Пример #1
0
 public function testEncryptDecrypt()
 {
     $this->assertEquals(Cii::decrypt(Cii::encrypt(1)), 1);
     // Integer
     $this->assertEquals(Cii::decrypt(Cii::encrypt("1")), "1");
     // String integer
     $this->assertEquals(Cii::decrypt(Cii::encrypt(3.14)), 3.14);
     // Float
     $this->assertEquals(Cii::decrypt(Cii::encrypt("3.14")), "3.14");
     // String float
     $this->assertEquals(Cii::decrypt(Cii::encrypt("string")), "string");
     // String
     // Test a variety of hashes of various sizes generated by Cii::generateSafeHash()
     $hash1 = Cii::generateSafeHash(4);
     $this->assertEquals(Cii::decrypt(Cii::encrypt($hash1)), $hash1);
     $hash2 = Cii::generateSafeHash(16);
     $this->assertEquals(Cii::decrypt(Cii::encrypt($hash2)), $hash2);
     $hash3 = Cii::generateSafeHash(32);
     $this->assertEquals(Cii::decrypt(Cii::encrypt($hash3)), $hash3);
     $hash4 = Cii::generateSafeHash(64);
     $this->assertEquals(Cii::decrypt(Cii::encrypt($hash4)), $hash4);
     $hash5 = Cii::generateSafeHash(128);
     $this->assertEquals(Cii::decrypt(Cii::encrypt($hash5)), $hash5);
     $hash6 = Cii::generateSafeHash(256);
     $this->assertEquals(Cii::decrypt(Cii::encrypt($hash6)), $hash6);
     $hash7 = Cii::generateSafeHash(512);
     $this->assertEquals(Cii::decrypt(Cii::encrypt($hash7)), $hash7);
 }
Пример #2
0
 /**
  * Forces a password to be assigned before the user can proceed to the previous page
  * @param $id - ID of the content we want to investigate
  **/
 public function actionPassword($id = NULL)
 {
     $this->setPageTitle(Yii::t('ciims.controllers.Content', '{{app_name}} | {{label}}', array('{{app_name}}' => Cii::getConfig('name', Yii::app()->name), '{{label}}' => Yii::t('ciims.controllers.Content', 'Password Required'))));
     if ($id == NULL) {
         $this->redirect(Yii::app()->user->returnUrl);
     }
     // Set some default data
     if (Cii::get(Cii::get($_SESSION, 'password', array()), $id, NULL) == NULL) {
         $_SESSION['password'][$id] = array('tries' => 0, 'expires' => time() + 300);
     }
     // If the number of attempts is >= 3
     if (Cii::get(Cii::get(Cii::get($_SESSION, 'password', array()), $id, array()), 'tries', 0) >= 3) {
         // If the expires time has already passed, unlock the account
         if (Cii::get(Cii::get(Cii::get($_SESSION, 'password', array()), $id, array()), 'expires', 0) <= time()) {
             $_SESSION['password'][$id] = array('tries' => 0, 'expires' => time() + 300);
         } else {
             // Otherwise prevent access to it
             Yii::app()->user->setFlash('error', Yii::t('ciims.controllers.Content', 'Too many password attempts. Please try again in 5 minutes'));
             unset($_POST['password']);
             $_SESSION['password'][$id]['expires'] = time() + 300;
         }
     }
     if (Cii::get($_POST, 'password', NULL) !== NULL) {
         $content = Content::model()->findByPk($id);
         $encrypted = Cii::encrypt(Cii::get($_POST, 'password'));
         if ($encrypted == $content->attributes['password']) {
             $_SESSION['password'][$id]['password'] = $encrypted;
             $_SESSION['password'][$id]['tries'] = 0;
             $this->redirect(Yii::app()->createUrl($content->attributes['slug']));
         } else {
             Yii::app()->user->setFlash('error', Yii::t('ciims.controllers.Content', 'Incorrect password'));
             $_SESSION['password'][$id]['tries'] = $_SESSION['password'][$id]['tries'] + 1;
             $_SESSION['password'][$id]['expires'] = time() + 300;
         }
     }
     $this->layout = 'password';
     $this->render('password', array('id' => $id));
 }
Пример #3
0
 /**
  * Allow some override values
  * @return parent::beforeSave();
  */
 public function beforeSave()
 {
     if (($allow_api = Cii::get(Cii::getCiiConfig(), 'allow_api', true)) == false) {
         $this->attributes['enableAPI'] = $this->enableAPI = (int) $allow_api;
     }
     // Encrypt the Openstack API Key
     if ($this->attributes['openstack_apikey'] != NULL && $this->attributes['openstack_apikey'] != "") {
         $this->attributes['openstack_apikey'] = $this->openstack_apikey = Cii::encrypt($this->attributes['openstack_apikey']);
     }
     return parent::beforeSave();
 }
Пример #4
0
 /**
  * Handles the creation and editing of Content models.
