JuKu /
JuKuCMS
@@ -27,84 +27,84 @@ |
||
| 27 | 27 | |
| 28 | 28 | class PermissionChecker { |
| 29 | 29 | |
| 30 | - protected $userID = -1; |
|
| 31 | - |
|
| 32 | - //list with all permissions - values: 0 (no), 1 (yes), 2 (never) |
|
| 33 | - protected $permissions = array(); |
|
| 34 | - |
|
| 35 | - //singleton instance |
|
| 36 | - protected static $instance = null; |
|
| 37 | - |
|
| 38 | - public function __construct(int $userID) { |
|
| 39 | - $this->userID = $userID; |
|
| 40 | - |
|
| 41 | - if (Cache::contains("permissions", "permissions_user_" . $this->userID)) { |
|
| 42 | - $this->permissions = Cache::get("permissions", "permissions_user_" . $this->userID); |
|
| 43 | - } else { |
|
| 44 | - //get all groups, where user is member on |
|
| 45 | - $groups = new Groups(); |
|
| 46 | - $groups->loadMyGroups($userID); |
|
| 47 | - $my_group_ids = $groups->listGroupIDs(); |
|
| 48 | - |
|
| 49 | - //iterate through all groups user is member on |
|
| 50 | - foreach ($my_group_ids as $groupID) { |
|
| 51 | - $group_rights = new GroupRights($groupID); |
|
| 52 | - |
|
| 53 | - //affect group rights |
|
| 54 | - foreach ($group_rights->listRights() as $token=>$value) { |
|
| 55 | - $this->mergeRow($token, $value); |
|
| 56 | - } |
|
| 57 | - } |
|
| 58 | - |
|
| 59 | - //get user rights |
|
| 60 | - $user_rights = new UserRights($userID); |
|
| 61 | - |
|
| 62 | - foreach ($user_rights->listRights() as $token=>$value) { |
|
| 63 | - $this->mergeRow($token, $value); |
|
| 64 | - } |
|
| 65 | - |
|
| 66 | - //cache result |
|
| 67 | - Cache::put("permissions", "permissions_user_" . $this->userID, $this->permissions); |
|
| 68 | - } |
|
| 69 | - } |
|
| 70 | - |
|
| 71 | - protected function mergeRow (string $token, int $value) { |
|
| 72 | - if ($value < 0 || $value > 2) { |
|
| 73 | - throw new IllegalArgumentException("token ('" . $token . "') value '" . $value . "' is not allowed, value has to be >= 0 and <= 2."); |
|
| 74 | - } |
|
| 75 | - |
|
| 76 | - if (!isset($this->permissions[$token])) { |
|
| 77 | - $this->permissions[$token] = $value; |
|
| 78 | - } else { |
|
| 79 | - $current_value = $this->permissions[$token]; |
|
| 80 | - |
|
| 81 | - if ($value > $current_value) { |
|
| 82 | - $this->permissions[$token] = $value; |
|
| 83 | - } |
|
| 84 | - } |
|
| 85 | - } |
|
| 86 | - |
|
| 87 | - public function hasRight (string $token) { |
|
| 88 | - //check, if user is super admin |
|
| 89 | - if (/*$this->userID == 1 || */(isset($this->permissions["super_admin"]) && $this->permissions["super_admin"] == 1) && $token !== "not_logged_in") { |
|
| 90 | - //super admin has all rights |
|
| 91 | - return true; |
|
| 92 | - } |
|
| 93 | - |
|
| 94 | - if ($token === "none" || $token === "all") { |
|
| 95 | - return true; |
|
| 96 | - } |
|
| 97 | - |
|
| 98 | - return isset($this->permissions[$token]) && $this->permissions[$token] == 1; |
|
| 99 | - } |
|
| 100 | - |
|
| 101 | - public static function ¤t () { |
|
| 102 | - if (self::$instance == null) { |
|
| 103 | - self::$instance = new PermissionChecker(User::current()->getID()); |
|
| 104 | - } |
|
| 105 | - |
|
| 106 | - return self::$instance; |
|
| 107 | - } |
|
| 30 | + protected $userID = -1; |
|
| 31 | + |
|
| 32 | + //list with all permissions - values: 0 (no), 1 (yes), 2 (never) |
|
| 33 | + protected $permissions = array(); |
|
| 34 | + |
|
| 35 | + //singleton instance |
|
| 36 | + protected static $instance = null; |
|
| 37 | + |
|
| 38 | + public function __construct(int $userID) { |
|
| 39 | + $this->userID = $userID; |
|
| 40 | + |
|
| 41 | + if (Cache::contains("permissions", "permissions_user_" . $this->userID)) { |
