/**
* Attempt to authenticate the username and password pair.
*
* @return string|boolean A string containing a username if authentication is successful, false otherwise.
*
* @since 1.0
*/
public function authenticate()
{
$username = $this->input->get('username', false, 'username');
$password = $this->input->get('password', false, 'raw');
if (!$username || !$password) {
$this->status = Authentication::NO_CREDENTIALS;
return false;
}
return $this->doAuthenticate($username, $password);
}
/**
* Parse the given route and return the name of a controller mapped to the given route.
*
* @param string $route The route string for which to find and execute a controller.
*
* @return string The controller name for the given route excluding prefix.
*
* @since 1.0
* @throws \InvalidArgumentException
*/
protected function parseRoute($route)
{
$controller = false;
// Trim the query string off.
$route = preg_replace('/([^?]*).*/u', '\\1', $route);
// Sanitize and explode the route.
$route = trim(parse_url($route, PHP_URL_PATH), ' /');
// If the route is empty then simply return the default route. No parsing necessary.
if ($route == '') {
return $this->default;
}
// Iterate through all of the known route maps looking for a match.
foreach ($this->maps as $rule) {
if (preg_match($rule['regex'], $route, $matches)) {
// If we have gotten this far then we have a positive match.
$controller = $rule['controller'];
// Time to set the input variables.
// We are only going to set them if they don't already exist to avoid overwriting things.
foreach ($rule['vars'] as $i => $var) {
$this->input->def($var, $matches[$i + 1]);
// Don't forget to do an explicit set on the GET superglobal.
$this->input->get->def($var, $matches[$i + 1]);
}
$this->input->def('_rawRoute', $route);
break;
}
}
// We were unable to find a route match for the request. Panic.
if (!$controller) {
throw new \InvalidArgumentException(sprintf('Unable to handle request for route `%s`.', $route), 404);
}
return $controller;
}
/**
* Test the Joomla\Input\Input::serialize method.
*
* @return void
*
* @covers Joomla\Input\Input::serialize
* @since 1.0
*/
public function testSerialize()
{
// Load the inputs so that the static $loaded is set to true.
TestHelper::invoke($this->instance, 'loadAllInputs');
// Adjust the values so they are easier to handle.
TestHelper::setValue($this->instance, 'inputs', array('server' => 'remove', 'env' => 'remove', 'request' => 'keep'));
TestHelper::setValue($this->instance, 'options', 'options');
TestHelper::setValue($this->instance, 'data', 'data');
$this->assertThat($this->instance->serialize(), $this->equalTo('a:3:{i:0;s:7:"options";i:1;s:4:"data";i:2;a:1:{s:7:"request";s:4:"keep";}}'));
}
/**
* Attempt to authenticate the username and password pair.
*
* @return string|boolean A string containing a username if authentication is successful, false otherwise.
*
* @since 1.0
*/
public function authenticate()
{
$method = $this->input->getMethod();
$username = $this->input->{$method}->get('username', false, 'username');
$password = $this->input->{$method}->get('password', false, 'raw');
if (!$username || !$password) {
$this->status = Authentication::NO_CREDENTIALS;
return false;
}
if (!isset($this->credentialStore[$username])) {
$this->status = Authentication::NO_SUCH_USER;
return false;
}
$hash = $this->credentialStore[$username];
if (!password_verify($password, $hash)) {
$this->status = Authentication::INVALID_CREDENTIALS;
return false;
}
$this->status = Authentication::SUCCESS;
return $username;
}
/**
* Gets a value from the input data.
*
* @param string $name Name of the value to get.
* @param mixed $default Default value to return if variable does not exist.
* @param string $filter Filter to apply to the value.
*
* @return mixed The filtered input value.
*
* @since 1.0
*/
public function get($name, $default = null, $filter = 'string')
{
return parent::get($name, $default, $filter);
}
/**
* Start a session.
*
* Creates a session (or resumes the current one based on the state of the session)
*
* @return boolean true on success
*
* @since 1.0
* @deprecated 2.0
*/
protected function _start()
{
// Start session if not started
if ($this->getState() === 'restart') {
session_regenerate_id(true);
} else {
$session_name = session_name();
// Get the Joomla\Input\Cookie object
$cookie = $this->input->cookie;
if (is_null($cookie->get($session_name))) {
$session_clean = $this->input->get($session_name, false, 'string');
if ($session_clean) {
session_id($session_clean);
$cookie->set($session_name, '', time() - 3600);
}
}
}
/**
* Write and Close handlers are called after destructing objects since PHP 5.0.5.
* Thus destructors can use sessions but session handler can't use objects.
* So we are moving session closure before destructing objects.
*
* Replace with session_register_shutdown() when dropping compatibility with PHP 5.3
*/
register_shutdown_function('session_write_close');
session_cache_limiter('none');
session_start();
return true;
}
/**
* Frees all session variables and destroys all data registered to a session
*
* This method resets the $_SESSION variable and destroys all of the data associated
* with the current session in its storage (file or DB). It forces new session to be
* started after this method is called. It does not unset the session cookie.
*
* @return boolean True on success
*
* @see session_destroy()
* @see session_unset()
* @since 1.0
*/
public function destroy()
{
// Session was already destroyed
if ($this->getState() === 'destroyed') {
return true;
}
/*
* In order to kill the session altogether, such as to log the user out, the session id
* must also be unset. If a cookie is used to propagate the session id (default behavior),
* then the session cookie must be deleted.
*/
if (isset($_COOKIE[session_name()])) {
$this->input->cookie(session_name(), '', 1);
}
session_unset();
session_destroy();
$this->setState('destroyed');
return true;
}
