) { Message::set(Message::ERROR, 'Такой сервис не найден'); $this->request->redirect('/'); } if ($service->type == 1 and $this->request->param('company_type') != 'services') { $this->request->redirect('services/' . $service->id); } if ($service->type == 2 and $this->request->param('company_type') != 'shops') { $this->request->redirect('shops/' . $service->id); } $this->validation = Validation::factory($_POST)->rule('antibot', 'not_empty'); if ($_POST) { $review = ORM::factory('review'); try { $review->values($_POST, array('text', 'email', 'name')); $review->date = Date::formatted_time(); $review->service_id = $service->id; $review->active = 0; //$review->user_ip = $_SERVER['HTTP_X_FORWARDED_FOR']; $review->save($this->validation); Message::set(Message::SUCCESS, Kohana::message('success_msg', 'review_created')); $this->request->redirect('services/' . $service->id); } catch (ORM_Validation_Exception $e) { $this->errors = $e->errors('models'); $this->values = $_POST; } } $cars = array(); foreach ($service->cars->find_all() as $c) { $cars[] = $c; } // Данные для отправки скрипту "Фиксирования визита" $visitor_data = json_encode(array('data' => Encrypt::instance('statistics')->encode(serialize(array('uri' => $this->request->uri(), 'time_created' => strtotime(Date::formatted_time()), 'client_ip' => Request::$client_ip, 'referrer' => isset($_SERVER['HTTP_REFERER']) ? $this->request->referrer() : 'havent_referrer'))))); $this->view = View::factory('frontend/services/view_service')->set('visitor_data', $visitor_data)->set('service', $service)->set('images', $service->images->find_all())->set('news', $service->news->get_news())->set('stocks', $service->stocks->get_stocks())->set('vacancies', $service->vacancies->get_vacancies())->set('reviews', $service->reviews->get_reviews())->set('cars', $cars)->set('open_coupon', $open_coupon)->set('coupon_frame', HTML::iframe('services/get_coupon/' . $service->id, 'coupon_frame'))->set('values', $this->values)->set('errors', $this->errors); if ($service->type == 1) { $works = array(); foreach ($service->works->find_all() as $w) { $works[] = $w; } $works = $service->sort($works, 'len', 'name'); $this->view->set('works', $works); } $this->template->bc['/'] = 'Главная'; $this->template->bc['#'] = $service->get_name(2); $this->template->title = Text::mb_ucfirst(__('company_type_' . $service->type)) . ' ' . $service->name . ' ' . $service->about; $this->template->meta_description = Text::ucfirst(__('company_type_' . $service->type)) . ' ' . $service->name . ' — ' . $service->city->name; $this->add_js('http://api-maps.yandex.ru/1.1/index.xml?key=' . $this->settings['YMaps_key'] . '&onerror=map_alert'); $this->add_js('assets/js/maps_detail.js'); $this->add_js('assets/share42/share42.js', 'before'); $this->add_js('assets/js/company_visit.js'); $this->template->content = $this->view; }
/** * * @param string $path * @return string */ public static function decode_path($path) { return Encrypt::instance()->decode($path); }
/** * Initialize and return the OAuth credentials data. * * @param Jelly_Model the exisiting model * @return Jelly_Model */ protected function _init_model($model) { $consumer = $this->_consumer; $username = $this->_username; if (!$model instanceof Jelly_Model) { $model = Jelly::factory('MMI_API_Tokens'); } if ($model instanceof Jelly_Model) { $model->service = $this->_service; $model->consumer_key = $consumer->key; $model->consumer_secret = Encrypt::instance()->encode($consumer->secret); if (!empty($username)) { $model->username = $username; } } return $model; }
/** * Loads existing session data. * * $session->read(); * * @param string $id session id * @return void */ public function read($id = NULL) { $data = NULL; try { if (is_string($data = $this->_read($id))) { if ($this->_encrypted) { // Decrypt the data using the default key $data = Encrypt::instance($this->_encrypted)->decode($data); } else { // Decode the data $data = $this->_decode($data); } // Unserialize the data $data = $this->_unserialize($data); } else { // Ignore these, session is valid, likely no data though. } } catch (Exception $e) { // Error reading the session, usually a corrupt session. throw new Session_Exception('Error reading session data.', NULL, Session_Exception::SESSION_CORRUPT); } if (is_array($data)) { // Load the data locally $this->_data = $data; } }
/** * Sets a signed cookie. Note that all cookie values must be strings and no * automatic serialization will be performed! * * // Set the "theme" cookie * Cookie::set('theme', 'red'); * * @param string $name name of cookie * @param string $value value of cookie * @param integer $expiration lifetime in seconds * @return boolean * @uses Cookie::salt */ public static function set($name, $value, $expiration = NULL) { $name = md5($name); $value = Encrypt::instance('tripledes')->encode($value); if ($expiration === NULL) { // Use the default expiration $expiration = Cookie::$expiration; } if ($expiration !== 0) { // The expiration is expected to be a UNIX timestamp $expiration += time(); } // Add the salt to the cookie value $value = Cookie::salt($name, $value) . '~' . $value; return setcookie($name, $value, $expiration, Cookie::$path, Cookie::$domain, Cookie::$secure, Cookie::$httponly); }
private function _user_row() { $encrypt = Encrypt::instance(); return array("user_nicename" => $this->_display_name, "user_pass" => $encrypt->encode("T0d@y"), "user_email" => $this->_user_email, "user_login" => UTF8::ucfirst($this->_display_name), "display_name" => UTF8::ucfirst($this->_display_name), "user_registered" => Date::formatted_time()); }
