summaryrefslogtreecommitdiff
path: root/framework/Web/UI/TPageStatePersister.php
blob: 90af966581c68df558756e3c96e4e40e341a86a9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
<?php
/**
 * TPageStatePersister class file
 *
 * @author Qiang Xue <qiang.xue@gmail.com>
 * @link http://www.pradosoft.com/
 * @copyright Copyright &copy; 2005 PradoSoft
 * @license http://www.pradosoft.com/license/
 * @version $Revision: $  $Date: $
 * @package System.Web.UI
 */

/**
 * TPageStatePersister class
 *
 * TPageStatePersister implements a page state persistent method based on
 * form hidden fields.
 *
 * Depending on the {@link TPage::getEnableStateValidation() EnableStateValidation}
 * and {@link TPage::getEnableStateEncryption() EnableStateEncryption},
 * TPageStatePersister may do HMAC validation and encryption to prevent
 * the state data from being tampered or viewed.
 * The private keys and hashing/encryption methods are determined by
 * {@link TApplication::getSecurityManager() SecurityManager}.
 *
 * @author Qiang Xue <qiang.xue@gmail.com>
 * @version $Revision: $  $Date: $
 * @package System.Web.UI
 * @since 3.0
 */
class TPageStatePersister extends TComponent implements IPageStatePersister
{
	private $_page;

	/**
	 * @param TPage the page that this persister works for
	 */
	public function getPage()
	{
		return $this->_page;
	}

	/**
	 * @param TPage the page that this persister works for
	 */
	public function setPage(TPage $page)
	{
		$this->_page=$page;
	}

	/**
	 * Saves state in hidden fields.
	 * @param mixed state to be stored
	 */
	public function save($state)
	{
		Prado::trace("Saving state",'System.Web.UI.TPageStatePersister');
		$sm=Prado::getApplication()->getSecurityManager();
		if($this->_page->getEnableStateValidation())
			$data=$sm->hashData(Prado::serialize($state));
		else
			$data=Prado::serialize($state);
		if($this->_page->getEnableStateEncryption())
			$data=$sm->encrypt($data);
		if(extension_loaded('zlib'))
			$data=gzcompress($data);
		$this->_page->getClientScript()->registerHiddenField(TPage::FIELD_PAGESTATE,base64_encode($data));
	}

	/**
	 * Loads page state from hidden fields.
	 * @return mixed the restored state
	 * @throws THttpException if page state is corrupted
	 */
	public function load()
	{
		Prado::trace("Loading state",'System.Web.UI.TPageStatePersister');
		$application=Prado::getApplication();
		$sm=$application->getSecurityManager();
		$str=base64_decode($application->getRequest()->itemAt(TPage::FIELD_PAGESTATE));
		if($str==='')
			return null;
		if(extension_loaded('zlib'))
			$data=gzuncompress($str);
		else
			$data=$str;
		if($data!==false)
		{
			if($this->_page->getEnableStateEncryption())
				$data=$sm->decrypt($data);
			if($this->_page->getEnableStateValidation())
			{
				if(($data=$sm->validateData($data))!==false)
					return Prado::unserialize($data);
			}
			else
				return $data;
		}
		throw new THttpException(400,'pagestatepersister_pagestate_corrupted');
	}
}

?>