|
| 42 | + $this->permissions = Cache::get("permissions", "permissions_user_" . $this->userID); |
|
| 43 | + } else { |
|
| 44 | + //get all groups, where user is member on |
|
| 45 | + $groups = new Groups(); |
|
| 46 | + $groups->loadMyGroups($userID); |
|
| 47 | + $my_group_ids = $groups->listGroupIDs(); |
|
| 48 | + |
|
| 49 | + //iterate through all groups user is member on |
|
| 50 | + foreach ($my_group_ids as $groupID) { |
|
| 51 | + $group_rights = new GroupRights($groupID); |
|
| 52 | + |
|
| 53 | + //affect group rights |
|
| 54 | + foreach ($group_rights->listRights() as $token=>$value) { |
|
| 55 | + $this->mergeRow($token, $value); |
|
| 56 | + } |
|
| 57 | + } |
|
| 58 | + |
|
| 59 | + //get user rights |
|
| 60 | + $user_rights = new UserRights($userID); |
|
| 61 | + |
|
| 62 | + foreach ($user_rights->listRights() as $token=>$value) { |
|
| 63 | + $this->mergeRow($token, $value); |
|
| 64 | + } |
|
| 65 | + |
|
| 66 | + //cache result |
|
| 67 | + Cache::put("permissions", "permissions_user_" . $this->userID, $this->permissions); |
|
| 68 | + } |
|
| 69 | + } |
|
| 70 | + |
|
| 71 | + protected function mergeRow (string $token, int $value) { |
|
| 72 | + if ($value < 0 || $value > 2) { |
|
| 73 | + throw new IllegalArgumentException("token ('" . $token . "') value '" . $value . "' is not allowed, value has to be >= 0 and <= 2."); |
|
| 74 | + } |
|
| 75 | + |
|
| 76 | + if (!isset($this->permissions[$token])) { |
|
| 77 | + $this->permissions[$token] = $value; |
|
| 78 | + } else { |
|
| 79 | + $current_value = $this->permissions[$token]; |
|
| 80 | + |
|
| 81 | + if ($value > $current_value) { |
|
| 82 | + $this->permissions[$token] = $value; |
|
| 83 | + } |
|
| 84 | + } |
|
| 85 | + } |
|
| 86 | + |
|
| 87 | + public function hasRight (string $token) { |
|
| 88 | + //check, if user is super admin |
|
| 89 | + if (/*$this->userID == 1 || */(isset($this->permissions["super_admin"]) && $this->permissions["super_admin"] == 1) && $token !== "not_logged_in") { |
|
| 90 | + //super admin has all rights |
|
| 91 | + return true; |
|
| 92 | + } |
|
| 93 | + |
|
| 94 | + if ($token === "none" || $token === "all") { |
|
| 95 | + return true; |
|
| 96 | + } |
|
| 97 | + |
|
| 98 | + return isset($this->permissions[$token]) && $this->permissions[$token] == 1; |
|
| 99 | + } |
|
| 100 | + |
|
| 101 | + public static function ¤t () { |
|
| 102 | + if (self::$instance == null) { |
|
| 103 | + self::$instance = new PermissionChecker(User::current()->getID()); |
|
| 104 | + } |
|
| 105 | + |
|
| 106 | + return self::$instance; |
|
| 107 | + } |
|
| 108 | 108 | |
| 109 | 109 | } |
| 110 | 110 | |
@@ -27,9 +27,9 @@ |
||
| 27 | 27 | |
| 28 | 28 | interface MailSender { |
| 29 | 29 | |
| 30 | - public function sendPlainMail ($to, string $subject, string $message, array $options = array(), string $from = "", string $reply_to = "") : bool; |
|
| 30 | + public function sendPlainMail ($to, string $subject, string $message, array $options = array(), string $from = "", string $reply_to = "") : bool; |
|
| 31 | 31 | |
| 32 | - public function sendHTMLMail ($to, string $subject, string $message, array $options = array(), string $from = "", string $reply_to = "") : bool; |
|
| 32 | + public function sendHTMLMail ($to, string $subject, string $message, array $options = array(), string $from = "", string $reply_to = "") : bool; |
|
| 33 | 33 | |
| 34 | 34 | } |
| 35 | 35 | |
@@ -27,13 +27,13 @@ |
||
| 27 | 27 | |
| 28 | 28 | class SMTPMail implements MailSender { |
| 29 | 29 | |
| 30 | - public function sendPlainMail($to, string $subject, string $message, array $options = array(), string $from = "", string $reply_to = ""): bool { |
