merge from 3.0 branch till 1387

2 files changed, 55 insertions, 14 deletions

diff --git a/framework/Security/TSecurityManager.php b/framework/Security/TSecurityManager.php
index b0ea4e95..89f3711a 100644
--- a/framework/Security/TSecurityManager.php
+++ b/framework/Security/TSecurityManager.php
@@ -43,11 +43,9 @@ class TSecurityManager extends TModule
 {

 	const STATE_VALIDATION_KEY='prado:securitymanager:validationkey';

 	const STATE_ENCRYPTION_KEY='prado:securitymanager:encryptionkey';

-	const STATE_INIT_VECTOR='prado:securitymanager:initvector';

 	private $_validationKey=null;

 	private $_encryptionKey=null;

-	private $_initVector=null;

-	private $_validation='SHA1';

+	private $_validation=TSecurityManagerValidationMode::SHA1;

 	private $_encryption='3DES';

 

 	/**

@@ -127,7 +125,7 @@ class TSecurityManager extends TModule
 	}

 

 	/**

-	 * @return string hashing algorithm used to generate HMAC. Defaults to 'SHA1'.

+	 * @return TSecurityManagerValidationMode hashing algorithm used to generate HMAC. Defaults to TSecurityManagerValidationMode::SHA1.

 	 */

 	public function getValidation()

 	{

@@ -135,11 +133,11 @@ class TSecurityManager extends TModule
 	}

 

 	/**

-	 * @param string hashing algorithm used to generate HMAC. Valid values include 'SHA1' and 'MD5'.

+	 * @param TSecurityManagerValidationMode hashing algorithm used to generate HMAC.

 	 */

 	public function setValidation($value)

 	{

-		$this->_validation=TPropertyValue::ensureEnum($value,'SHA1','MD5');

+		$this->_validation=TPropertyValue::ensureEnum($value,'TSecurityManagerValidationMode');

 	}

 

 	/**

@@ -260,4 +258,25 @@ class TSecurityManager extends TModule
 	}

 }

 

+

+/**

+ * TSecurityManagerValidationMode class.

+ * TSecurityManagerValidationMode defines the enumerable type for the possible validation modes

+ * that can be used by {@link TSecurityManager}.

+ *

+ * The following enumerable values are defined:

+ * - MD5: an MD5 hash is generated from the data and used for validation.

+ * - SHA1: an SHA1 hash is generated from the data and used for validation.

+ *

+ * @author Qiang Xue <qiang.xue@gmail.com>

+ * @version $Revision: $  $Date: $

+ * @package System.Security

+ * @since 3.0.4

+ */

+class TSecurityManagerValidationMode extends TEnumerable

+{

+	const MD5='MD5';

+	const SHA1='SHA1';

+}

+

 ?>
\ No newline at end of file
diff --git a/framework/Security/TUserManager.php b/framework/Security/TUserManager.php
index 6b10fa8b..c0bbe65d 100644
--- a/framework/Security/TUserManager.php
+++ b/framework/Security/TUserManager.php
@@ -35,7 +35,7 @@ Prado::using('System.Security.TUser');
  * similar to the above sample.

  *

  * The user passwords may be specified as clear text, SH1 or MD5 hashed by setting

- * {@link setPasswordMode PasswordMode} as <b>Clear</b>, <b>SH1</b> or <b>MD5</b>.

+ * {@link setPasswordMode PasswordMode} as <b>Clear</b>, <b>SHA1</b> or <b>MD5</b>.

  * The default name for a guest user is <b>Guest</b>. It may be changed

  * by setting {@link setGuestName GuestName} property.

  *

@@ -67,9 +67,9 @@ class TUserManager extends TModule implements IUserManager
 	 */

 	private $_guestName='Guest';

 	/**

-	 * @var string password mode, Clear|MD5|SH1

+	 * @var TUserManagerPasswordMode password mode

 	 */

-	private $_passwordMode='MD5';

+	private $_passwordMode=TUserManagerPasswordMode::MD5;

 	/**

 	 * @var boolean whether the module has been initialized

 	 */

@@ -186,7 +186,7 @@ class TUserManager extends TModule implements IUserManager
 	}

 

 	/**

-	 * @return string (Clear|MD5|SH1) how password is stored, clear text, or MD5 or SH1 hashed. Default to MD5.

+	 * @return TUserManagerPasswordMode how password is stored, clear text, or MD5 or SHA1 hashed. Default to TUserManagerPasswordMode::MD5.

 	 */

 	public function getPasswordMode()

 	{

@@ -194,11 +194,11 @@ class TUserManager extends TModule implements IUserManager
 	}

 

 	/**

-	 * @param string (Clear|MD5|SH1) how password is stored, clear text, or MD5 or SH1 hashed.

+	 * @param TUserManagerPasswordMode how password is stored, clear text, or MD5 or SHA1 hashed.

 	 */

 	public function setPasswordMode($value)

 	{

-		$this->_passwordMode=TPropertyValue::ensureEnum($value,array('Clear','MD5','SHA1'));

+		$this->_passwordMode=TPropertyValue::ensureEnum($value,'TUserManagerPasswordMode');

 	}

 

 	/**

@@ -209,9 +209,9 @@ class TUserManager extends TModule implements IUserManager
 	 */

 	public function validateUser($username,$password)

 	{

-		if($this->_passwordMode==='MD5')

+		if($this->_passwordMode===TUserManagerPasswordMode::MD5)

 			$password=md5($password);

-		else if($this->_passwordMode==='SHA1')

+		else if($this->_passwordMode===TUserManagerPasswordMode::SHA1)

 			$password=sha1($password);

 		$username=strtolower($username);

 		return (isset($this->_users[$username]) && $this->_users[$username]===$password);

@@ -258,4 +258,26 @@ class TUserManager extends TModule implements IUserManager
 	}

 }

 

+/**

+ * TUserManagerPasswordMode class.

+ * TUserManagerPasswordMode defines the enumerable type for the possible modes

+ * that user passwords can be specified for a {@link TUserManager}.

+ *

+ * The following enumerable values are defined:

+ * - Clear: the password is in plain text

+ * - MD5: the password is recorded as the MD5 hash value of the original password

+ * - SHA1: the password is recorded as the SHA1 hash value of the original password

+ *

+ * @author Qiang Xue <qiang.xue@gmail.com>

+ * @version $Revision: $  $Date: $

+ * @package System.Security

+ * @since 3.0.4

+ */

+class TUserManagerPasswordMode extends TEnumerable

+{

+	const Clear='Clear';

+	const MD5='MD5';

+	const SHA1='SHA1';

+}

+

 ?>
\ No newline at end of file