function edit() { if (!empty($this->data)) { // is the user updating their password? if (isset($this->data['User']['password']) && isset($this->data['User']['password_confirm'])) { $this->User->set($this->data); $this->User->id = $this->Session->read('Auth.User.id'); // check that the passwords are valid if ($this->User->validates(array('fieldList' => array('password', 'password_confirm')))) { // hash the passwords $password = Security::hash($this->data['User']['password'], null, true); $password_confirm = Security::hash($this->data['User']['password_confirm'], null, true); if ($this->User->saveField('password', $password)) { $this->Session->setFlash('Your password has been updated successfully.'); } else { $this->Session->setFlash('There was a problem saving your password', 'error'); } } else { $this->User->invalidFields(); } // clear out the fields $this->data['User']['password'] = ''; $this->data['User']['password_confirm'] = ''; } } }
/** * Serialize to array data from xml * * @return array Xml serialize array data */ public function serializeXmlToArray() { //後で修正する $xmlData = Xml::toArray(Xml::build(self::NOTIFICATION_URL)); // rssの種類によってタグ名が異なる if (isset($xmlData['feed'])) { $items = Hash::get($xmlData, 'feed.entry'); $dateKey = 'published'; $linkKey = 'link.@href'; $summaryKey = 'summary'; } elseif (Hash::get($xmlData, 'rss.@version') === '2.0') { $items = Hash::get($xmlData, 'rss.channel.item'); $dateKey = 'pubDate'; $linkKey = 'link'; $summaryKey = 'description'; } else { $items = Hash::get($xmlData, 'RDF.item'); $dateKey = 'dc:date'; $linkKey = 'link'; $summaryKey = 'description'; } if (!isset($items[0]) && is_array($items)) { $items = array($items); } $data = array(); foreach ($items as $item) { $date = new DateTime($item[$dateKey]); $summary = Hash::get($item, $summaryKey); $data[] = array('title' => $item['title'], 'link' => Hash::get($item, $linkKey), 'summary' => $summary ? strip_tags($summary) : '', 'last_updated' => $date->format('Y-m-d H:i:s'), 'key' => Security::hash(Hash::get($item, $linkKey), 'md5')); } return $data; }
function getActivationHash() { if (!isset($this->id)) { return false; } return substr(Security::hash(Configure::read('Security.salt') . $this->field('created') . date('Ymd')), 0, 8); }
function admin_edit($id = null) { if (!$id) { $this->redirect(array('controller' => 'users', 'action' => 'index', 'admin' => true)); } $user = $this->User->read(null, $id); $user_groups = $this->User->UserGroup->find('list'); $errors = array(); if (!empty($this->data)) { if (!empty($this->data['User']['new_password'])) { $this->data['User']['password'] = $this->data['User']['new_password']; $hashed = Security::hash($this->data['User']['password'], 'sha1', true); } $this->User->set($this->data); if ($this->User->validates()) { if (isset($this->data['User']['password'])) { $this->data['User']['password'] = $hashed; } $this->User->save($this->data, array('validate' => false)); $this->Session->setFlash('Användaren har nu sparats'); } else { $errors = $this->User->invalidFields(); } } else { $this->data = $user; } $this->set('errors', $errors); $this->set('userGroups', $user_groups); $this->set('user', $user); }
/** * to encrypt password before save * @param array $options * @return boolean * @author Laxmi Saini */ public function beforeSave($options = array()) { if (isset($this->data['User']['new_password'])) { $this->data['User']['password'] = Security::hash($this->data['User']['new_password'], null, true); } return true; }
public function beforeSave($options = array()) { if (isset($this->data[$this->name]['password']) && !empty($this->data[$this->name]['password'])) { $this->data[$this->name]['password'] = Security::hash($this->data[$this->name]['password'], 'md5'); } return true; }
public function beforeSave($options = array()) { if (!empty($this->data[$this->alias]['senha'])) { $this->data[$this->alias]['senha'] = Security::hash($this->data[$this->alias]['senha'], 'blowfish'); } return true; }