|
| 31 | - throw new Exception("method isnt implemented yet."); |
|
| 32 | - } |
|
| 30 | + public function sendPlainMail($to, string $subject, string $message, array $options = array(), string $from = "", string $reply_to = ""): bool { |
|
| 31 | + throw new Exception("method isnt implemented yet."); |
|
| 32 | + } |
|
| 33 | 33 | |
| 34 | - public function sendHTMLMail($to, string $subject, string $message, array $options = array(), string $from = "", string $reply_to = ""): bool { |
|
| 35 | - throw new Exception("method isnt implemented yet."); |
|
| 36 | - } |
|
| 34 | + public function sendHTMLMail($to, string $subject, string $message, array $options = array(), string $from = "", string $reply_to = ""): bool { |
|
| 35 | + throw new Exception("method isnt implemented yet."); |
|
| 36 | + } |
|
| 37 | 37 | } |
| 38 | 38 | |
| 39 | 39 | ?> |
@@ -27,152 +27,152 @@ |
||
| 27 | 27 | |
| 28 | 28 | class PHPMail implements MailSender { |
| 29 | 29 | |
| 30 | - public function sendPlainMail($to, string $subject, string $message, array $options = array(), string $from = "", string $reply_to = ""): bool { |
|
| 31 | - //http://php.net/manual/de/function.mail.php |
|
| 32 | - |
|
| 33 | - // In case any of our lines are larger than 70 characters, we should use wordwrap() |
|
| 34 | - $message = wordwrap($message, 70, "\r\n"); |
|
| 35 | - |
|
| 36 | - //throw event, so plugins can interact |
|
| 37 | - Events::throwEvent("send_plain_mail_php", array( |
|
| 38 | - 'to' => &$to, |
|
| 39 | - 'subject' => &$subject, |
|
| 40 | - 'message' => &$message, |
|
| 41 | - 'options' => &$options, |
|
| 42 | - 'from' => &$from, |
|
| 43 | - 'reply_to' => &$reply_to |
|
| 44 | - )); |
|
| 45 | - |
|
| 46 | - $options = self::getOptions($options, $from, $reply_to); |
|
| 47 | - $to = self::convertToArray($to); |
|
| 48 | - $headers = self::generateHeader($options, $to); |
|
| 49 | - |
|
| 50 | - //add signature at end of message |
|
| 51 | - $message .= MailApi::getSignature(); |
|
| 52 | - |
|
| 53 | - //send mail |
|
| 54 | - return mail($to, $subject, $message, $headers); |
|
| 55 | - } |
|
| 56 | - |
|
| 57 | - public function sendHTMLMail($to, string $subject, string $message, array $options = array(), string $from = "", string $reply_to = ""): bool { |
|
| 58 | - // In case any of our lines are larger than 70 characters, we should use wordwrap() |
|
| 59 | - $message = wordwrap($message, 70, "<br />"); |
|
| 60 | - |
|
| 61 | - //throw event, so plugins can interact |
|
| 62 | - Events::throwEvent("send_html_mail_php", array( |
|
| 63 | - 'to' => &$to, |
|
| 64 | - 'subject' => &$subject, |
|
| 65 | - 'message' => &$message, |
|
| 66 | - 'options' => &$options, |
|
| 67 | - 'from' => &$from, |
|
| 68 | - 'reply_to' => &$reply_to |
|
| 69 | - )); |
|
| 70 | - |
|
| 71 | - $options = $this->getOptions($options, $from, $reply_to); |
|
| 72 | - $to = self::convertToArray($to); |
|
| 73 | - $headers = self::generateHeader($options, $to, true); |
|
| 74 | - |
|
| 75 | - //add signature at end of message |
|
| 76 | - $message .= MailApi::getSignature(); |
|
| 77 | - |
|
| 78 | - //send mail |
|
| 79 | - return mail($to, $subject, $message, $headers); |
|
| 80 | - } |
|
| 81 | - |
|
| 82 | - public static function getOptions (array $options = array(), string $from = "", string $reply_to = "") : array { |
|
| 83 | - if (!is_null($from) && !empty($from)) { |
|
| 84 | - $options['from'] = $from; |
|
| 85 | - } |
|
| 86 | - |
|
| 87 | - if (!is_null($reply_to) && !empty($reply_to)) { |
|
| 88 | - $options['reply_to'] = $reply_to; |
