/**
* _setPassword
*
* Setter for the password column.
* This method will hash the password with the DefaultPasswordHasher class.
*
* @param string $password The clean password.
* @return string
*/
protected function _setPassword($password)
{
$hasher = new DefaultPasswordHasher();
return $hasher->hash($password);
}
/**
* Tests that a password not produced by DefaultPasswordHasher needs
* to be rehashed
*
* @return void
*/
public function testNeedsRehash()
{
$hasher = new DefaultPasswordHasher();
$this->assertTrue($hasher->needsRehash(md5('foo')));
$password = $hasher->hash('foo');
$this->assertFalse($hasher->needsRehash($password));
}
protected function _setPassword($value)
{
$hasher = new DefaultPasswordHasher();
return $hasher->hash($value);
// outra forma de realizar
// return (new DefaultPasswordHasher)->hash($value);
}
/**
* Tests that the password only needs to be re-built according to the first hasher
*
* @return void
*/
public function testNeedsRehash()
{
$hasher = new FallbackPasswordHasher(['hashers' => ['Default', 'Weak']]);
$weak = new WeakPasswordHasher();
$otherHash = $weak->hash('foo');
$this->assertTrue($hasher->needsRehash($otherHash));
$simple = new DefaultPasswordHasher();
$hash = $simple->hash('foo');
$this->assertFalse($hasher->needsRehash($hash));
}
protected function _setPassword($value)
{
if (!empty($value)) {
$hasher = new DefaultPasswordHasher();
return $hasher->hash($value);
} else {
$id_user = $this->_properties['id'];
$user = TableRegistry::get('Users')->recoverPassword($id_user);
return $user;
}
}
public function edit($id = null)
{
$user = $this->Users->get($id);
$this->set('title_for_layout', 'User : '******'Could not find that user.');
} else {
$this->set(compact('user'));
}
if ($this->request->is(['post', 'put'])) {
//Password hash
$password_hash = new DefaultPasswordHasher();
$this->request->data['password'] = $password_hash->hash($this->request->data['password']);
//Save
$this->Users->patchEntity($user, $this->request->data);
if ($this->Users->save($user)) {
$this->Flash->set('The user has been updated.', ['element' => 'alert-box', 'params' => ['class' => 'success']]);
return $this->redirect(['action' => 'users']);
}
$this->Flash->set('Unable to update the user.', ['element' => 'alert-box', 'params' => ['class' => 'danger']]);
}
}
/**
* Set up the admin and member password for the database.
*
* @param string $dir The application's root directory.
* @param \Composer\IO\IOInterface $io IO interface to write to console.
* @param string $newKey The new security.salt.
*
* @return void
*/
public static function setAccountPassword($dir, $io, $newKey = null)
{
if ($newKey == null) {
$io->write('The new Security.salt value is empty in config/app.php, can\'t set up the password.');
return;
}
$database = $dir . '/config/Schema/xeta.sql';
$content = file_get_contents($database);
$adminPass = '******';
$memberPass = '******';
$hasher = new DefaultPasswordHasher();
$replacement = [$hasher->hash($adminPass), $hasher->hash($memberPass)];
$search = ['__ADMINPASSWORD__', '__MEMBERPASSWORD__'];
$content = str_replace($search, $replacement, $content, $count);
if ($count != 2) {
$io->write('Error, there was no password to replace.');
return;
}
$result = file_put_contents($database, $content);
if ($result) {
$io->write('Set up Admin & Member passwords successfully !');
return;
}
$io->write('Unable to set up Admin & Member passwords.');
}
/**
* Update info method
*
* @param string|null $id User id.
* @return void Redirects on successful edit, renders view otherwise.
* @throws \Cake\Network\Exception\NotFoundException When record not found.