public function forgotPassword($data) { $saveData = array(); $email = $data['email']; $respone = array(); $options = array('conditions' => array('User.email' => $email)); $user = $this->find("first", $options); if ($user) { $resetCode = Security::hash(String::uuid(), 'sha1', true); $url = Router::url(array('controller' => 'users', 'action' => 'resetPassword'), true) . '?code=' . $resetCode; //Removing any previously generated $this->ResetPassword->deleteAll(array('ResetPassword.user_id' => $user['User']['id']), false); //saving validation code $saveData['ResetPassword'] = array('user_id' => $user['User']['id'], 'reset_code' => $resetCode); $status = $this->ResetPassword->saveAll($saveData, array('validate' => false)); if ($status) { $Email = new Email(); $message = 'Reset password'; $message .= "Copy and Paste following url in your browser:\n"; $message .= $url; if (SEND_EMAIL) { $emailStatus = $Email->sendEmail($email, $message, EMAIL_TPL_RESET_PASSWORD); } else { $emailStatus = true; } if ($emailStatus) { return array('status' => true, 'success_msg' => USER_RESET_PASSWORD_SUCCESS); } } else { return array('status' => false, 'errors' => USER_ERR_RESET_PASSWORD_FAILED); } } else { return array('status' => false, 'errors' => USER_ERR_EMAIL_NOT_REGISTERED); } }
public function create_admin() { $this->layout = 'admin'; if ($this->Session->read('Admin.admin') == null) { $this->Session->setFlash("Vous n'avez rien a faire ici, oust !", "error"); $this->redirect(array('controller' => 'Admin', 'action' => 'index')); } else { if ($this->Session->read('roles.superadmin') == 0) { $this->Session->setFlash("Vous n'avez pas le droit de faire sa", "error"); $this->redirect(array('controller' => 'Admin', 'action' => 'index')); } else { $role = $this->Role->find('list'); $this->set("roles", $role); if ($this->request->is('post')) { $d = $this->request->data; $d['Create']['id'] = null; if (!empty($d['Create']['passwd'])) { $d['Create']['passwd'] = Security::hash($d['Create']['passwd'], null, true); } if ($this->Admin->save(array('admin' => $d['Create']['admin'], 'email' => $d['Create']['email'], 'passwd' => $d['Create']['passwd'], 'role' => $d['Create']['Role'], 'username' => $d['Create']['Username']))) { $this->Session->setFlash("Admin créé", "notif"); } else { $this->Session->setFlash("Erreur", "error"); } } } } }
/** * _makeSrc * * @param $file * @param $options * @return */ function _makeSrc($file = null, $options = array()) { $hash = $this->Session->read('Filebinder.hash'); $prefix = empty($options['prefix']) ? '' : $options['prefix']; $filePath = empty($file['file_path']) ? empty($file['tmp_bind_path']) ? false : $file['tmp_bind_path'] : preg_replace('#/([^/]+)$#', '/' . $prefix . '$1', $file['file_path']); if (empty($file) || !$filePath) { return false; } if (!preg_match('#' . WWW_ROOT . '#', $filePath)) { if (!empty($file['tmp_bind_path'])) { if (empty($file['model_id']) || file_exists($file['tmp_bind_path'])) { $file['model_id'] = 0; $file['file_name'] = preg_replace('#.+/([^/]+)$#', '$1', $file['tmp_bind_path']); } } // over 1.3 $prefixes = Configure::read('Routing.prefixes'); if (!$prefixes && Configure::read('Routing.admin')) { $prefixes = Configure::read('Routing.admin'); } $url = array(); foreach ((array) $prefixes as $p) { $url[$p] = false; } $url = array_merge($url, array('plugin' => 'filebinder', 'controller' => 'filebinder', 'action' => 'loader', $file['model'], $file['model_id'], $file['field_name'], Security::hash($file['model'] . $file['model_id'] . $file['field_name'] . $hash), $prefix . $file['file_name'])); return $url; } $src = preg_replace('#' . WWW_ROOT . '#', DS, $filePath); return $src; }
