tonyair
/
silverstripe-framework
mirror of https://github.com/silverstripe/silverstripe-framework
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

mlanthaler: Refactored the created code since the coding conventions for static methods were changed (ticket #49). 

(merged from branches/gsoc)


git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@41982 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2007-09-16 00:44:30 +00:00
parent cbe32dca20
commit 7d600b025d
9 changed files with 147 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
_config.php
View File

@ -10,7 +10,7 @@
* on your site, e.g. to register the OpenID authentication method type
*
* <code>
* Authenticator::registerAuthenticator('OpenIDAuthenticator');
* Authenticator::register_authenticator('OpenIDAuthenticator');
* </code>
*/
@ -18,7 +18,7 @@
/**
* Add the security folder to the include path so that the
* {http://www.openidenabled.com/ PHP OpenID library} finds it files
* {@link http://www.openidenabled.com/ PHP OpenID library} finds it files
*/
$path_extra = realpath(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'security';
/**
@ -51,19 +51,22 @@ define('Auth_OpenID_RAND_SOURCE', null);
/**
* Register the {@link OpenIDAuthenticator OpenID authenticator}
*/
Authenticator::registerAuthenticator('MemberAuthenticator');
Authenticator::register_authenticator('MemberAuthenticator');
/**
* Register the {@link OpenIDAuthenticator OpenID authenticator}
*/
Authenticator::registerAuthenticator('OpenIDAuthenticator');
Authenticator::register_authenticator('OpenIDAuthenticator');
/**
* Define a default language different than english
*/
//i18n::set_locale('ca_AD');
/**
* The root directory of TinyMCE
*/
define('MCE_ROOT', 'jsparty/tiny_mce2/');
/**
@ -82,9 +85,12 @@ Security::encrypt_passwords(true);
Security::set_password_encryption_algorithm('sha1', true);
/**
* The secret key that needs to be sent along with pings to /Email_BounceHandler.
* Change this to something different for increase security (you can override it in mysite/_config.php to ease upgrades).
* For more information see: http://doc.silverstripe.com/doku.php?id=email_bouncehandler
* The secret key that needs to be sent along with pings to /Email_BounceHandler
*
* Change this to something different for increase security (you can
* override it in mysite/_config.php to ease upgrades).
* For more information see:
* {@link http://doc.silverstripe.com/doku.php?id=email_bouncehandler}
*/
define('EMAIL_BOUNCEHANDLER_KEY', '1aaaf8fb60ea253dbf6efa71baaacbb3');

23
security/Authenticator.php
View File

@ -2,6 +2,8 @@
/**
* Authenticator base class
*
* @author Markus Lanthaler <markus@silverstripe.com>
*/
@ -13,11 +15,9 @@
* methods like {@link MemberAuthenticator} or {@link OpenIDAuthenticator}.
*
* @author Markus Lanthaler <markus@silverstripe.com>
*
* @todo Wouldn't be an interface be the better choice?
*/
abstract class Authenticator extends Object
{
abstract class Authenticator extends Object {
/**
* This variable holds all authenticators that should be used
*
@ -36,7 +36,8 @@ abstract class Authenticator extends Object
* @return bool|Member Returns FALSE if authentication fails, otherwise
* the member object
*/
public abstract function authenticate(array $RAW_data, Form $form = null);
public abstract static function authenticate(array $RAW_data,
Form $form = null);
/**
@ -47,7 +48,7 @@ abstract class Authenticator extends Object
* @return Form Returns the login form to use with this authentication
* method
*/
public abstract static function getLoginForm(Controller $controller);
public abstract static function get_login_form(Controller $controller);
/**
@ -55,7 +56,7 @@ abstract class Authenticator extends Object
*
* @return string Returns the name of the authentication method.
*/
public abstract static function getName();
public abstract static function get_name();
/**
@ -67,7 +68,7 @@ abstract class Authenticator extends Object
*
* @return bool Returns TRUE on success, FALSE otherwise.
*/
public static function registerAuthenticator($authenticator) {
public static function register_authenticator($authenticator) {
$authenticator = trim($authenticator);
if(class_exists($authenticator) == false)
@ -77,7 +78,7 @@ abstract class Authenticator extends Object
return false;
if(in_array($authenticator, self::$authenticators) == false) {
if(call_user_func(array($authenticator, 'onRegister')) === true) {
if(call_user_func(array($authenticator, 'on_register')) === true) {
array_push(self::$authenticators, $authenticator);
} else {
return false;
@ -94,7 +95,7 @@ abstract class Authenticator extends Object
* @return array Returns an array with the class names of all registered
* authenticators.
*/
public static function getAuthenticators() {
public static function get_authenticators() {
return self::$authenticators;
}
@ -110,7 +111,7 @@ abstract class Authenticator extends Object
*
* @return bool Returns TRUE on success, FALSE otherwise.
*/
protected static function onRegister() {
protected static function on_register() {
return true;
}
}

