From 42126e88ba1e3508e2c5a36e49c23bfaf4a4262c Mon Sep 17 00:00:00 2001
From: xue <>
Date: Sun, 12 Feb 2006 01:44:52 +0000
Subject: Implemented cookie HMAC check.

---
 framework/Web/UI/TPage.php               | 10 +++++-----
 framework/Web/UI/TPageStatePersister.php |  8 ++++----
 2 files changed, 9 insertions(+), 9 deletions(-)

(limited to 'framework/Web/UI')

diff --git a/framework/Web/UI/TPage.php b/framework/Web/UI/TPage.php
index 78d9115e..7a7cbce4 100644
--- a/framework/Web/UI/TPage.php
+++ b/framework/Web/UI/TPage.php
@@ -131,7 +131,7 @@ class TPage extends TTemplateControl
 
 	private $_statePersisterClass='System.Web.UI.TPageStatePersister';
 	private $_statePersister=null;
-	private $_enableStateHMAC=true;
+	private $_enableStateValidation=true;
 	private $_enableStateEncryption=false;
 
 	/**
@@ -826,14 +826,14 @@ class TPage extends TTemplateControl
 		return $this->_statePersister;
 	}
 
-	public function getEnableStateHMAC()
+	public function getEnableStateValidation()
 	{
-		return $this->_enableStateHMAC;
+		return $this->_enableStateValidation;
 	}
 
-	public function setEnableStateHMAC($value)
+	public function setEnableStateValidation($value)
 	{
-		$this->_enableStateHMAC=TPropertyValue::ensureBoolean($value);
+		$this->_enableStateValidation=TPropertyValue::ensureBoolean($value);
 	}
 
 	public function getEnableStateEncryption()
diff --git a/framework/Web/UI/TPageStatePersister.php b/framework/Web/UI/TPageStatePersister.php
index 746d93c8..49321ff5 100644
--- a/framework/Web/UI/TPageStatePersister.php
+++ b/framework/Web/UI/TPageStatePersister.php
@@ -16,7 +16,7 @@
  * TPageStatePersister implements a page state persistent method based on
  * form hidden fields.
  *
- * Depending on the {@link TPage::getEnableStateHMAC() EnableStateHMAC}
+ * Depending on the {@link TPage::getEnableStateValidation() EnableStateValidation}
  * and {@link TPage::getEnableStateEncryption() EnableStateEncryption},
  * TPageStatePersister may do HMAC validation and encryption to prevent
  * the state data from being tampered or viewed.
@@ -55,7 +55,7 @@ class TPageStatePersister extends TComponent implements IPageStatePersister
 	public function save($state)
 	{
 		Prado::trace("Saving state",'System.Web.UI.TPageStatePersister');
-		if($this->_page->getEnableStateHMAC())
+		if($this->_page->getEnableStateValidation())
 			$data=$this->getApplication()->getSecurityManager()->hashData(Prado::serialize($state));
 		else
 			$data=Prado::serialize($state);
@@ -85,9 +85,9 @@ class TPageStatePersister extends TComponent implements IPageStatePersister
 		{
 			if($this->_page->getEnableStateEncryption())
 				$data=$this->getApplication()->getSecurityManager()->decrypt($data);
-			if($this->_page->getEnableStateHMAC())
+			if($this->_page->getEnableStateValidation())
 			{
-				if(($data=$this->getApplication()->getSecurityManager()->validateData($data))!==null)
+				if(($data=$this->getApplication()->getSecurityManager()->validateData($data))!==false)
 					return Prado::unserialize($data);
 			}
 			else
-- 
cgit v1.2.3