/** * Attempt to authenticate the username and password pair. * * @return string|boolean A string containing a username if authentication is successful, false otherwise. * * @since 1.0 */ public function authenticate() { $username = $this->input->get('username', false, 'username'); $password = $this->input->get('password', false, 'raw'); if (!$username || !$password) { $this->status = Authentication::NO_CREDENTIALS; return false; } return $this->doAuthenticate($username, $password); }
/** * Parse the given route and return the name of a controller mapped to the given route. * * @param string $route The route string for which to find and execute a controller. * * @return string The controller name for the given route excluding prefix. * * @since 1.0 * @throws \InvalidArgumentException */ protected function parseRoute($route) { $controller = false; // Trim the query string off. $route = preg_replace('/([^?]*).*/u', '\\1', $route); // Sanitize and explode the route. $route = trim(parse_url($route, PHP_URL_PATH), ' /'); // If the route is empty then simply return the default route. No parsing necessary. if ($route == '') { return $this->default; } // Iterate through all of the known route maps looking for a match. foreach ($this->maps as $rule) { if (preg_match($rule['regex'], $route, $matches)) { // If we have gotten this far then we have a positive match. $controller = $rule['controller']; // Time to set the input variables. // We are only going to set them if they don't already exist to avoid overwriting things. foreach ($rule['vars'] as $i => $var) { $this->input->def($var, $matches[$i + 1]); // Don't forget to do an explicit set on the GET superglobal. $this->input->get->def($var, $matches[$i + 1]); } $this->input->def('_rawRoute', $route); break; } } // We were unable to find a route match for the request. Panic. if (!$controller) { throw new \InvalidArgumentException(sprintf('Unable to handle request for route `%s`.', $route), 404); } return $controller; }
/** * Test the Joomla\Input\Input::serialize method. * * @return void * * @covers Joomla\Input\Input::serialize * @since 1.0 */ public function testSerialize() { // Load the inputs so that the static $loaded is set to true. TestHelper::invoke($this->instance, 'loadAllInputs'); // Adjust the values so they are easier to handle. TestHelper::setValue($this->instance, 'inputs', array('server' => 'remove', 'env' => 'remove', 'request' => 'keep')); TestHelper::setValue($this->instance, 'options', 'options'); TestHelper::setValue($this->instance, 'data', 'data'); $this->assertThat($this->instance->serialize(), $this->equalTo('a:3:{i:0;s:7:"options";i:1;s:4:"data";i:2;a:1:{s:7:"request";s:4:"keep";}}')); }
/** * Attempt to authenticate the username and password pair. * * @return string|boolean A string containing a username if authentication is successful, false otherwise. * * @since 1.0 */ public function authenticate() { $method = $this->input->getMethod(); $username = $this->input->{$method}->get('username', false, 'username'); $password = $this->input->{$method}->get('password', false, 'raw'); if (!$username || !$password) { $this->status = Authentication::NO_CREDENTIALS; return false; } if (!isset($this->credentialStore[$username])) { $this->status = Authentication::NO_SUCH_USER; return false; } $hash = $this->credentialStore[$username]; if (!password_verify($password, $hash)) { $this->status = Authentication::INVALID_CREDENTIALS; return false; } $this->status = Authentication::SUCCESS; return $username; }
/** * Gets a value from the input data. * * @param string $name Name of the value to get. * @param mixed $default Default value to return if variable does not exist. * @param string $filter Filter to apply to the value. * * @return mixed The filtered input value. * * @since 1.0 */ public function get($name, $default = null, $filter = 'string') { return parent::get($name, $default, $filter); }
/** * Start a session. * * Creates a session (or resumes the current one based on the state of the session) * * @return boolean true on success * * @since 1.0 * @deprecated 2.0 */ protected function _start() { // Start session if not started if ($this->getState() === 'restart') { session_regenerate_id(true); } else { $session_name = session_name(); // Get the Joomla\Input\Cookie object $cookie = $this->input->cookie; if (is_null($cookie->get($session_name))) { $session_clean = $this->input->get($session_name, false, 'string'); if ($session_clean) { session_id($session_clean); $cookie->set($session_name, '', time() - 3600); } } } /** * Write and Close handlers are called after destructing objects since PHP 5.0.5. * Thus destructors can use sessions but session handler can't use objects. * So we are moving session closure before destructing objects. * * Replace with session_register_shutdown() when dropping compatibility with PHP 5.3 */ register_shutdown_function('session_write_close'); session_cache_limiter('none'); session_start(); return true; }
/** * Frees all session variables and destroys all data registered to a session * * This method resets the $_SESSION variable and destroys all of the data associated * with the current session in its storage (file or DB). It forces new session to be * started after this method is called. It does not unset the session cookie. * * @return boolean True on success * * @see session_destroy() * @see session_unset() * @since 1.0 */ public function destroy() { // Session was already destroyed if ($this->getState() === 'destroyed') { return true; } /* * In order to kill the session altogether, such as to log the user out, the session id * must also be unset. If a cookie is used to propagate the session id (default behavior), * then the session cookie must be deleted. */ if (isset($_COOKIE[session_name()])) { $this->input->cookie(session_name(), '', 1); } session_unset(); session_destroy(); $this->setState('destroyed'); return true; }