Exemplos de AccessKeyManager::generateKeyHash em PHP

Exemplo n.º 1

Arquivo: ReviewerHandler.inc.php Projeto: ramonsodoma/omp

 /**
  * Used by subclasses to validate access keys when they are allowed.
  * @param $userId int The user this key refers to
  * @param $reviewId int The ID of the review this key refers to
  * @param $newKey string The new key name, if one was supplied; otherwise, the existing one (if it exists) is used
  * @return object Valid user object if the key was valid; otherwise NULL.
  */
 function &validateAccessKey($userId, $reviewId, $newKey = null)
 {
     $press =& Request::getPress();
     if (!$press || !$press->getSetting('reviewerAccessKeysEnabled')) {
         $accessKey = false;
         return $accessKey;
     }
     define('REVIEWER_ACCESS_KEY_SESSION_VAR', 'ReviewerAccessKey');
     import('lib.pkp.classes.security.AccessKeyManager');
     $accessKeyManager = new AccessKeyManager();
     $session =& Request::getSession();
     // Check to see if a new access key is being used.
     if (!empty($newKey)) {
         if (Validation::isLoggedIn()) {
             Validation::logout();
         }
         $keyHash = $accessKeyManager->generateKeyHash($newKey);
         $session->setSessionVar(REVIEWER_ACCESS_KEY_SESSION_VAR, $keyHash);
     } else {
         $keyHash = $session->getSessionVar(REVIEWER_ACCESS_KEY_SESSION_VAR);
     }
     // Now that we've gotten the key hash (if one exists), validate it.
     $accessKey =& $accessKeyManager->validateKey('ReviewerContext', $userId, $keyHash, $reviewId);
     if ($accessKey) {
         $userDao =& DAORegistry::getDAO('UserDAO');
         $user =& $userDao->getUser($accessKey->getUserId(), false);
         return $user;
     }
     // No valid access key -- return NULL.
     return $accessKey;
 }

Exemplo n.º 2

Arquivo: ReviewerHandler.inc.php Projeto: utlib/ojs

 /**
  * Tests if the request contains a valid access token. If this is the case
  * the regular login process will be skipped
  *
  * @param $request PKPRequest
  * @return void
  */
 function _validateAccessKey($request)
 {
     $accessKeyCode = $request->getUserVar('key');
     $reviewId = $request->getUserVar('reviewId');
     if (!($accessKeyCode && $reviewId)) {
         return false;
     }
     // Check if the user is already logged in
     $sessionManager = SessionManager::getManager();
     $session = $sessionManager->getUserSession();
     if ($session->getUserId()) {
         return false;
     }
     import('lib.pkp.classes.security.AccessKeyManager');
     $reviewerSubmissionDao = DAORegistry::getDAO('ReviewerSubmissionDAO');
     $reviewerSubmission = $reviewerSubmissionDao->getReviewerSubmission($reviewId);
     // Validate the access key
     $context = $request->getContext();
     $accessKeyManager = new AccessKeyManager();
     $accessKeyHash = AccessKeyManager::generateKeyHash($accessKeyCode);
     $accessKey = $accessKeyManager->validateKey($context->getId(), $reviewerSubmission->getReviewerId(), $accessKeyHash);
     if (!$accessKey) {
         return false;
     }
     // Get the reviewer user object
     $userDao = DAORegistry::getDAO('UserDAO');
     $user = $userDao->getById($accessKey->getUserId());
     if (!$user) {
         return false;
     }
     // Register the user object in the session
     import('lib.pkp.classes.security.PKPValidation');
     $reason = null;
     if (PKPValidation::registerUserSession($user, $reason)) {
         $this->submission = $reviewerSubmission;
         $this->user = $user;
     }
 }

