Esempio n. 1
0
 /**
  * Returns string, hashed by the 
  * <code>session.encrypt_guest_cookie.hash</code> 
  * to sign guest cookie. It uses session id and 
  * <code>config.crypto.secret</code> to get required hash.
  *
  * Behavior AfterGetGuestHash is defined.
  *
  * @return   array
  */
 private function getGuestHash($sid)
 {
     $cp = new CryptoProvider();
     $config = Config::getInstance();
     $hash = base64_encode($cp->hash($sid . $config->crypto->secret, $config->session->encrypt_guest_cookie->hash));
     $this->trigger("AfterGetGuestHash", array(&$sid));
     return $hash;
 }
Esempio n. 2
0
 /**
  * Performs hashing of the password. 
  * If user is newly created, new random hash will be assigned. This salt
  * is mandatory.
  *
  * The server-side salt is optional and could be mixed in if config parameter 
  * <code>user.server_salt.use</code> is set.
  *
  * Hashing method is defined by the <code>user.password.hash</code> config parameter.
  * It could be as custom as default for all hashing (user.password.hash=":default")
  *
  * @param User instance of the user, which salt is taken.
  * @param string unhashed password to be hashed
  * @return string hashed password
  * @see CryptoProvider
  * @throws UserException
  */
 static function hashPassword($user, $unhashed_password)
 {
     $config = Config::getInstance();
     if (empty($unhashed_password)) {
         throw new UserException("Password could not be empty");
     }
     $cp = new CryptoProvider();
     $user_salt = $user->getSalt() ? $user->getSalt() : self::generateSalt();
     $user->setSalt($user_salt);
     $password_string = $unhashed_password . $user_salt . ($config->user->server_salt->use ? $config->user->server_salt->salt : "");
     return $cp->hash($password_string, Config::getInstance()->user->password->hash);
 }