From 56fee292c37e162c03fab9eeadd6a8b9ab85c251 Mon Sep 17 00:00:00 2001 From: xue <> Date: Mon, 4 Sep 2006 19:15:47 +0000 Subject: merge from 3.0 branch till 1387 --- framework/Security/TSecurityManager.php | 31 +++++++++++++++++++++------ framework/Security/TUserManager.php | 38 ++++++++++++++++++++++++++------- 2 files changed, 55 insertions(+), 14 deletions(-) (limited to 'framework/Security') diff --git a/framework/Security/TSecurityManager.php b/framework/Security/TSecurityManager.php index b0ea4e95..89f3711a 100644 --- a/framework/Security/TSecurityManager.php +++ b/framework/Security/TSecurityManager.php @@ -43,11 +43,9 @@ class TSecurityManager extends TModule { const STATE_VALIDATION_KEY='prado:securitymanager:validationkey'; const STATE_ENCRYPTION_KEY='prado:securitymanager:encryptionkey'; - const STATE_INIT_VECTOR='prado:securitymanager:initvector'; private $_validationKey=null; private $_encryptionKey=null; - private $_initVector=null; - private $_validation='SHA1'; + private $_validation=TSecurityManagerValidationMode::SHA1; private $_encryption='3DES'; /** @@ -127,7 +125,7 @@ class TSecurityManager extends TModule } /** - * @return string hashing algorithm used to generate HMAC. Defaults to 'SHA1'. + * @return TSecurityManagerValidationMode hashing algorithm used to generate HMAC. Defaults to TSecurityManagerValidationMode::SHA1. */ public function getValidation() { @@ -135,11 +133,11 @@ class TSecurityManager extends TModule } /** - * @param string hashing algorithm used to generate HMAC. Valid values include 'SHA1' and 'MD5'. + * @param TSecurityManagerValidationMode hashing algorithm used to generate HMAC. */ public function setValidation($value) { - $this->_validation=TPropertyValue::ensureEnum($value,'SHA1','MD5'); + $this->_validation=TPropertyValue::ensureEnum($value,'TSecurityManagerValidationMode'); } /** @@ -260,4 +258,25 @@ class TSecurityManager extends TModule } } + +/** + * TSecurityManagerValidationMode class. + * TSecurityManagerValidationMode defines the enumerable type for the possible validation modes + * that can be used by {@link TSecurityManager}. + * + * The following enumerable values are defined: + * - MD5: an MD5 hash is generated from the data and used for validation. + * - SHA1: an SHA1 hash is generated from the data and used for validation. + * + * @author Qiang Xue + * @version $Revision: $ $Date: $ + * @package System.Security + * @since 3.0.4 + */ +class TSecurityManagerValidationMode extends TEnumerable +{ + const MD5='MD5'; + const SHA1='SHA1'; +} + ?> \ No newline at end of file diff --git a/framework/Security/TUserManager.php b/framework/Security/TUserManager.php index 6b10fa8b..c0bbe65d 100644 --- a/framework/Security/TUserManager.php +++ b/framework/Security/TUserManager.php @@ -35,7 +35,7 @@ Prado::using('System.Security.TUser'); * similar to the above sample. * * The user passwords may be specified as clear text, SH1 or MD5 hashed by setting - * {@link setPasswordMode PasswordMode} as Clear, SH1 or MD5. + * {@link setPasswordMode PasswordMode} as Clear, SHA1 or MD5. * The default name for a guest user is Guest. It may be changed * by setting {@link setGuestName GuestName} property. * @@ -67,9 +67,9 @@ class TUserManager extends TModule implements IUserManager */ private $_guestName='Guest'; /** - * @var string password mode, Clear|MD5|SH1 + * @var TUserManagerPasswordMode password mode */ - private $_passwordMode='MD5'; + private $_passwordMode=TUserManagerPasswordMode::MD5; /** * @var boolean whether the module has been initialized */ @@ -186,7 +186,7 @@ class TUserManager extends TModule implements IUserManager } /** - * @return string (Clear|MD5|SH1) how password is stored, clear text, or MD5 or SH1 hashed. Default to MD5. + * @return TUserManagerPasswordMode how password is stored, clear text, or MD5 or SHA1 hashed. Default to TUserManagerPasswordMode::MD5. */ public function getPasswordMode() { @@ -194,11 +194,11 @@ class TUserManager extends TModule implements IUserManager } /** - * @param string (Clear|MD5|SH1) how password is stored, clear text, or MD5 or SH1 hashed. + * @param TUserManagerPasswordMode how password is stored, clear text, or MD5 or SHA1 hashed. */ public function setPasswordMode($value) { - $this->_passwordMode=TPropertyValue::ensureEnum($value,array('Clear','MD5','SHA1')); + $this->_passwordMode=TPropertyValue::ensureEnum($value,'TUserManagerPasswordMode'); } /** @@ -209,9 +209,9 @@ class TUserManager extends TModule implements IUserManager */ public function validateUser($username,$password) { - if($this->_passwordMode==='MD5') + if($this->_passwordMode===TUserManagerPasswordMode::MD5) $password=md5($password); - else if($this->_passwordMode==='SHA1') + else if($this->_passwordMode===TUserManagerPasswordMode::SHA1) $password=sha1($password); $username=strtolower($username); return (isset($this->_users[$username]) && $this->_users[$username]===$password); @@ -258,4 +258,26 @@ class TUserManager extends TModule implements IUserManager } } +/** + * TUserManagerPasswordMode class. + * TUserManagerPasswordMode defines the enumerable type for the possible modes + * that user passwords can be specified for a {@link TUserManager}. + * + * The following enumerable values are defined: + * - Clear: the password is in plain text + * - MD5: the password is recorded as the MD5 hash value of the original password + * - SHA1: the password is recorded as the SHA1 hash value of the original password + * + * @author Qiang Xue + * @version $Revision: $ $Date: $ + * @package System.Security + * @since 3.0.4 + */ +class TUserManagerPasswordMode extends TEnumerable +{ + const Clear='Clear'; + const MD5='MD5'; + const SHA1='SHA1'; +} + ?> \ No newline at end of file -- cgit v1.2.3