20
security/ChangePasswordForm.php
View File

@ -1,10 +1,28 @@
<?php
/**
* Change password form
*/
/**
* Standard Change Password Form
*/
class ChangePasswordForm extends Form {
/**
* Constructor
*
* @param Controller $controller The parent controller, necessary to
* create the appropriate form action tag.
* @param string $name The method on the controller that will return this
* form object.
* @param FieldSet|FormField $fields All of the fields in the form - a
* {@link FieldSet} of {@link FormField}
* objects.
* @param FieldSet|FormAction $actions All of the action buttons in the
* form - a {@link FieldSet} of
*/
function __construct($controller, $name, $fields = null, $actions = null) {
if(!$fields) {
$fields = new FieldSet();
@ -24,6 +42,7 @@ class ChangePasswordForm extends Form {
parent::__construct($controller, $name, $fields, $actions);
}
/**
* Change the password
*
@ -52,7 +71,6 @@ class ChangePasswordForm extends Form {
}
}
// Check the new password
if($data['NewPassword1'] == $data['NewPassword2']) {
$member->Password = $data['NewPassword1'];

96
security/LoginForm.php
View File

@ -1,48 +1,50 @@
<?php
/**
* LoginForm base class
*/
/**
* Abstract base class for a login form
*
* This class is used as a base class for the different log-in forms like
* {@link MemberLoginForm} or {@link OpenIDLoginForm}.
*
* @author Markus Lanthaler <markus@silverstripe.com>
*/
abstract class LoginForm extends Form
{
/**
* Authenticator class to use with this login form
*
* Set this variable to the authenticator class to use with this login
* form.
*
* @var string
*/
protected $authenticator_class;
/**
* Get the authenticator class
*
* @return Authenticator Returns the authenticator class for this login
* form.
*/
public function getAuthenticator() {
if(!class_exists($this->authenticator_class) ||
!is_subclass_of($this->authenticator_class, 'Authenticator')) {
user_error('The form uses an invalid authenticator class!',
E_USER_ERROR);
return;
}
return new $this->authenticator_class;
}
}
<?php
/**
* LoginForm base class
*
* @author Markus Lanthaler <markus@silverstripe.com>
*/
/**
* Abstract base class for a login form
*
* This class is used as a base class for the different log-in forms like
* {@link MemberLoginForm} or {@link OpenIDLoginForm}.
*
* @author Markus Lanthaler <markus@silverstripe.com>
*/
abstract class LoginForm extends Form {
/**
* Authenticator class to use with this login form
*
* Set this variable to the authenticator class to use with this login
* form.
*
* @var string
*/
protected $authenticator_class;
/**
* Get the authenticator class
*
* @return Authenticator Returns the authenticator class for this login
* form.
*/
public function getAuthenticator() {
if(!class_exists($this->authenticator_class) ||
!is_subclass_of($this->authenticator_class, 'Authenticator')) {
user_error('The form uses an invalid authenticator class!',
E_USER_ERROR);
return;
}
return new $this->authenticator_class;
}
}
?>

10
security/Member.php
View File

@ -1,4 +1,14 @@
<?php
/**
* Member classes
*/
/**
* The member class which represents the users of the system
*/
class Member extends DataObject {
static $db = array(

7
security/MemberAuthenticator.php
View File

@ -25,7 +25,7 @@ class MemberAuthenticator extends Authenticator {
* @return bool|Member Returns FALSE if authentication fails, otherwise
* the member object
*/
public function authenticate(array $RAW_data, Form $form = null) {
public static function authenticate(array $RAW_data, Form $form = null) {
$SQL_user = Convert::raw2sql($RAW_data['Email']);
$member = DataObject::get_one("Member",
@ -56,7 +56,7 @@ class MemberAuthenticator extends Authenticator {
* @return Form Returns the login form to use with this authentication
* method
*/
public static function getLoginForm(Controller $controller) {
public static function get_login_form(Controller $controller) {
return Object::create("MemberLoginForm", $controller, "LoginForm");
}
@ -66,9 +66,10 @@ class MemberAuthenticator extends Authenticator {
*
* @return string Returns the name of the authentication method.
*/
public static function getName() {
public static function get_name() {
return "E-mail &amp; Password";
}
}
?>