*/
public function update_info($id = null)
{
if (empty($id)) {
$id = $this->getUserId();
}
$user = $this->Users->get($id, ['contain' => []]);
if ($this->request->is(['patch', 'post', 'put'])) {
$update_data = $this->request->data;
$new_password = $update_data['new_password'];
$confirm_password = $update_data['confirm_password'];
$dph = new DefaultPasswordHasher();
if (!$dph->check($update_data['current_password'], $user['password'])) {
$this->Flash->error('Mật khẩu của bạn không chính xác. <br> Vui lòng thực hiện lại!');
} else {
//Kiểm tra password mới
if (empty($new_password)) {
if (!empty($confirm_password)) {
$this->Flash->error('Bạn chưa nhập password mới.');
}
} else {
if (empty($confirm_password)) {
$this->Flash->error('Bạn chưa xác nhận password mới.');
} else {
if (strcmp($new_password, $confirm_password) !== 0) {
$this->Flash->error('Chuỗi xác nhận không trùng với password mới. <br> Vui lòng kiểm tra lại.');
} else {
$update_data['password'] = $dph->hash($update_data['new_password']);
$update_data['updated_at'] = Time::now();
$user = $this->Users->patchEntity($user, $update_data);
if ($this->Users->save($user)) {
$this->Flash->success('Thông tin của bạn đã được cập nhật!');
return $this->redirect(['action' => 'index']);
} else {
$this->Flash->error('Cập nhật thông tin không thành công. Bạn vui lòng thử lại sau!');
}
}
}
}
}
}
$roles = $this->Users->Roles->find('list', ['limit' => 200]);
$this->set(compact('user', 'roles'));
$this->set('_serialize', ['user']);
}
public function index()
{
//Security
$base_dir = str_replace("webroot", "", getcwd());
$filename = $base_dir . 'src/Template/Themes/cakeblog/install.lock';
if (file_exists($filename)) {
$this->Flash->set('CakeBlog already installed.', ['element' => 'alert-box', 'params' => ['class' => 'success']]);
return $this->redirect(['controller' => 'Pages', 'action' => 'home']);
}
//Load theme
$this->viewBuilder()->templatePath('Themes/' . CAKEBLOG_THEME);
$this->render('install.index');
if ($this->request->is(['post', 'put'])) {
$connection = ConnectionManager::get('default');
$sql_articles = "CREATE TABLE IF NOT EXISTS articles(\n\t\t\t\t\t\t\t\tid INT( 11 ) UNSIGNED NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t\t\tpost_type_id INT( 11 ) NOT NULL,\n\t\t\t\t\t\t\t\tuser_id INT( 11 ) NOT NULL,\n\t\t\t\t\t\t\t\tcategory_id INT( 11 ) NOT NULL,\n\t\t\t\t\t\t\t\ttitle TEXT NOT NULL,\n\t\t\t\t\t\t\t\tslug TEXT NOT NULL,\n\t\t\t\t\t\t\t\tbody TEXT NOT NULL,\n\t\t\t\t\t\t\t\tfeatured TEXT NOT NULL,\n\t\t\t\t\t\t\t\tslider INT( 11 ) NOT NULL,\n\t\t\t\t\t\t\t\tstatus INT( 11 ) NOT NULL,\n\t\t\t\t\t\t\t\tmetadescription TEXT NULL,\n\t\t\t\t\t\t\t\tmetakeywords TEXTa NULL,\n\t\t\t\t\t\t\t\tcreated_at TIMESTAMP NOT NULL,\n\t\t\t\t\t\t\t\tupdated_at TIMESTAMP NOT NULL,\n\t\t\t\t\t\t\t\tPRIMARY KEY (id)\n\t\t\t\t\t\t\t\t)";
$connection->query($sql_articles);
$sql_categories = "CREATE TABLE IF NOT EXISTS categories(\n\t\t\t\t\t\t\t\tid INT( 11 ) UNSIGNED NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t\t\tpost_type_id INT( 11 ) NOT NULL,\n\t\t\t\t\t\t\t\ttitle TEXT NOT NULL,\n\t\t\t\t\t\t\t\tslug TEXT NOT NULL,\n\t\t\t\t\t\t\t\tbody TEXT NOT NULL,\n\t\t\t\t\t\t\t\tmetadescription TEXT NULL,\n\t\t\t\t\t\t\t\tmetakeywords TEXT NULL,\n\t\t\t\t\t\t\t\tPRIMARY KEY (id)\n\t\t\t\t\t\t\t\t)";
$connection->query($sql_categories);
$sql_navigation = "CREATE TABLE IF NOT EXISTS navigation(\n\t\t\t\t\t\t\t\tid INT( 11 ) UNSIGNED NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t\t\tparent_id INT( 11 ) NULL,\n\t\t\t\t\t\t\t\ttitle TEXT NOT NULL,\n\t\t\t\t\t\t\t\turl TEXT NOT NULL,\n\t\t\t\t\t\t\t\ttarget TEXT NOT NULL,\n\t\t\t\t\t\t\t\tposition INT( 11 ) NOT NULL,\n\t\t\t\t\t\t\t\tPRIMARY KEY (id)\n\t\t\t\t\t\t\t\t)";
$connection->query($sql_navigation);
$sql_pages = "CREATE TABLE IF NOT EXISTS pages(\n\t\t\t\t\t\t\t\tid INT( 11 ) UNSIGNED NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t\t\ttitle TEXT NOT NULL,\n\t\t\t\t\t\t\t\tslug TEXT NOT NULL,\n\t\t\t\t\t\t\t\tbody TEXT NOT NULL,\n\t\t\t\t\t\t\t\tmetadescription TEXT NULL,\n\t\t\t\t\t\t\t\tmetakeywords TEXT NULL,\n\t\t\t\t\t\t\t\tPRIMARY KEY (id)\n\t\t\t\t\t\t\t\t)";