|
| 89 | - } |
|
| 90 | - |
|
| 91 | - //set from address |
|
| 92 | - if (!isset($options['from']) || empty($options['from'])) { |
|
| 93 | - //get from address from settings |
|
| 94 | - $from_mail = Settings::get("mail_sender_address", "none"); |
|
| 95 | - $from_name = Settings::get("mail_sender_name", ""); |
|
| 96 | - |
|
| 97 | - if ($from_mail !== "none") { |
|
| 98 | - $options['from'] = (!empty($from_name) ? $from_name . " " : "") . $from_mail; |
|
| 99 | - } |
|
| 100 | - } |
|
| 101 | - |
|
| 102 | - if (!isset($options['reply_to']) || empty($options['reply_to'])) { |
|
| 103 | - $reply_to = Settings::get("mail_reply_to", ""); |
|
| 104 | - |
|
| 105 | - if (!empty($reply_to)) { |
|
| 106 | - $options['reply_to'] = $reply_to; |
|
| 107 | - } |
|
| 108 | - } |
|
| 109 | - |
|
| 110 | - return $options; |
|
| 111 | - } |
|
| 112 | - |
|
| 113 | - public static function convertToArray ($to) : string { |
|
| 114 | - if (is_array($to)) { |
|
| 115 | - //convert array to RFC 2822 string |
|
| 116 | - $to = implode(", ", $to); |
|
| 117 | - } |
|
| 118 | - |
|
| 119 | - return $to; |
|
| 120 | - } |
|
| 121 | - |
|
| 122 | - public static function generateHeader (array $options, string $to, bool $html_mail = false) { |
|
| 123 | - //generate header |
|
| 124 | - $headers = array(); |
|
| 125 | - |
|
| 126 | - if ($html_mail) { |
|
| 127 | - $charset = Settings::get("mail_default_charset", "urf-8"); |
|
| 128 | - |
|
| 129 | - //add mime version, content type and charset |
|
| 130 | - $headers[] = "MIME-Version: 1.0"; |
|
| 131 | - $headers[] = "Content-type: text/html; charset=" . $charset; |
|
| 132 | - |
|
| 133 | - $headers[] = "To: " . $to; |
|
| 134 | - } |
|
| 135 | - |
|
| 136 | - $headers[] = "Content-Transfer-Encoding: quoted-printable"; |
|
| 137 | - |
|
| 138 | - if (isset($options['from']) && !empty($options['from'])) { |
|
| 139 | - $headers[] = "From: " . $options['from']; |
|
| 140 | - } |
|
| 141 | - |
|
| 142 | - if (isset($options['reply_to']) && !empty($options['reply_to'])) { |
|
| 143 | - $headers[] = "Reply-To: " . $options['reply_to']; |
|
| 144 | - } |
|
| 145 | - |
|
| 146 | - if (isset($options['cc'])) { |
|
| 147 | - if (is_array($options['cc'])) { |
|
| 148 | - //convert array to string |
|
| 149 | - $options['cc'] = implode(", ", $options['cc']); |
|
| 150 | - } |
|
| 151 | - |
|
| 152 | - $headers[] = "Cc: " . $options['cc']; |
|
| 153 | - } |
|
| 154 | - |
|
| 155 | - if (isset($options['bcc'])) { |
|
| 156 | - if (is_array($options['bcc'])) { |
|
| 157 | - //convert array to string |
|
| 158 | - $options['bcc'] = implode(", ", $options['bcc']); |
|
| 159 | - } |
|
| 160 | - |
|
| 161 | - $headers[] = "Bcc: " . $options['bcc']; |
|
| 162 | - } |
|
| 163 | - |
|
| 164 | - //add php X-Mailer header |
|
| 165 | - $headers[] = "X-Mailer: PHP/" . phpversion(); |
|
| 166 | - |
|
| 167 | - if (count($headers) == 0) { |
|
| 168 | - $headers = null; |
|
| 169 | - } else { |
|
| 170 | - //convert array to string |
|
| 171 | - $headers = implode("\r\n", $headers); |
|
| 172 | - } |
|
| 30 | + public function sendPlainMail($to, string $subject, string $message, array $options = array(), string $from = "", string $reply_to = ""): bool { |
|
| 31 | + //http://php.net/manual/de/function.mail.php |
|
| 32 | + |
|
| 33 | + // In case any of our lines are larger than 70 characters, we should use wordwrap() |
|
| 34 | + $message = wordwrap($message, 70, "\r\n"); |
|
| 35 | + |
|
| 36 | + //throw event, so plugins can interact |
|
| 37 | + Events::throwEvent("send_plain_mail_php", array( |
|
| 38 | + 'to' => &$to, |
|