10
security/OpenIDAuthenticator.php
View File

@ -45,9 +45,9 @@ class OpenIDAuthenticator extends Authenticator {
*
* @return bool Returns TRUE on success, FALSE otherwise.
*/
protected static function onRegister() {
protected static function on_register() {
Member::addRole('OpenIDAuthenticatedRole');
return true;
return parent::on_register();
}
@ -65,7 +65,7 @@ class OpenIDAuthenticator extends Authenticator {
* @todo Check if we can send the POST request for OpenID 2 directly
* (without rendering a form and using javascript)
*/
public function authenticate(array $RAW_data, Form $form = null) {
public static function authenticate(array $RAW_data, Form $form = null) {
$openid = trim($RAW_data['OpenIDURL']);
if(strlen($openid) == 0) {
@ -161,7 +161,7 @@ class OpenIDAuthenticator extends Authenticator {
* @return Form Returns the login form to use with this authentication
* method
*/
public static function getLoginForm(Controller $controller) {
public static function get_login_form(Controller $controller) {
return Object::create("OpenIDLoginForm", $controller, "LoginForm");
}
@ -171,7 +171,7 @@ class OpenIDAuthenticator extends Authenticator {
*
* @return string Returns the name of the authentication method.
*/
public static function getName() {
public static function get_name() {
return "OpenID/i-name";
}
}

53
security/OpenIDStorage.php
View File

@ -66,8 +66,7 @@ class OpenIDStorage extends Auth_OpenID_MySQLStore {
* @todo Create the tables during installation, so we can reduce the
* number of needed SQL queries.
*/
function __construct($associations_table = null, $nonces_table = null)
{
function __construct($associations_table = null, $nonces_table = null) {
if(is_null($associations_table))
$associations_table = 'authentication_openid_associations';
@ -106,8 +105,7 @@ class OpenIDStorage extends Auth_OpenID_MySQLStore {
*
* @access private
*/
function setSQL()
{
function setSQL() {
parent::setSQL();
$this->sql['nonce_table'] =
@ -138,8 +136,7 @@ class OpenIDStorage extends Auth_OpenID_MySQLStore {
* FALSE otherwise.
* @access private
*/
function isError($value)
{
function isError($value) {
return ($value === false);
}
@ -149,8 +146,7 @@ class OpenIDStorage extends Auth_OpenID_MySQLStore {
*
* @return bool Returns TRUE on success, FALSE on failure.
*/
function create_nonce_table()
{
function create_nonce_table() {
return $this->resultToBool(
$this->connection->query($this->sql['nonce_table']));
}
@ -161,8 +157,7 @@ class OpenIDStorage extends Auth_OpenID_MySQLStore {
*
* @return bool Returns TRUE on success, FALSE on failure.
*/
function create_assoc_table()
{
function create_assoc_table() {
return $this->resultToBool(
$this->connection->query($this->sql['assoc_table']));
}
@ -175,7 +170,7 @@ class OpenIDStorage extends Auth_OpenID_MySQLStore {
* the {@link OpenIDStorage} class.
*
* @author Markus Lanthaler <markus@silverstripe.com>
*
*
* @todo If the new database abstraction adds support for transactions and
* prepared statements (placeholders) use that code without emulating
* it here.
@ -197,10 +192,9 @@ class OpenIDDatabaseConnection extends Auth_OpenID_DatabaseConnection {
* the result of a query is not important, like a
* DDL query.
*/
public function query($sql, $params = array())
{
public function query($sql, $params = array()) {
if(($sql = $this->generateQuery($sql, $params)) === false)
return false;
return false;
return DB::query($sql);
}
@ -219,8 +213,7 @@ class OpenIDDatabaseConnection extends Auth_OpenID_DatabaseConnection {
* the result set.
* FALSE if no such result was found.
*/
public function getOne($sql, $params = array())
{
public function getOne($sql, $params = array()) {
if(($sql = $this->generateQuery($sql, $params)) === false)
return false;
@ -244,10 +237,9 @@ class OpenIDDatabaseConnection extends Auth_OpenID_DatabaseConnection {
* column name.
* FALSE if no such result was found.
*/
public function getRow($sql, $params = array())
{
public function getRow($sql, $params = array()) {
if(($sql = $this->generateQuery($sql, $params)) === false)
return false;
return false;
if(($result = DB::query($sql)) === false)
return false;
@ -267,8 +259,7 @@ class OpenIDDatabaseConnection extends Auth_OpenID_DatabaseConnection {
* @return array $result An array of arrays representing the result of the
* query; each array is keyed on column name.
*/
public function getAll($sql, $params = array())
{
public function getAll($sql, $params = array()) {
if(($sql = $this->generateQuery($sql, $params)) === false)
return false;
@ -276,7 +267,7 @@ class OpenIDDatabaseConnection extends Auth_OpenID_DatabaseConnection {
return false;
for($result_array = array(); $result->valid(); $result->next()) {
array_push($result_array, $result->current());
array_push($result_array, $result->current());
}
return $result_array;
@ -288,32 +279,28 @@ class OpenIDDatabaseConnection extends Auth_OpenID_DatabaseConnection {
*
* @param bool $mode TRUE if auto-commit is to be used; FALSE if not.
*/
public function autoCommit($mode)
{
public function autoCommit($mode) {
}
/**
* Starts a transaction on this connection, if supported.
*/
public function begin()
{
public function begin() {
}
/**
* Commits a transaction on this connection, if supported.
*/
public function commit()
{
public function commit() {
}
/**
* Performs a rollback on this connection, if supported.
*/
public function rollback()
{
public function rollback() {
}
@ -330,8 +317,7 @@ class OpenIDDatabaseConnection extends Auth_OpenID_DatabaseConnection {
* string or an invalid number of parameters
* was passed.
*/
private function generateQuery($sql, $params = array())
{
private function generateQuery($sql, $params = array()) {
$tokens = preg_split('/((?<!\\\)[&?!])/', $sql, -1,
PREG_SPLIT_DELIM_CAPTURE);
$token = 0;
@ -379,8 +365,7 @@ class OpenIDDatabaseConnection extends Auth_OpenID_DatabaseConnection {
* @return mixed The formatted data. The format depends on the input's
* PHP type-
*/
private function quote($in)
{
private function quote($in) {
if(is_int($in)) {
return $in;
} elseif(is_float($in)) {

