WebSVN – lars-tiefland.cakephp – Blame – /cake/libs/security.php

Revision	Autor	Zeilennr.	Zeile
1	lars	1	`<?php`
		2	`/* SVN FILE: $Id: security.php 7945 2008-12-19 02:16:01Z gwoo $ */`
		3	`/**`
		4	`* Short description for file.`
		5	`*`
		6	`* Long description for file`
		7	`*`
		8	`* PHP versions 4 and 5`
		9	`*`
		10	`* CakePHP(tm) : Rapid Development Framework (http://www.cakephp.org)`
		11	`* Copyright 2005-2008, Cake Software Foundation, Inc. (http://www.cakefoundation.org)`
		12	`*`
		13	`* Licensed under The MIT License`
		14	`* Redistributions of files must retain the above copyright notice.`
		15	`*`
		16	`* @filesource`
		17	`* @copyright Copyright 2005-2008, Cake Software Foundation, Inc. (http://www.cakefoundation.org)`
		18	`* @link http://www.cakefoundation.org/projects/info/cakephp CakePHP(tm) Project`
		19	`* @package cake`
		20	`* @subpackage cake.cake.libs`
		21	`* @since CakePHP(tm) v .0.10.0.1233`
		22	`* @version $Revision: 7945 $`
		23	`* @modifiedby $LastChangedBy: gwoo $`
		24	`* @lastmodified $Date: 2008-12-18 18:16:01 -0800 (Thu, 18 Dec 2008) $`
		25	`* @license http://www.opensource.org/licenses/mit-license.php The MIT License`
		26	`*/`
		27	`/**`
		28	`* Short description for file.`
		29	`*`
		30	`* Long description for file`
		31	`*`
		32	`* @package cake`
		33	`* @subpackage cake.cake.libs`
		34	`*/`
		35	`class Security extends Object {`
		36	`/**`
		37	`* Default hash method`
		38	`*`
		39	`* @var string`
		40	`* @access public`
		41	`*/`
		42	`var $hashType = null;`
		43	`/**`
		44	`* Singleton implementation to get object instance.`
		45	`*`
		46	`* @return object`
		47	`* @access public`
		48	`* @static`
		49	`*/`
		50	`function &getInstance() {`
		51	`static $instance = array();`
		52	`if (!$instance) {`
		53	`$instance[0] =& new Security;`
		54	`}`
		55	`return $instance[0];`
		56	`}`
		57	`/**`
		58	`* Get allowed minutes of inactivity based on security level.`
		59	`*`
		60	`* @return integer Allowed inactivity in minutes`
		61	`* @access public`
		62	`* @static`
		63	`*/`
		64	`function inactiveMins() {`
		65	`$_this =& Security::getInstance();`
		66	`switch (Configure::read('Security.level')) {`
		67	`case 'high':`
		68	`return 10;`
		69	`break;`
		70	`case 'medium':`
		71	`return 100;`
		72	`break;`
		73	`case 'low':`
		74	`default:`
		75	`return 300;`
		76	`break;`
		77	`}`
		78	`}`
		79	`/**`
		80	`* Generate authorization hash.`
		81	`*`
		82	`* @return string Hash`
		83	`* @access public`
		84	`* @static`
		85	`*/`
		86	`function generateAuthKey() {`
		87	`if (!class_exists('String')) {`
		88	`App::import('Core', 'String');`
		89	`}`
		90	`return Security::hash(String::uuid());`
		91	`}`
		92	`/**`
		93	`* Validate authorization hash.`
		94	`*`
		95	`* @param string $authKey Authorization hash`
		96	`* @return boolean Success`
		97	`* @access public`
		98	`* @static`
		99	`* @todo Complete implementation`
		100	`*/`
		101	`function validateAuthKey($authKey) {`
		102	`return true;`
		103	`}`
		104	`/**`
		105	`* Create a hash from string using given method.`
		106	`* Fallback on next available method.`
		107	`*`
		108	`* @param string $string String to hash`
		109	`* @param string $type Method to use (sha1/sha256/md5)`
		110	`* @param boolean $salt If true, automatically appends the application's salt`
		111	`* value to $string (Security.salt)`
		112	`* @return string Hash`
		113	`* @access public`
		114	`* @static`
		115	`*/`
		116	`function hash($string, $type = null, $salt = false) {`
		117	`$_this =& Security::getInstance();`
		118
		119	`if ($salt) {`
		120	`if (is_string($salt)) {`
		121	`$string = $salt . $string;`
		122	`} else {`
		123	`$string = Configure::read('Security.salt') . $string;`
		124	`}`
		125	`}`
		126
		127	`if (empty($type)) {`
		128	`$type = $_this->hashType;`
		129	`}`
		130	`$type = strtolower($type);`
		131
		132	`if ($type == 'sha1' \|\| $type == null) {`
		133	`if (function_exists('sha1')) {`
		134	`$return = sha1($string);`
		135	`return $return;`
		136	`}`
		137	`$type = 'sha256';`
		138	`}`
		139
		140	`if ($type == 'sha256' && function_exists('mhash')) {`
		141	`return bin2hex(mhash(MHASH_SHA256, $string));`
		142	`}`
		143
		144	`if (function_exists('hash')) {`
		145	`return hash($type, $string);`
		146	`}`
		147	`return md5($string);`
		148	`}`
		149	`/**`
		150	`* Sets the default hash method for the Security object. This affects all objects using`
		151	`* Security::hash().`
		152	`*`
		153	`* @param string $hash Method to use (sha1/sha256/md5)`
		154	`* @access public`
		155	`* @return void`
		156	`* @static`
		157	`* @see Security::hash()`
		158	`*/`
		159	`function setHash($hash) {`
		160	`$_this =& Security::getInstance();`
		161	`$_this->hashType = $hash;`
		162	`}`
		163	`/**`
		164	`* Encrypts/Decrypts a text using the given key.`
		165	`*`
		166	`* @param string $text Encrypted string to decrypt, normal string to encrypt`
		167	`* @param string $key Key to use`
		168	`* @return string Encrypted/Decrypted string`
		169	`* @access public`
		170	`* @static`
		171	`*/`
		172	`function cipher($text, $key) {`
		173	`if (empty($key)) {`
		174	`trigger_error(__('You cannot use an empty key for Security::cipher()', true), E_USER_WARNING);`
		175	`return '';`
		176	`}`
		177
		178	`$_this =& Security::getInstance();`
		179	`if (!defined('CIPHER_SEED')) {`
		180	`//This is temporary will change later`
		181	`define('CIPHER_SEED', '76859309657453542496749683645');`
		182	`}`
		183	`srand(CIPHER_SEED);`
		184	`$out = '';`
		185
		186	`for ($i = 0; $i < strlen($text); $i++) {`
		187	`for ($j = 0; $j < ord(substr($key, $i % strlen($key), 1)); $j++) {`
		188	`$toss = rand(0, 255);`
		189	`}`
		190	`$mask = rand(0, 255);`
		191	`$out .= chr(ord(substr($text, $i, 1)) ^ $mask);`
		192	`}`
		193	`return $out;`
		194	`}`
		195	`}`
		196	`?>`

Subversion-Projekte lars-tiefland.cakephp

(root)/cake/libs/security.php – Revision 1