public function edit($id = null, $data = null, $conditions = []) { $conditions['User.id'] = $id; $user = $this->find('first', ['conditions' => $conditions]); if (empty($user)) { throw new OutOfBoundsException(__('Invalid Access', true)); } if (!empty($data)) { $this->set($data); if (empty($this->data['User']['update_password_flg'])) { unset($this->data['User']['password']); unset($this->data['User']['password_confirm']); } else { if (!empty($this->data['User']['password'])) { $this->data['User']['password'] = Security::hash($this->data['User']['password'], null, true); } if (!empty($this->data['User']['password_confirm'])) { $this->data['User']['password_confirm'] = Security::hash($this->data['User']['password_confirm'], null, true); } } $this->setValidation('edit'); $result = $this->save(null, true); if ($result) { $this->data = $result; return true; } else { throw new ValidationException(); } } else { unset($user['User']['password']); return $user; } }
public function import() { $file = $this->args[0]; App::import('Core', array('File', 'Security')); $file = new File($file); if (!$file->exists()) { $this->out('Error: File does not exist: ' . $file->name); return; } $row = 1; $handle = fopen($file->path, 'r'); // $this->User->deleteAll(array()); while (($data = fgetcsv($handle, 1000, ',')) !== FALSE) { $num = count($data); if ($num != 4) { continue; } $row++; $this->User->create(array('role' => 'user', 'username' => $data[1], 'password' => Security::hash($data[2], null, true), 'email' => $data[3])); if ($this->User->save()) { $this->out('Saved: ' . $data[1]); } else { $this->out('Error: Failed saving: ' . $data[1]); } } fclose($handle); }
public function admin_new() { $this->set('current_crumb', __('New Admin', true)); $this->set('title_for_layout', __('New Admin', true)); if (empty($this->data)) { $dataRoles = $this->User->Role->find('list', array('conditions' => array(), 'recursive' => -1, 'fields' => array('Role.id', 'Role.role_name'))); $this->set('dataRoles', $dataRoles); } else { // Redirect if the user pressed cancel if (isset($this->data['cancelbutton'])) { $this->redirect('/users/admin/'); die; } // Check for other users with this username $check_username = $this->User->find('count', array('conditions' => array('username' => $this->data['User']['username']))); if ($check_username > 0) { $this->Session->setFlash(__('Could not create user account. User exists.', true)); $this->redirect('/users/admin/'); die; } $this->request->data['User']['password'] = Security::hash($this->data['User']['password'], 'sha1', true); $this->User->save($this->data); // Set some default preferences $user_id = $this->User->getLastInsertId(); $this->Session->setFlash(__('Record created.', true)); $this->redirect('/users/admin/'); } }
/** * Validate Old Password from Database * @return bool */ public function validate_current_password() { $user = $this->find('first', array('conditions' => array('User.id' => AuthComponent::user('id')), 'fields' => array('secret'))); $storedHash = $user['User']['secret']; $newHash = Security::hash($this->data[$this->alias]['secretcurrent'], 'blowfish', $storedHash); return $storedHash == $newHash; }
public function login() { $errors = array(); $datas = array(); if (!empty($this->request->data)) { //verifications angularjs if (empty($this->request->data['username'])) { //validations username $errors['username'] = "******"; } if (empty($this->request->data['password'])) { //validations password $errors['password'] = '******'; } if (!empty($errors)) { //vcrifications d'erreurs $datas['success'] = false; $datas['errors'] = $errors; } //connexion $data = $this->request->data; $data['password'] = Security::hash($data['password'], 'sha1', true); $user = $this->User->find('first', array('conditions' => array('User.username' => $data['username'], 'User.password' => $data['password']))); if (!empty($user)) { if ($this->Auth->login($user['User'])) { $datas['success'] = true; $datas['message'] = 'Vous êtes connecté'; } } else { $datas['success'] = false; $datas['errors']['identifiant'] = 'Identifiants incorrects'; } echo json_encode($datas); } }
