From 6960f40252533b7e286465c27fa810b3c3213e72 Mon Sep 17 00:00:00 2001
From: xue <>
Date: Wed, 21 Dec 2005 19:17:25 +0000
Subject: Changed THiddenFieldPageStatePersister to TPageStatePersister.
 Changed the way of generating private key (previously it was not fully
 implemented yet.)

---
 .../Web/UI/THiddenFieldPageStatePersister.php      | 81 --------------------
 framework/Web/UI/TPageStatePersister.php           | 89 ++++++++++++++++++++++
 2 files changed, 89 insertions(+), 81 deletions(-)
 delete mode 100644 framework/Web/UI/THiddenFieldPageStatePersister.php
 create mode 100644 framework/Web/UI/TPageStatePersister.php

(limited to 'framework')

diff --git a/framework/Web/UI/THiddenFieldPageStatePersister.php b/framework/Web/UI/THiddenFieldPageStatePersister.php
deleted file mode 100644
index d4041983..00000000
--- a/framework/Web/UI/THiddenFieldPageStatePersister.php
+++ /dev/null
@@ -1,81 +0,0 @@
-<?php
-
-class THiddenFieldPageStatePersister extends TComponent implements IPageStatePersister, IModule
-{
-	private $_application;
-	private $_id='persister';
-
-	/**
-	 * Initializes the service.
-	 * This method is required by IModule interface.
-	 * @param TApplication application
-	 * @param TXmlElement module configuration
-	 */
-	public function init($application, $config)
-	{
-		$this->_application=$application;
-		$application->getService()->setPageStatePersister($this);
-	}
-
-	/**
-	 * @return string id of this module
-	 */
-	public function getID()
-	{
-		return $this->_id;
-	}
-
-	/**
-	 * @param string id of this module
-	 */
-	public function setID($value)
-	{
-		$this->_id=$value;
-	}
-
-	public function save($state)
-	{
-		$data=Prado::serialize($state);
-		$hmac=$this->computeHMAC($data,$this->getKey());
-		if(extension_loaded('zlib'))
-			$data=gzcompress($hmac.$data);
-		else
-			$data=$hmac.$data;
-		$this->_application->getService()->getRequestedPage()->getClientScript()->registerHiddenField(TPage::FIELD_PAGESTATE,base64_encode($data));
-	}
-
-	public function load()
-	{
-		$str=base64_decode($this->_application->getRequest()->getItems()->itemAt(TPage::FIELD_PAGESTATE));
-		if($str==='')
-			return null;
-		if(extension_loaded('zlib'))
-			$data=gzuncompress($str);
-		else
-			$data=$str;
-		if($data!==false && strlen($data)>32)
-		{
-			$hmac=substr($data,0,32);
-			$state=substr($data,32);
-			if($hmac===$this->computeHMAC($state,$this->getKey()))
-				return Prado::unserialize($state);
-		}
-		throw new Exception('viewstate data is corrupted.');
-	}
-
-	private function getKey()
-	{
-		return 'abcdefe';
-	}
-
-	private function computeHMAC($data,$key)
-	{
-		if (strlen($key) > 64)
-			$key = pack('H32', md5($key));
-		else if (strlen($key) < 64)
-			$key = str_pad($key, 64, "\0");
-		return md5((str_repeat("\x5c", 64) ^ substr($key, 0, 64)) . pack('H32', md5((str_repeat("\x36", 64) ^ substr($key, 0, 64)) . $data)));
-	}
-}
-
-?>
\ No newline at end of file
diff --git a/framework/Web/UI/TPageStatePersister.php b/framework/Web/UI/TPageStatePersister.php
new file mode 100644
index 00000000..0718c492
--- /dev/null
+++ b/framework/Web/UI/TPageStatePersister.php
@@ -0,0 +1,89 @@
+<?php
+
+class TPageStatePersister extends TModule implements IPageStatePersister
+{
+	private $_application;
+	private $_privateKey=null;
+
+	/**
+	 * Initializes the service.
+	 * This method is required by IModule interface.
+	 * @param TApplication application
+	 * @param TXmlElement module configuration
+	 */
+	public function init($application, $config)
+	{
+		parent::init($application,$config);
+		$this->_application=$application;
+		$application->getService()->setPageStatePersister($this);
+	}
+
+	public function save($state)
+	{
+		$data=Prado::serialize($state);
+		$hmac=$this->computeHMAC($data,$this->getPrivateKey());
+		if(extension_loaded('zlib'))
+			$data=gzcompress($hmac.$data);
+		else
+			$data=$hmac.$data;
+		$this->_application->getService()->getRequestedPage()->getClientScript()->registerHiddenField(TPage::FIELD_PAGESTATE,base64_encode($data));
+	}
+
+	public function load()
+	{
+		$str=base64_decode($this->_application->getRequest()->getItems()->itemAt(TPage::FIELD_PAGESTATE));
+		if($str==='')
+			return null;
+		if(extension_loaded('zlib'))
+			$data=gzuncompress($str);
+		else
+			$data=$str;
+		if($data!==false && strlen($data)>32)
+		{
+			$hmac=substr($data,0,32);
+			$state=substr($data,32);
+			if($hmac===$this->computeHMAC($state,$this->getPrivateKey()))
+				return Prado::unserialize($state);
+		}
+		throw new TInvalidDataValueException('pagestatepersister_viewstate_corrupted.');
+	}
+
+	protected function generatePrivateKey()
+	{
+		$v1=rand();
+		$v2=rand();
+		$v3=rand();
+		return md5("$v1$v2$v3");
+	}
+
+	public function getPrivateKey()
+	{
+		if(empty($this->_privateKey))
+		{
+			if(($this->_privateKey=$this->_application->getGlobalState('prado:pagestatepersister:privatekey'))===null)
+			{
+				$this->_privateKey=$this->generatePrivateKey();
+				$this->_application->setGlobalState('prado:pagestatepersister:privatekey',$this->_privateKey,null);
+			}
+		}
+		return $this->_privateKey;
+	}
+
+	public function setPrivateKey($value)
+	{
+		if(strlen($value)<8)
+			throw new TConfigurationException('pagestatepersister_privatekey_invalid');
+		$this->_privateKey=$value;
+	}
+
+	private function computeHMAC($data,$key)
+	{
+		if (strlen($key) > 64)
+			$key = pack('H32', md5($key));
+		else if (strlen($key) < 64)
+			$key = str_pad($key, 64, "\0");
+		return md5((str_repeat("\x5c", 64) ^ substr($key, 0, 64)) . pack('H32', md5((str_repeat("\x36", 64) ^ substr($key, 0, 64)) . $data)));
+	}
+}
+
+?>
\ No newline at end of file
-- 
cgit v1.2.3