  * If no id is provided, a new model will be created. Otherwise attempt to edit
  * @param int $id   The ContentId of the model we want to manipulate
  */
 public function actionSave($id = NULL)
 {
     $version = 0;
     $theme = Cii::getConfig('theme', 'default');
     $viewFiles = $this->getViewFiles($theme);
     $layouts = $this->getLayouts($theme);
     // Editor Preferences
     $preferMarkdown = Cii::getConfig('preferMarkdown', false);
     if ($preferMarkdown == NULL) {
         $preferMarkdown = false;
     } else {
         $preferMarkdown = (bool) $preferMarkdown;
     }
     // Determine what we're doing, new model or existing one
     if ($id == NULL) {
         $model = new Content();
         $model->savePrototype();
         $this->redirect($this->createUrl('/dashboard/content/save/id/' . $model->id));
     } else {
         $model = Content::model()->findByPk($id);
         if ($model == NULL) {
             throw new CHttpException(400, Yii::t('Dashboard.main', 'We were unable to retrieve a post with that id. Please do not repeat this request again.'));
         }
         // Determine the version number based upon the count of existing rows
         // We do this manually to make sure we have the correct data
         $version = Content::model()->countByAttributes(array('id' => $id));
     }
     $role = Yii::app()->user->role;
     if ($role != 7 && $role != 9) {
         if ($model->author_id != Yii::app()->user->id) {
             throw new CHttpException(401, Yii::t('Dashboard.main', 'You are not authorized to perform this action.'));
         }
     }
     if (Cii::get($_POST, 'Content') !== NULL) {
         $model2 = new Content();
         $model2->attributes = Cii::get($_POST, 'Content', array());
         if (Cii::get($_POST['Content'], 'password', "") != "") {
             $model2->password = Cii::encrypt($_POST['Content']['password']);
         } else {
             $model2->password = "";
         }
         // For some reason this isn't setting with the other data
         $model2->extract = $_POST['Content']['extract'];
         $model2->id = $id;
         $model2->vid = $model->vid + 1;
         $model2->viewFile = Cii::get($_POST['Content'], 'view', 'blog');
         $model2->layoutFile = Cii::get($_POST['Content'], 'layout', 'blog');
         $model2->created = $_POST['Content']['created'];
         $model2->commentable = Cii::get($_POST['Content'], 'commentable', 1);
         $model2->type_id = Cii::get($_POST['Content'], 'type_id', 2);
         $model2->published = Cii::get($_POST['Content'], 'published', NULL);
         $time = strtotime($model2->published . $_POST['timezone']);
         $published = date('Y-m-d H:i:s', $time);
         $model2->published = $published;
         if ($model->author_id != Yii::app()->user->id) {
             $model2->author_id = $model->author_id;
         }
         // Prevent editors and collaborators from publishing acticles
         if ($role == 5 || $role == 7) {
             if ($model2->status == 1) {
                 $model2->status = 2;
             }
         }
         if ($model2->save()) {
             Yii::app()->user->setFlash('success', Yii::t('Dashboard.main', 'Content has been updated.'));
             // TODO: This should eventually be an Ajax Request as part of an APIController rather than being baked into this.
             if (Yii::app()->request->isAjaxRequest) {
                 echo CJSON::encode($model2->attributes);
                 return true;
             }
             $this->redirect(array('save', 'id' => $model2->id));
         } else {
             foreach ($model2->attributes as $k => $v) {
                 $model->{$k} = $v;
             }
             $model->vid = $model2->vid - 1;
             $model->addErrors($model2->getErrors());
             Yii::app()->user->setFlash('error', Yii::t('Dashboard.main', 'There was an error saving your content. Please try again.'));
         }
     }
     $this->render('save', array('model' => $model, 'id' => $id, 'version' => $version, 'preferMarkdown' => $preferMarkdown, 'views' => $viewFiles, 'layouts' => $layouts, 'canPublish' => Yii::app()->user->role != 7 && Yii::app()->user->role != 5));
 }
Пример #5
0
 /**
  * Validates passwords by encrypting them for storage
  * @param  mixed $attribute
  * @param  mixed $params
  * @return true
  */
 public function password($attribute, $params)
 {
     $this->attributes[$attribute] = $this->{$attribute} = Cii::encrypt($this->{$attribute});
     return true;
 }