Exemplo n.º 3

Arquivo: RegistrationHandler.inc.php Projeto: LiteratimBi/jupitertfn

 /**
  * Check credentials and activate a new user
  * @author Marc Bria <*****@*****.**>
  */
 function activateUser($args)
 {
     $username = array_shift($args);
     $accessKeyCode = array_shift($args);
     $journal =& Request::getJournal();
     $userDao =& DAORegistry::getDAO('UserDAO');
     $user =& $userDao->getUserByUsername($username);
     if (!$user) {
         Request::redirect(null, 'login');
     }
     // Checks user & token
     import('security.AccessKeyManager');
     $accessKeyManager =& new AccessKeyManager();
     $accessKeyHash = AccessKeyManager::generateKeyHash($accessKeyCode);
     $accessKey =& $accessKeyManager->validateKey('RegisterContext', $user->getUserId(), $accessKeyHash);
     if ($accessKey != null && $user->getDateValidated() === null) {
         // Activate user
         $user->setDisabled(false);
         $user->setDisabledReason('');
         $user->setDateValidated(Core::getCurrentDate());
         $userDao->updateUser($user);
         $templateMgr =& TemplateManager::getManager();
         $templateMgr->assign('message', 'user.login.activated');
         return $templateMgr->display('common/message.tpl');
     }
     Request::redirect(null, 'login');
 }

Exemplo n.º 4

Arquivo: RegistrationHandler.inc.php Projeto: jprk/pkp-lib

 /**
  * Check credentials and activate a new user
  * @param $args array
  * @param $request PKPRequest
  */
 function activateUser($args, $request)
 {
     $username = array_shift($args);
     $accessKeyCode = array_shift($args);
     $userDao = DAORegistry::getDAO('UserDAO');
     $user = $userDao->getByUsername($username);
     if (!$user) {
         $request->redirect(null, 'login');
     }
     // Checks user and token
     import('lib.pkp.classes.security.AccessKeyManager');
     $accessKeyManager = new AccessKeyManager();
     $accessKeyHash = AccessKeyManager::generateKeyHash($accessKeyCode);
     $accessKey = $accessKeyManager->validateKey('RegisterContext', $user->getId(), $accessKeyHash);
     if ($accessKey != null && $user->getDateValidated() === null) {
         // Activate user
         $user->setDisabled(false);
         $user->setDisabledReason('');
         $user->setDateValidated(Core::getCurrentDate());
         $userDao->updateObject($user);
         $templateMgr = TemplateManager::getManager($request);
         $templateMgr->assign('message', 'user.login.activated');
         return $templateMgr->display('frontend/pages/message.tpl');
     }
     $request->redirect(null, 'login');
 }

Exemplo n.º 5

Arquivo: NotificationSettingsDAO.inc.php Projeto: master3395/CBPPlatform

 /**
  * Removes an email address and associated access key from email notifications
  * @param $email string
  * @param $password string
  * @return boolean
  */
 function unsubscribeGuest($email, $password)
 {
     $application =& PKPApplication::getApplication();
     $productName = $application->getName();
     $context =& Request::getContext();
     $contextId = $context->getId();
     $result =& $this->retrieve('SELECT setting_id FROM notification_settings WHERE setting_name = ? AND product = ? AND context = ?', array('mailList', $productName, (int) $contextId));
     $row = $result->GetRowAssoc(false);
     $userId = (int) $row['setting_id'];
     $result->Close();
     unset($result);
     import('lib.pkp.classes.security.AccessKeyManager');
     $accessKeyManager = new AccessKeyManager();
     $accessKeyHash = AccessKeyManager::generateKeyHash($password);
     $accessKey = $accessKeyManager->validateKey('MailListContext', $userId, $accessKeyHash);
     if ($accessKey) {
         $this->update('DELETE FROM notification_settings WHERE setting_name = ? AND setting_value = ? AND product = ? AND context = ?', array('mailList', $email, $productName, (int) $contextId));
         $accessKeyDao =& DAORegistry::getDAO('AccessKeyDAO');
         $accessKeyDao->deleteObject($accessKey);
         return true;
     } else {
         return false;
     }
 }