22
security/Security.php
View File

@ -124,9 +124,10 @@ class Security extends Controller {
{
$authenticator = trim($_REQUEST['AuthenticationMethod']);
$authenticators = Authenticator::getAuthenticators();
$authenticators = Authenticator::get_authenticators();
if(in_array($authenticator, $authenticators)) {
return call_user_func(array($authenticator, 'GetLoginForm'), $this);
return call_user_func(array($authenticator, 'get_login_form'),
$this);
}
}
@ -146,10 +147,10 @@ class Security extends Controller {
{
$forms = array();
$authenticators = Authenticator::getAuthenticators();
$authenticators = Authenticator::get_authenticators();
foreach($authenticators as $authenticator) {
array_push($forms,
call_user_func(array($authenticator, 'GetLoginForm'),
call_user_func(array($authenticator, 'get_login_form'),
$this));
}
@ -219,6 +220,13 @@ class Security extends Controller {
foreach($forms as $form)
$content .= $form->forTemplate();
foreach($forms as $form) {
$content .= "<li><a href=\"$link_base#{$form->FormName()}_tab\">{$form->getAuthenticator()->get_name()}</a></li>\n";
$content_forms .= '<div class="tab" id="' . $form->FormName() . '_tab">' . $form->forTemplate() . "</div>\n";
}
$content .= "</ul>\n" . $content_forms . "\n</div>\n";
if(strlen($message = Session::get('Security.Message.message')) > 0) {
$message_type = Session::get('Security.Message.type');
if($message_type == 'bad') {
@ -422,7 +430,8 @@ class Security extends Controller {
'">here</a> or change your password after you <a href="' .
$this->link('login') . '">logged in</a>.</p>'));
} else {
self::permissionFailure($this, 'You must be logged in in order to change your password!');
self::permissionFailure($this,
'You must be logged in in order to change your password!');
die();
}
}
@ -526,7 +535,8 @@ class Security extends Controller {
/**
* Set strict path checking
*
* This prevents sharing of the session across several sites in the domain.
* This prevents sharing of the session across several sites in the
* domain.
*
* @param boolean $strictPathChecking To enable or disable strict patch
* checking.