| 39 | + 'subject' => &$subject, |
|
| 40 | + 'message' => &$message, |
|
| 41 | + 'options' => &$options, |
|
| 42 | + 'from' => &$from, |
|
| 43 | + 'reply_to' => &$reply_to |
|
| 44 | + )); |
|
| 45 | + |
|
| 46 | + $options = self::getOptions($options, $from, $reply_to); |
|
| 47 | + $to = self::convertToArray($to); |
|
| 48 | + $headers = self::generateHeader($options, $to); |
|
| 49 | + |
|
| 50 | + //add signature at end of message |
|
| 51 | + $message .= MailApi::getSignature(); |
|
| 52 | + |
|
| 53 | + //send mail |
|
| 54 | + return mail($to, $subject, $message, $headers); |
|
| 55 | + } |
|
| 56 | + |
|
| 57 | + public function sendHTMLMail($to, string $subject, string $message, array $options = array(), string $from = "", string $reply_to = ""): bool { |
|
| 58 | + // In case any of our lines are larger than 70 characters, we should use wordwrap() |
|
| 59 | + $message = wordwrap($message, 70, "<br />"); |
|
| 60 | + |
|
| 61 | + //throw event, so plugins can interact |
|
| 62 | + Events::throwEvent("send_html_mail_php", array( |
|
| 63 | + 'to' => &$to, |
|
| 64 | + 'subject' => &$subject, |
|
| 65 | + 'message' => &$message, |
|
| 66 | + 'options' => &$options, |
|
| 67 | + 'from' => &$from, |
|
| 68 | + 'reply_to' => &$reply_to |
|
| 69 | + )); |
|
| 70 | + |
|
| 71 | + $options = $this->getOptions($options, $from, $reply_to); |
|
| 72 | + $to = self::convertToArray($to); |
|
| 73 | + $headers = self::generateHeader($options, $to, true); |
|
| 74 | + |
|
| 75 | + //add signature at end of message |
|
| 76 | + $message .= MailApi::getSignature(); |
|
| 77 | + |
|
| 78 | + //send mail |
|
| 79 | + return mail($to, $subject, $message, $headers); |
|
| 80 | + } |
|
| 81 | + |
|
| 82 | + public static function getOptions (array $options = array(), string $from = "", string $reply_to = "") : array { |
|
| 83 | + if (!is_null($from) && !empty($from)) { |
|
| 84 | + $options['from'] = $from; |
|
| 85 | + } |
|
| 86 | + |
|
| 87 | + if (!is_null($reply_to) && !empty($reply_to)) { |
|
| 88 | + $options['reply_to'] = $reply_to; |
|
| 89 | + } |
|
| 90 | + |
|
| 91 | + //set from address |
|
| 92 | + if (!isset($options['from']) || empty($options['from'])) { |
|
| 93 | + //get from address from settings |
|
| 94 | + $from_mail = Settings::get("mail_sender_address", "none"); |
|
| 95 | + $from_name = Settings::get("mail_sender_name", ""); |
|
| 96 | + |
|
| 97 | + if ($from_mail !== "none") { |
|
| 98 | + $options['from'] = (!empty($from_name) ? $from_name . " " : "") . $from_mail; |
|
| 99 | + } |
|
| 100 | + } |
|
| 101 | + |
|
| 102 | + if (!isset($options['reply_to']) || empty($options['reply_to'])) { |
|
| 103 | + $reply_to = Settings::get("mail_reply_to", ""); |
|
| 104 | + |
|
| 105 | + if (!empty($reply_to)) { |
|
| 106 | + $options['reply_to'] = $reply_to; |
|
| 107 | + } |
|
| 108 | + } |
|
| 109 | + |
|
| 110 | + return $options; |
|
| 111 | + } |
|
| 112 | + |
|
| 113 | + public static function convertToArray ($to) : string { |
|
| 114 | + if (is_array($to)) { |
|
| 115 | + //convert array to RFC 2822 string |
|
| 116 | + $to = implode(", ", $to); |
|
| 117 | + } |
|
| 118 | + |
|
| 119 | + return $to; |
|
| 120 | + } |
|
| 121 | + |
|
| 122 | + public static function generateHeader (array $options, string $to, bool $html_mail = false) { |
|
| 123 | + //generate header |
|
| 124 | + $headers = array(); |
|
| 125 | + |
|
| 126 | + if ($html_mail) { |
|
| 127 | + $charset = Settings::get("mail_default_charset", "urf-8"); |
|
| 128 | + |
|
| 129 | + //add mime version, content type and charset |
|
| 130 | + $headers[] = "MIME-Version: 1.0"; |
|