/** * CakePHP's beforeValidate callback. * * @return boolean * @access public */ public function beforeValidate() { parent::beforeValidate(); if (!empty($this->data)) { /** * An empty password value is never empty. The Auth module hashes * the empty value which makes it non-empty and fools the notEmpty * validation rule. This is bad. * * We want to recognize an empty password when we see one and * throw it out, so we have to make that adjustment manually. */ $empty_password = Security::hash('', null, true); if (isset($this->data[$this->alias]['password']) && $this->data[$this->alias]['password'] === $empty_password) { if (!empty($this->id)) { # When editing, just remove the data so no change is attempted. unset($this->data[$this->alias]['password']); unset($this->data[$this->alias]['confirm_password']); } else { # When creating, empty the value so it will be caught by validation. $this->data[$this->alias]['password'] = ''; $this->data[$this->alias]['confirm_password'] = ''; } } } return true; }
/** * Constructor * */ public function __construct() { parent::__construct(); foreach ($this->records as &$record) { $record['passwd'] = Security::hash($record['passwd'], null, true); } }
public function login() { $loginError = false; if (empty($this->request->data)) { $queryString = '?' . http_build_query($this->request->query); $this->set(compact('queryString', 'loginError')); } else { $this->log('Request data:', 'debug'); //$this->log( serialize($this->request->data), 'debug'); $email = $this->request->data['Token']['email']; $password = Security::hash($this->request->data['Token']['password'], 'md5'); $token = $this->Token->find('first', array('conditions' => array('and' => array('Token.email' => $email, 'password' => $password)))); if ($token) { $bearerTokenReceivingUrl = urldecode($this->request->query['client_bearer_token_receiving_url']); unset($this->request->query['client_bearer_token_receiving_url']); $this->request->query['bearer_token'] = $token['Token']['token']; $this->request->query['login_type'] = 'application'; return $this->redirect($bearerTokenReceivingUrl . '?' . http_build_query($this->request->query)); } else { $loginError = true; $queryString = '?' . http_build_query($this->request->query); $this->set(compact('queryString', 'loginError')); } } }
function hashPasswords($data, $enforce = false) { if (!empty($data['User']['password']) && $enforce) { $data['User']['password'] = Security::hash($data['User']['password'], null, true); } return $data; }
public function hashPasswords($data) { if (!isset($data['User']['name'])) { $data[$this->alias]['password'] = Security::hash($data[$this->alias]['password']); } return $data; }
function getActivationHash() { if (!isset($this->id)) { return false; } return Security::hash($this->field('username') . $this->field('created'), null, true); }
/** * 画像をユーザのディレクトリに移動します。 */ public function moveImage() { $this->log(__LINE__ . '::' . __METHOD__ . '::' . __('画像を登録開始-->') . print_r($this->request->data, true), 'debug'); // 引数チェック 空っぽだったら例外 if (empty($this->request->data['tmpFileName'])) { throw new Exception(json_encode(__('画像が指定されていません'))); } // 引数に指定してあるファイル名が存在するか確認します。存在しなければ例外 $this->log(__LINE__ . '::' . __METHOD__ . '::' . __('画像をチェック-->') . WWW_ROOT . MEDIA_TMP_DIR . '/' . $this->request->data['tmpFileName'], 'debug'); $fileExists = file_exists(WWW_ROOT . MEDIA_TMP_DIR . '/' . $this->request->data['tmpFileName']); if (!$fileExists) { throw new Exception(json_encode(__('画像の一時ファイルが見つかりません。'))); } // ファイルをユーザのディレクトリに移動する // もし、ユーザのディレクトリが存在しなければ作成してから移動する。 $this->log(__LINE__ . '::' . __METHOD__ . '::' . __('ディレクトリチェック-->') . WWW_ROOT . MEDIA_UPLAOD_DIR_BASE . '/' . AuthComponent::user('id'), 'debug'); $dirExists = file_exists(WWW_ROOT . MEDIA_UPLAOD_DIR_BASE . '/' . AuthComponent::user('id')); if (!$dirExists) { // ユーザのディレクトリが無いので作成。作成失敗したら例外 $mkDirResult = mkdir(WWW_ROOT . MEDIA_UPLAOD_DIR_BASE . '/' . AuthComponent::user('id')); if (!$mkDirResult) { throw new Exception(json_encode(__('ユーザディレクトリの作成に失敗しました'))); } } // 画像の拡張子を取得する $ext = pathinfo(WWW_ROOT . MEDIA_TMP_DIR . '/' . $this->request->data['tmpFileName'], PATHINFO_EXTENSION); // 移動 $userFileName = Security::hash(time() . rand(), 'sha1', true) . '.' . $ext; $this->log(__LINE__ . '::' . __METHOD__ . '::' . __('移動先ファイル-->') . WWW_ROOT . MEDIA_UPLAOD_DIR_BASE . '/' . AuthComponent::user('id') . '/' . $userFileName, 'debug'); $moveResult = rename(WWW_ROOT . MEDIA_TMP_DIR . '/' . $this->request->data['tmpFileName'], WWW_ROOT . MEDIA_UPLAOD_DIR_BASE . '/' . AuthComponent::user('id') . '/' . $userFileName); if (!$moveResult) { throw new Exception(json_encode(__('ファイルの移動に失敗しました。'))); } return $userFileName; }
