diff options
| author | xue <> | 2006-02-12 01:44:52 +0000 |
|---|---|---|
| committer | xue <> | 2006-02-12 01:44:52 +0000 |
| commit | 42126e88ba1e3508e2c5a36e49c23bfaf4a4262c (patch) | |
| tree | f29b10f0e58a5d09592232363d34a9d5ed51c8d1 /framework/Web/UI | |
| parent | 9c559fd4e87a208a460255703d9b050988e12775 (diff) | |
Implemented cookie HMAC check.
Diffstat (limited to 'framework/Web/UI')
| -rw-r--r-- | framework/Web/UI/TPage.php | 10 | ||||
| -rw-r--r-- | framework/Web/UI/TPageStatePersister.php | 8 |
2 files changed, 9 insertions, 9 deletions
diff --git a/framework/Web/UI/TPage.php b/framework/Web/UI/TPage.php index 78d9115e..7a7cbce4 100644 --- a/framework/Web/UI/TPage.php +++ b/framework/Web/UI/TPage.php @@ -131,7 +131,7 @@ class TPage extends TTemplateControl private $_statePersisterClass='System.Web.UI.TPageStatePersister';
private $_statePersister=null;
- private $_enableStateHMAC=true;
+ private $_enableStateValidation=true;
private $_enableStateEncryption=false;
/**
@@ -826,14 +826,14 @@ class TPage extends TTemplateControl return $this->_statePersister;
}
- public function getEnableStateHMAC()
+ public function getEnableStateValidation()
{
- return $this->_enableStateHMAC;
+ return $this->_enableStateValidation;
}
- public function setEnableStateHMAC($value)
+ public function setEnableStateValidation($value)
{
- $this->_enableStateHMAC=TPropertyValue::ensureBoolean($value);
+ $this->_enableStateValidation=TPropertyValue::ensureBoolean($value);
}
public function getEnableStateEncryption()
diff --git a/framework/Web/UI/TPageStatePersister.php b/framework/Web/UI/TPageStatePersister.php index 746d93c8..49321ff5 100644 --- a/framework/Web/UI/TPageStatePersister.php +++ b/framework/Web/UI/TPageStatePersister.php @@ -16,7 +16,7 @@ * TPageStatePersister implements a page state persistent method based on
* form hidden fields.
*
- * Depending on the {@link TPage::getEnableStateHMAC() EnableStateHMAC}
+ * Depending on the {@link TPage::getEnableStateValidation() EnableStateValidation}
* and {@link TPage::getEnableStateEncryption() EnableStateEncryption},
* TPageStatePersister may do HMAC validation and encryption to prevent
* the state data from being tampered or viewed.
@@ -55,7 +55,7 @@ class TPageStatePersister extends TComponent implements IPageStatePersister public function save($state)
{
Prado::trace("Saving state",'System.Web.UI.TPageStatePersister');
- if($this->_page->getEnableStateHMAC())
+ if($this->_page->getEnableStateValidation())
$data=$this->getApplication()->getSecurityManager()->hashData(Prado::serialize($state));
else
$data=Prado::serialize($state);
@@ -85,9 +85,9 @@ class TPageStatePersister extends TComponent implements IPageStatePersister {
if($this->_page->getEnableStateEncryption())
$data=$this->getApplication()->getSecurityManager()->decrypt($data);
- if($this->_page->getEnableStateHMAC())
+ if($this->_page->getEnableStateValidation())
{
- if(($data=$this->getApplication()->getSecurityManager()->validateData($data))!==null)
+ if(($data=$this->getApplication()->getSecurityManager()->validateData($data))!==false)
return Prado::unserialize($data);
}
else
|