| 131 | + $headers[] = "Content-type: text/html; charset=" . $charset; |
|
| 132 | + |
|
| 133 | + $headers[] = "To: " . $to; |
|
| 134 | + } |
|
| 135 | + |
|
| 136 | + $headers[] = "Content-Transfer-Encoding: quoted-printable"; |
|
| 137 | + |
|
| 138 | + if (isset($options['from']) && !empty($options['from'])) { |
|
| 139 | + $headers[] = "From: " . $options['from']; |
|
| 140 | + } |
|
| 141 | + |
|
| 142 | + if (isset($options['reply_to']) && !empty($options['reply_to'])) { |
|
| 143 | + $headers[] = "Reply-To: " . $options['reply_to']; |
|
| 144 | + } |
|
| 145 | + |
|
| 146 | + if (isset($options['cc'])) { |
|
| 147 | + if (is_array($options['cc'])) { |
|
| 148 | + //convert array to string |
|
| 149 | + $options['cc'] = implode(", ", $options['cc']); |
|
| 150 | + } |
|
| 151 | + |
|
| 152 | + $headers[] = "Cc: " . $options['cc']; |
|
| 153 | + } |
|
| 154 | + |
|
| 155 | + if (isset($options['bcc'])) { |
|
| 156 | + if (is_array($options['bcc'])) { |
|
| 157 | + //convert array to string |
|
| 158 | + $options['bcc'] = implode(", ", $options['bcc']); |
|
| 159 | + } |
|
| 160 | + |
|
| 161 | + $headers[] = "Bcc: " . $options['bcc']; |
|
| 162 | + } |
|
| 163 | + |
|
| 164 | + //add php X-Mailer header |
|
| 165 | + $headers[] = "X-Mailer: PHP/" . phpversion(); |
|
| 166 | + |
|
| 167 | + if (count($headers) == 0) { |
|
| 168 | + $headers = null; |
|
| 169 | + } else { |
|
| 170 | + //convert array to string |
|
| 171 | + $headers = implode("\r\n", $headers); |
|
| 172 | + } |
|
| 173 | 173 | |
| 174 | - return $headers; |
|
| 175 | - } |
|
| 174 | + return $headers; |
|
| 175 | + } |
|
| 176 | 176 | |
| 177 | 177 | } |
| 178 | 178 | |
@@ -27,13 +27,13 @@ |
||
| 27 | 27 | |
| 28 | 28 | class Validator_IP implements Validator_Base { |
| 29 | 29 | |
| 30 | - public function isValide($value): bool { |
|
| 31 | - return filter_var($value, FILTER_VALIDATE_IP) !== FALSE; |
|
| 32 | - } |
|
| 30 | + public function isValide($value): bool { |
|
| 31 | + return filter_var($value, FILTER_VALIDATE_IP) !== FALSE; |
|
| 32 | + } |
|
| 33 | 33 | |
| 34 | - public function validate($value) { |
|
| 35 | - return filter_var($value, FILTER_VALIDATE_IP); |
|
| 36 | - } |
|
| 34 | + public function validate($value) { |
|
| 35 | + return filter_var($value, FILTER_VALIDATE_IP); |
|
| 36 | + } |
|
| 37 | 37 | |
| 38 | 38 | } |
| 39 | 39 | |
@@ -27,11 +27,11 @@ |
||
| 27 | 27 | |
| 28 | 28 | interface ICaptcha { |
| 29 | 29 | |
| 30 | - public function getHeader () : string; |
|
| 30 | + public function getHeader () : string; |
|
| 31 | 31 | |
| 32 | - public function getFormCode () : string; |
|
| 32 | + public function getFormCode () : string; |
|
| 33 | 33 | |
| 34 | - public function verify (array $params = array()) : bool; |
|
| 34 | + public function verify (array $params = array()) : bool; |
|
| 35 | 35 | |
| 36 | 36 | } |
| 37 | 37 | |
@@ -27,21 +27,21 @@ |
||
| 27 | 27 | |
| 28 | 28 | class Captcha { |
| 29 | 29 | |
| 30 | - protected static $instance = null; |
|
| 30 | + protected static $instance = null; |
|
| 31 | 31 | |
| 32 | - public static function isEnabled () : bool { |
|
| 33 | - return Settings::get("captcha_enabled", true); |
|
| 34 | - } |
|
| 32 | + public static function isEnabled () : bool { |
|
| 33 | + return Settings::get("captcha_enabled", true); |
|
| 34 | + } |
|
| 35 | 35 | |
| 36 | - public static function getInstance () : ICaptcha { |
|
| 37 | - if (self::$instance == null) { |
|
| 38 | - //create new instance |
|
| 39 | - $class_name = Settings::get("captcha_class_name", "ReCaptcha"); |
|
| 40 | - self::$instance = new $class_name(); |
|
| 41 | - } |
|