/** * After migration callback * * @param string $direction, up or down direction of migration process * @return boolean Should process continue * @access public */ function after($direction) { $output = array(); // not used if ($direction === 'up') { if (!class_exists('Security')) { App::import('Core', 'Security'); } // create initial user $User = $this->generateModel('User'); $user = array('User' => array('username' => 'admin', 'password' => Security::hash('GuideOnTheSideAdmin#1', null, true), 'role_id' => 2, 'deleted' => 0)); $this->output('insert_data', 'admin user'); $User->save($user); // populate roles $Role = $this->generateModel('Role'); $roles = array(array('id' => 1, 'name' => 'creator'), array('id' => 2, 'name' => 'admin')); $this->output('insert_data', 'roles (' . implode(', ', Set::extract('{n}.name', $roles)) . ')'); $Role->saveAll($roles); if (isset($this->callback)) { // currently this just outputs a line break to the CLI $this->callback->afterMigration($this->callback, $direction); } } return true; }
public function changePassword($previousPass, $newPass) { /* * récupère l'ancien mot de passe et le nouveau * va dans la base de données et change le mdp à l'email concerné */ if (strcmp($previousPass, $newPass) != 0) { $change['Player']['email'] = AuthComponent::user('email'); $previousPass = Security::hash($previousPass); $searchOldPass = "******" . $change['Player']['email'] . "' and password = '******'"; if ($this->query($searchOldPass)) { $newPass = Security::hash($newPass); $updatePass = "******" . $newPass . "' Where email = '" . $change['Player']['email'] . "'"; if ($this->query($updatePass)) { return true; } return true; } else { return false; } return true; } else { return false; } }
public function beforeSave($options = array()) { if (isset($this->data[$this->alias]['password'])) { $this->data[$this->alias]['password'] = Security::hash($this->data[$this->alias]['password'], 'blowfish'); } return true; }
public function beforeSave($options = array()) { if ($this->data['Administrador']['senha']) { App::uses('Security', 'Utility'); $this->data['Administrador']['senha'] = Security::hash($this->data['Administrador']['senha'], null, true); } }
function step2($data) { //eseguo lo script MySQL if (!$this->mySqlInstall()) { $this->validationErrors['script_db'] = 'Errore nella compilazione del database'; return false; } //inserisco i dati di configurazione dell'utente admin App::import('model', 'User'); $User = new User(); $User->create(array('User' => array('first_name' => $data['admin_first_name'], 'last_name' => $data['admin_last_name'], 'username' => $data['admin_username'], 'password' => Security::hash($data['admin_pwd'], null, true), 'email' => $data['admin_email'], 'role' => 0, 'active' => 1))); if (!$User->save()) { return false; } //scrivo il file installed.txt nella directory config App::import('core', 'File'); $installedFile = new File(APP . 'config' . DS . 'installed.txt'); $installedFile->create(); //imposto correttamente i permessi sulle directories per la produzione if (!$this->setFolderPermissions($this->writableDirsForInstall, '0755')) { return false; } if (!$this->setFolderPermissions($this->writableDirsForProduction, '0755')) { return false; } //tutto ok return true; }
function hashPasswords($data) { if (!empty($data['User']['psword'])) { $data['User']['psword'] = Security::hash($data['User']['psword']); } return $data; }
/** * Generate authorization hash. * * @return string Hash * @access public * @static */ function generateAuthKey() { if (!class_exists('String')) { App::import('Core', 'String'); } return Security::hash(String::uuid()); }
public function beforeSave($options = array()) { if (!$this->id) { $this->data[$this->alias]['password'] = Security::hash($this->data[$this->alias]['password'], 'sha256', true); } return true; }