Exemplo n.º 1
0
 /**
  * Accept the last modified time of resource.
  *
  * The constructor for this class accepts The (local) time at which the
  * data that is being served was last modified.
  *
  * @param int  $last_modified  local time at which resource was last modified
  * @param T_Response_Filter $filter  The prior filter object
  */
 function __construct($last_modified, T_Environment $env, T_Response_Filter $filter = null)
 {
     parent::__construct($filter);
     $this->lm = (int) $last_modified;
     $server = $env->input('SERVER');
     $this->server = $server ? $server : new T_Cage_Array(array());
 }
Exemplo n.º 2
0
 /**
  * Create cookie auth driver.
  *
  * @param T_Db $db
  * @param T_Environment $env
  * @param string $key  cookie name
  */
 function __construct(T_Db $db, T_Environment $env, $key = 'auth')
 {
     $this->key = $key;
     $this->db = $db;
     $this->cookie = $env->input('COOKIE');
     if (!$this->cookie) {
         throw new InvalidArgumentException("No COOKIE available in environment");
     }
 }
Exemplo n.º 3
0
 /**
  * Create IP hammer lock protection.
  *
  * @param T_Db $db
  * @param T_Environment $env
  * @param int $threshold  consecutive login failures before lock applied
  * @param int $lock_duration  length of a lockdown in seconds
  */
 function __construct(T_Db $db, T_Environment $env, $threshold = 15, $lock_duration = 3600)
 {
     $this->db = $db;
     $this->threshold = $threshold;
     $this->duration = $lock_duration;
     // parse out IP address.
     $s = $env->input('SERVER');
     if ($s && $s->exists('REMOTE_ADDR')) {
         $this->ip = $s->asScalar('REMOTE_ADDR')->filter('ip2long')->uncage();
     }
 }
Exemplo n.º 4
0
 /**
  * Pre-filter validates the form.
  *
  * @param T_Response $response  encapsulated response to filter
  */
 protected function doPreFilter(T_Response $response)
 {
     if ($this->form->isSubmitted($get = $this->env->input('GET'))) {
         $this->form->validate($get);
     }
 }
Exemplo n.º 5
0
 /**
  * Is the request an Ajax request?
  *
  * @return bool
  */
 function isAjax()
 {
     return $this->env->isAjax();
 }
Exemplo n.º 6
0
 /**
  * Pre-filter actions any submission, or prepares the form.
  *
  * @param T_Response $response  encapsulated response to filter
  */
 protected function doPreFilter(T_Response $response)
 {
     $t_field = $this->form->getAlias() . '_timeout';
     $l_field = $this->form->getAlias() . '_thread_lock';
     $s_field = $this->form->getAlias() . '_salt';
     // prepare form:
     //   (a) add thread lock if required
     //   (b) add timeout
     $timeout = new T_Form_Hidden($t_field, $this->timeout + time());
     $this->form->addChild($timeout);
     if ($this->lock_to) {
         $lock_to = new T_Form_Hidden($l_field, $this->lock_to);
         $this->form->addChild($lock_to);
     }
     // process form if is POST:
     if ($this->env->isMethod('POST')) {
         try {
             // create salt field and validate to get salt
             $salt = new T_Form_Hidden($s_field, null);
             if ($salt->isSubmitted($this->env->input('POST'))) {
                 $salt->validate($this->env->input('POST'));
             }
             // salt form and validate
             if ($salt->isPresent() && $salt->isValid()) {
                 $salt = $salt->getValue();
                 $this->form->setFieldnameSalt($salt, $this->hash);
                 if ($this->form->isSubmitted($this->env->input('POST'))) {
                     $this->form->validate($this->env->input('POST'));
                 }
             }
             // check timeout and thread lock
             if ($this->form->isPresent() && $this->form->isValid()) {
                 // check timeout
                 $timeout = $this->form->search($t_field)->getValue();
                 if ($timeout < time()) {
                     $msg = 'This form has expired. Please submit the form ' . 'again to complete your request.';
                     throw new T_Exception_Filter($msg);
                 }
                 // check lock thread
                 if ($this->lock_to) {
                     $lock_to = $this->form->search($l_field)->getValue();
                     if (strcmp($lock_to, $this->lock_to) !== 0) {
                         $msg = 'A technical error occurred at our end, sorry. ' . 'Please submit the form again.';
                         throw new T_Exception_Filter($msg);
                     }
                 }
             }
         } catch (T_Exception_Filter $e) {
             $this->form->setError(new T_Form_Error($e->getMessage()));
         }
     }
     // ready form for redisplay (remember an error may be added in the POST
     // method so make even a valid form ready for display).
     //   (a) Set form forward as same page
     //   (b) Salt form and add salt hidden input
     //   (c) Reset timeout from now
     $this->form->setForward($this->env->getRequestUrl()->setParameters($this->env->input('GET')->uncage()));
     $salt = uniqid(rand(), true);
     $this->form->setFieldnameSalt($salt, $this->hash);
     $this->form->addChild(new T_Form_Hidden($s_field, $salt));
     // note that the salt hidden input is added *after* the form is
     // salted as this input needs to be plain.
     $this->form->search($t_field)->setValue($this->timeout + time());
 }