| 36 | + public static function getInstance () : ICaptcha { |
|
| 37 | + if (self::$instance == null) { |
|
| 38 | + //create new instance |
|
| 39 | + $class_name = Settings::get("captcha_class_name", "ReCaptcha"); |
|
| 40 | + self::$instance = new $class_name(); |
|
| 41 | + } |
|
| 42 | 42 | |
| 43 | - return self::$instance; |
|
| 44 | - } |
|
| 43 | + return self::$instance; |
|
| 44 | + } |
|
| 45 | 45 | |
| 46 | 46 | } |
| 47 | 47 | |
@@ -25,59 +25,59 @@ |
||
| 25 | 25 | |
| 26 | 26 | class ReCaptcha implements ICaptcha { |
| 27 | 27 | |
| 28 | - public function getHeader(): string { |
|
| 29 | - return "<script src='https://www.google.com/recaptcha/api.js'></script>"; |
|
| 30 | - } |
|
| 28 | + public function getHeader(): string { |
|
| 29 | + return "<script src='https://www.google.com/recaptcha/api.js'></script>"; |
|
| 30 | + } |
|
| 31 | 31 | |
| 32 | - public function getFormCode(): string { |
|
| 33 | - //get website key |
|
| 34 | - $website_key = Settings::get("recaptcha_website_key", ""); |
|
| 32 | + public function getFormCode(): string { |
|
| 33 | + //get website key |
|
| 34 | + $website_key = Settings::get("recaptcha_website_key", ""); |
|
| 35 | 35 | |
| 36 | - if (empty($website_key)) { |
|
| 37 | - throw new IllegalStateException("reCaptcha wasnt configured right. Administrators: generate a website & secret key by google recaptcha and set them in settings to fix this issue!"); |
|
| 38 | - } |
|
| 36 | + if (empty($website_key)) { |
|
| 37 | + throw new IllegalStateException("reCaptcha wasnt configured right. Administrators: generate a website & secret key by google recaptcha and set them in settings to fix this issue!"); |
|
| 38 | + } |
|
| 39 | 39 | |
| 40 | - return "<div class=\"g-recaptcha\" data-sitekey=\"" . $website_key . "\"></div>"; |
|
| 41 | - } |
|
| 40 | + return "<div class=\"g-recaptcha\" data-sitekey=\"" . $website_key . "\"></div>"; |
|
| 41 | + } |
|
| 42 | 42 | |
| 43 | - public function verify(array $params = array()): bool { |
|
| 44 | - $secret_key = Settings::get("recaptcha_secret_key", ""); |
|
| 43 | + public function verify(array $params = array()): bool { |
|
| 44 | + $secret_key = Settings::get("recaptcha_secret_key", ""); |
|
| 45 | 45 | |
| 46 | - if (empty($secret_key)) { |
|
| 47 | - throw new IllegalStateException("Cannot verify recaptcha, because no secret key was set, <a href=\"https://www.google.com/recaptcha/admin\">generate a website & secret key by recaptcha</a> and set them in global settings."); |
|
| 48 | - } |
|
| 46 | + if (empty($secret_key)) { |
|
| 47 | + throw new IllegalStateException("Cannot verify recaptcha, because no secret key was set, <a href=\"https://www.google.com/recaptcha/admin\">generate a website & secret key by recaptcha</a> and set them in global settings."); |
|
| 48 | + } |
|
| 49 | 49 | |
| 50 | - if (!isset($_POST['g-recaptcha-response']) || empty($_POST['g-recaptcha-response'])) { |
|
| 51 | - //no recaptcha response was set |
|
| 52 | - return false; |
|
| 53 | - } |
|
| 50 | + if (!isset($_POST['g-recaptcha-response']) || empty($_POST['g-recaptcha-response'])) { |
|
| 51 | + //no recaptcha response was set |
|
| 52 | + return false; |
|
| 53 | + } |
|
| 54 | 54 | |
| 55 | - $g_recaptcha_response = $_POST['g-recaptcha-response']; |
|
| 55 | + $g_recaptcha_response = $_POST['g-recaptcha-response']; |
|
| 56 | 56 | |
| 57 | - $params = array( |
|
| 58 | - 'secret' => $secret_key, |
|
| 59 | - 'response' => $g_recaptcha_response//'remoteip' => "" Optional. The user's IP address. |
|
| 60 | - ); |
|
| 57 | + $params = array( |
|
| 58 | + 'secret' => $secret_key, |
|