$connection->query($sql_pages);
$sql_post_type = "CREATE TABLE IF NOT EXISTS post_type(\n\t\t\t\t\t\t\t\tid INT( 11 ) UNSIGNED NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t\t\ttitle TEXT NOT NULL,\n\t\t\t\t\t\t\t\tslug TEXT NOT NULL,\n\t\t\t\t\t\t\t\tbody TEXT NOT NULL,\n\t\t\t\t\t\t\t\tmetadescription TEXT NULL,\n\t\t\t\t\t\t\t\tmetakeywords TEXT NULL,\n\t\t\t\t\t\t\t\tPRIMARY KEY (id)\n\t\t\t\t\t\t\t\t)";
$connection->query($sql_post_type);
$sql_users = "CREATE TABLE IF NOT EXISTS users(\n\t\t\t\t\t\t\t\tid INT( 11 ) UNSIGNED NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t\t\tfull_name VARCHAR( 255 ) NOT NULL,\n\t\t\t\t\t\t\t\tusername VARCHAR( 255 ) NOT NULL,\n\t\t\t\t\t\t\t\tpassword VARCHAR( 255 ) NOT NULL,\n\t\t\t\t\t\t\t\trole VARCHAR( 255 ) NOT NULL,\n\t\t\t\t\t\t\t\tbody TEXT NOT NULL,\n\t\t\t\t\t\t\t\tprofile_image TEXT NOT NULL,\n\t\t\t\t\t\t\t\tPRIMARY KEY (id)\n\t\t\t\t\t\t\t\t)";
$connection->query($sql_users);
$full_name = $this->request->data['full_name'];
$username = $this->request->data['username'];
$password_hash = new DefaultPasswordHasher();
$password = $password_hash->hash($this->request->data['password']);
$role = 'admin';
$body = $this->request->data['body'];
$sql_insert_user = "******" . $full_name . "', '" . $username . "', '" . $password . "', '" . $role . "', {$body}, '');";
$connection->query($sql_insert_user);
$search_sidebar = '<h2>Search</h2>
<form action="<?php echo BASE_URL; ?>/search" method="get">
<input name="category" type="hidden" value="1" />
<div class="row">
<div class="col-sm-8">
<input class="form-control" name="keyword" type="text" placeholder="Search..." />
</div>
<div class="col-sm-4">
<input class="btn btn-primary" name="Search" type="submit" />
</div>
</div>
</form>';
$sql_insert_sidebar = "INSERT INTO sidebar (id, title, body, position) VALUES (NULL, 'Search', '" . $search_sidebar . "', 0);";
$connection->query($sql_insert_sidebar);
$categories_sidebar = '<div class="list-group">
<?php
$base_url = BASE_URL;
foreach ($cat_array as $sidebar_category) {
//if($sidebar_category[\'post_type\'] == 2) {
echo \'<a class="list-group-item" href="\'.$base_url.\'/category/\'.$sidebar_category[\'id\'].\'/\'.$sidebar_category[\'slug\'].\'">\'.$sidebar_category[\'title\'].\' <span class="badge">\'.$sidebar_category[\'count\'].\'</span></a>\';
}
//}
?>
</div>';
$sql_insert_sidebar = "INSERT INTO sidebar (id, title, body, position) VALUES (NULL, 'Categories', '" . $categories_sidebar . "', 1);";
$connection->query($sql_insert_sidebar);
$about_page_body = '<p>CakeBlog is an open source blogging software. Written by <a href="http://georgewhitcher.com">George Whitcher</a> in PHP with the CakePHP framework.</p>
<p>This project was started for my personal blogging and has been rewritten in Codeigniter, Laravel and now CakePHP. CakePHP is my favorite framework and more can be learned about CakePHP by visiting their <a title="CakePHP" href="http://cakephp.org" target="_blank">website</a>. </p>
<p>If you are having issues with CakeBlog please submit them to the "issues" section on it's repository.</p>';
$about_page_metadescription = 'Welcome to CakeBlog! An open source blog software. Written by George Whitcher in PHP with the CakePHP framework.';
$about_page_metakeywords = 'cakeblog, cakephp, blog, open source';
$sql_insert_about_page = "INSERT INTO pages (id, title, slug, body, metadescription, metakeywords) VALUES (NULL, 'About', 'about', '" . $about_page_body . "', '" . $about_page_metadescription . "', '" . $about_page_metakeywords . "');";
$connection->query($sql_insert_about_page);
$article_body = '<p>Welcome to CakeBlog! An open source blog software. Written by <a title="George Whitcher - Web Developer" href="http://georgewhitcher.com" target="_blank">George Whitcher</a> in PHP with the CakePHP framework.</p>';
$article_featured = BASE_URL . '/uploads/articles/featured/cover-1200x400.jpg';
$article_metadescription = 'Welcome to CakeBlog! An open source blog software. Written by George Whitcher in PHP with the CakePHP framework.';