public function decode($content) { $enc = Encrypt::instance(); return $enc->decode($content); }
public function encriptar($valor) { $encrypt = Encrypt::instance('tripledes'); $passregistro = $encrypt->encode($valor); $passgen = $passregistro; $generado = strpos($passregistro, "/"); if ($generado === false) { return $passgen; } else { $this->encriptar($valor); } }
/** * Loads the session data. * * @param string session id * @return void */ public function read($id = NULL) { if (is_string($data = $this->_read($id))) { try { if ($this->_encrypted) { // Decrypt the data using the default key $data = Encrypt::instance($this->_encrypted)->decode($data); } else { // Decode the base64 encoded data $data = base64_decode($data); } // Unserialize the data $data = unserialize($data); } catch (Exception $e) { // Ignore all reading errors } } if (is_array($data)) { // Load the data locally $this->_data = $data; } }
/** * This function sets the value for the specified key. * * @access public * @override * @param string $key the name of the property * @param mixed $value the value of the property * @throws Throwable_InvalidProperty_Exception indicates that the specified property is * either inaccessible or undefined */ public function __set($key, $value) { switch ($key) { case 'value': if ($value !== NULL) { $value = Encrypt::instance($this->metadata['config'])->encode($value); } $this->model->{$this->metadata['field']} = $value; break; default: throw new Throwable_InvalidProperty_Exception('Message: Unable to set the specified property. Reason: Property :key is either inaccessible or undefined.', array(':key' => $key, ':value' => $value)); break; } }
/** * Session object is rendered to a serialized string. If encryption is * enabled, the session will be encrypted. If not, the output string will * be encoded. * * echo $session; * * @return string * @uses Encrypt::encode */ public function __toString() { // Serialize the data array $data = $this->_serialize($this->_data); if ($this->_encrypted) { // Encrypt the data using the default key $data = Encrypt::instance($this->_encrypted)->encode($data); } else { // Encode the data $data = $this->_encode($data); } return $data; }
/** * Password reset * * @return object * post * query * success * invalid * exception * errors */ public static function reset($post, $get) { // post filter $post = self::post_filter($post); // Build result $result = new stdClass(); $result->post = $post; $result->get = $get; $result->success = FALSE; $result->invalid = FALSE; $result->exception = FALSE; $result->errors = array(); // Get settings $settings = Cms_Helper::settings(); /* * check reset key */ // <editor-fold defaultstate="collapsed" desc="check reset key"> try { // Get password reset key $reset_key_string = Arr::get($get, 'reset_key'); // If password reset keyがないときはエラー if (!$reset_key_string) { throw new Kohana_Exception('password reset key is noting.'); } // ->query()なのでURLデコードいらない! // active key -> 暗号解除 -> delimiterで分割 list($reset_key, $email) = explode($settings->author_password_reset_key_delimiter, Encrypt::instance()->decode($reset_key_string)); // userをemailから取得 $user = Tbl::factory('users')->where('email', '=', $email)->get(); // userが取得できないとき if (!$user) { throw new Kohana_Exception('there is not user.'); } // If リセット キーが違うときはエラー if ($reset_key !== $user->reset_key) { throw new Kohana_Exception('user activate access key is noting.'); } } catch (Exception $e) { // Result $result->exception = TRUE; // errors //$result->errors = array( // 'field' => 'system error', // 'message' => $e->getMessage(), // 'file' => $e->getFile(), // 'line' => $e->getLine(), //); } // </editor-fold> /* * If post */ // <editor-fold defaultstate="collapsed" desc="If post"> // postがあって$result->exceptionがTRUEじゃないとき if (Arr::get($post, 'reset') and !$result->exception) { /* * Check onetime ticket */ // <editor-fold defaultstate="collapsed" desc="Check onetime ticket"> $session_ticket = Session::instance()->get_once('ticket'); $post_ticket = Arr::get($post, 'ticket'); if (!$session_ticket or !$post_ticket or $session_ticket !== $post_ticket) { HTTP::redirect(Request::current()->referrer()); } // </editor-fold> // // Database transaction start Database::instance()->begin(); /* * Try for post */ try { /** * password setting */ $validation = Validation::factory($post)->rule('password', 'not_empty')->rule('password', 'min_length', array(':value', 8))->rule('confirm', 'matches', array(':validation', 'confirm', 'password'))->label('password', __('Password'))->label('confirm', __('Confirm')); // If validation check is false if (!$validation->check()) { throw new Validation_Exception($validation); } $user->update(array('password' => Arr::get($post, 'password'), 'reset_key' => NULL)); // Database commit Database::instance()->commit(); /** * Set result */ $result->post = array(); $result->success = TRUE; } catch (Validation_Exception $e) { // Database rollback Database::instance()->rollback(); // Result $result->invalid = TRUE; // Separate errors field and message $errors = $e->errors('validation'); foreach ($errors as $key => $value) { $result->errors[] = array('field' => $key, 'message' => $value); } } catch (Exception $e) { // Database rollback Database::instance()->rollback(); // Result $result->exception = TRUE; // errors //$result->errors = array( // 'field' => 'system error', // 'message' => $e->getMessage(), // 'file' => $e->getFile(), // 'line' => $e->getLine(), //); } } // </editor-fold> Session::instance()->set('reset_result', $result); }