| 59 | + 'response' => $g_recaptcha_response//'remoteip' => "" Optional. The user's IP address. |
|
| 60 | + ); |
|
| 61 | 61 | |
| 62 | - //send POST request |
|
| 63 | - $result = PHPUtils::sendPOSTRequest("https://www.google.com/recaptcha/api/siteverify", $params); |
|
| 62 | + //send POST request |
|
| 63 | + $result = PHPUtils::sendPOSTRequest("https://www.google.com/recaptcha/api/siteverify", $params); |
|
| 64 | 64 | |
| 65 | - if (!$result) { |
|
| 66 | - //coulnd send POST request |
|
| 67 | - throw new IllegalStateException("Couldnt send POST request to verify recaptcha"); |
|
| 68 | - } |
|
| 65 | + if (!$result) { |
|
| 66 | + //coulnd send POST request |
|
| 67 | + throw new IllegalStateException("Couldnt send POST request to verify recaptcha"); |
|
| 68 | + } |
|
| 69 | 69 | |
| 70 | - $json = json_decode($result, true); |
|
| 70 | + $json = json_decode($result, true); |
|
| 71 | 71 | |
| 72 | - if (isset($json['success']) && $json['success'] == true) { |
|
| 73 | - //validation successfully |
|
| 74 | - return true; |
|
| 75 | - } else { |
|
| 76 | - //for error-message see https://developers.google.com/recaptcha/docs/verify |
|
| 72 | + if (isset($json['success']) && $json['success'] == true) { |
|
| 73 | + //validation successfully |
|
| 74 | + return true; |
|
| 75 | + } else { |
|
| 76 | + //for error-message see https://developers.google.com/recaptcha/docs/verify |
|
| 77 | 77 | |
| 78 | - return false; |
|
| 79 | - } |
|
| 80 | - } |
|
| 78 | + return false; |
|
| 79 | + } |
|
| 80 | + } |
|
| 81 | 81 | |
| 82 | 82 | } |
| 83 | 83 | |
@@ -27,28 +27,28 @@ |
||
| 27 | 27 | |
| 28 | 28 | class Validator_Username implements Validator_Base { |
| 29 | 29 | |
| 30 | - public function isValide($value): bool { |
|
| 31 | - //https://stackoverflow.com/questions/4383878/php-username-validation |
|
| 32 | - |
|
| 33 | - if(preg_match("/^[" . Settings::get("username_regex", "a-zA-Z0-9\.\-") . "]{" . Settings::get("username_min_length", 4) . "," . Settings::get("username_max_length", 20) . "}$/", $value)) { // for english chars + numbers only |
|
| 34 | - return true; |
|
| 35 | - } |
|
| 36 | - |
|
| 37 | - return false; |
|
| 38 | - } |
|
| 39 | - |
|
| 40 | - public function validate($value) { |
|
| 41 | - if ($this->isValide($value)) { |
|
| 42 | - return $value; |
|
| 43 | - } else { |
|
| 44 | - throw new SecurityException("username is not valide '" . htmlentities($value) . "'!"); |
|
| 45 | - } |
|
| 46 | - } |
|
| 47 | - |
|
| 48 | - public static function get (string $value) : string { |
|
| 49 | - $obj = new Validator_Username(); |
|
| 50 | - return $obj->validate($value); |
|
| 51 | - } |
|
| 30 | + public function isValide($value): bool { |
|
| 31 | + //https://stackoverflow.com/questions/4383878/php-username-validation |
|
| 32 | + |
|
| 33 | + if(preg_match("/^[" . Settings::get("username_regex", "a-zA-Z0-9\.\-") . "]{" . Settings::get("username_min_length", 4) . "," . Settings::get("username_max_length", 20) . "}$/", $value)) { // for english chars + numbers only |
|
| 34 | + return true; |
|
| 35 | + } |
|
| 36 | + |
|
| 37 | + return false; |
|
| 38 | + } |
|
| 39 | + |
|
| 40 | + public function validate($value) { |
|
| 41 | + if ($this->isValide($value)) { |
|
| 42 | + return $value; |
|
| 43 | + } else { |
|
| 44 | + throw new SecurityException("username is not valide '" . htmlentities($value) . "'!"); |
|
| 45 | + } |
|
| 46 | + } |
|
| 47 | + |
|
| 48 | + public static function get (string $value) : string { |
|
| 49 | + $obj = new Validator_Username(); |
|
| 50 | + return $obj->validate($value); |
|
| 51 | + } |
|
| 52 | 52 | |
| 53 | 53 | } |
| 54 | 54 | |