$article_metakeywords = 'cakeblog, cakephp, blog, open source';
$article_date = date('Y-m-d H:i:s');
$sql_insert_article = "INSERT INTO articles (id, post_type_id, user_id, category_id, title, slug, body, featured, slider, status, metadescription, metakeywords, created_at, updated_at) VALUES (NULL, 0, 1, 1, 'Welcome to CakeBlog', 'welcome-to-cakeblog', '" . $article_body . "', '" . $article_featured . "', 1, 1 '" . $article_metadescription . "', '" . $article_metakeywords . "', '" . $article_date . "', '" . $article_date . "');";
$connection->query($sql_insert_article);
$category_metadescription = 'Welcome to CakeBlog! An open source blog software. Written by George Whitcher in PHP with the CakePHP framework.';
$category_metakeywords = 'cakeblog, cakephp, blog, open source';
$sql_insert_category = "INSERT INTO categories (id, title, slug, body, metadescription, metakeywords) VALUES (NULL, 'Uncategorized', 'uncategorized', '" . $category_metadescription . "', '" . $category_metakeywords . "');";
$connection->query($sql_insert_category);
//lock
fopen($filename, "w");
$this->Flash->set('CakeBlog has been installed. Please delete "/src/InstallController.php" for your security.', ['element' => 'alert-box', 'params' => ['class' => 'success']]);
return $this->redirect(['controller' => 'Pages', 'action' => 'display', 'home']);
}
}
protected function _setPassword($value)
{
$hasher = new DefaultPasswordHasher();
// cake hashes with bcrycpt
return $hasher->hash($value);
}
/**
* method init
*
* @return void
*/
public function init()
{
$hasher = new DefaultPasswordHasher();
$this->records = [['nom' => 'User', 'prenom' => 'First', 'fullname_slug' => 'first_user', 'email' => EMAIL_TO_TEST, 'password' => $hasher->hash('juVni4tr3'), 'role' => 'admin', 'actif' => true, 'created' => '2007-03-18 10:39:23', 'updated' => '2007-03-18 10:41:31'], ['nom' => 'User', 'prenom' => 'Second', 'fullname_slug' => 'second_user', 'email' => '*****@*****.**', 'password' => $hasher->hash('HuaB78lo'), 'actif' => true, 'change_pass_code' => '2400fd3226c673532e8e68d35c8c31115a83f6c3', 'change_pass_date' => '2014-02-04 09:30:21', 'created' => '2007-03-18 10:41:23', 'updated' => '2007-03-18 10:43:31'], ['nom' => 'User', 'prenom' => 'Third', 'fullname_slug' => 'third_user', 'email' => '*****@*****.**', 'password' => $hasher->hash('Mak66uruck'), 'actif' => true, 'created' => '2007-03-18 10:43:23', 'updated' => '2007-03-18 10:45:31']];
parent::init();
}
public function beforeSave(Event $event)
{
$entity = $event->data['entity'];
// Make a password for digest auth.
$entity->digest_hash = DigestAuthenticate::password($entity->username, 'Rho9Sigma', env('SERVER_NAME'));
if ($entity->authrole === 'admin') {
$hasher = new DefaultPasswordHasher();
// Generate an API 'token'
$entity->api_key_plain = sha1(Text::uuid());
// Bcrypt the token so BasicAuthenticate can check
// it during login.
$entity->api_key = $hasher->hash($entity->api_key_plain);
}
return true;
}
/**
* hash methdo
* Creates a hashed password using the DefaultPasswordHaser class
* @param string $value Plani text password
* @return string Hashed passowrd
*/
public function hash($value)
{
$hasher = new DefaultPasswordHasher();
return $hasher->hash($value);
}
/**
* Setup or update password if isset pass and pass confirm in request data.
*
* @param \ArrayObject $data
*/
protected function _setupPassword(\ArrayObject $data)
{
if ($data['password'] === $data['password_confirm']) {
$hasher = new DefaultPasswordHasher();
$data['password'] = $hasher->hash($data['password']);
$data['password_confirm'] = $data['password'];
}
}
public function beforeSave(\Cake\Event\Event $event, \Cake\ORM\Entity $entity, \ArrayObject $options)
{
$hasher = new DefaultPasswordHasher();
$entity->password = $hasher->hash($entity->password);
return true;
}
protected function _setSenha($value)
{
$hasher = new DefaultPasswordHasher();
return $hasher->hash($value);
}
public static function hashedPassword($pw)
{
$hasher = new DefaultPasswordHasher();
return $hasher->hash($pw);
// 内部でpassword_hash()を使う。
}