ci-bonfire / Sprint

system/libraries/Session/drivers/Session_memcached_driver.php

Braces +1 added lines, -2 removed lines

@@ -496,8 +496,7 @@
 			if (empty($_SERVER['HTTP_REFERER']))
 			{
 				$this->referer = FALSE;
-			}
-			else
+			} else
 			{
 				$referer_host = @parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST);
 				$own_host = parse_url(config_item('base_url'), PHP_URL_HOST);

system/libraries/Cache/Cache.php

Braces +1 added lines, -2 removed lines

@@ -496,8 +496,7 @@
 			if (empty($_SERVER['HTTP_REFERER']))
 			{
 				$this->referer = FALSE;
-			}
-			else
+			} else
 			{
 				$referer_host = @parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST);
 				$own_host = parse_url(config_item('base_url'), PHP_URL_HOST);

myth/Auth/LocalAuthentication.php

Braces +1 added lines, -2 removed lines

@@ -253,8 +253,7 @@
             {
                 $this->vars[$k] = $escape ? esc($v, $context, $this->escaper) : $v;
             }
-        }
-        else
+        } else
         {
             $this->vars[$name] = $escape ? esc($value, $context, $this->escaper) : $value;
         }

Doc Comments +4 added lines, -4 removed lines

@@ -242,7 +242,7 @@ 
     /**
      * Logs a user out and removes all session information.
      *
-     * @return mixed
+     * @return false|null
      */
     public function logout()
     {
@@ -608,7 +608,7 @@ 
      * the passed in $email.
      *
      * @param $email
-     * @return mixed
+     * @return boolean
      */
     public function remindUser($email)
     {
@@ -653,7 +653,7 @@ 
      * @param $credentials
      * @param $password
      * @param $passConfirm
-     * @return mixed
+     * @return boolean
      */
     public function resetPassword($credentials, $password, $passConfirm)
     {
@@ -751,7 +751,7 @@ 
      *
      * @param $model
      * @param bool $allow_any_parent
-     * @return mixed
+     * @return LocalAuthentication
      */
     public function useModel($model, $allow_any_parent=false)
     {

Indentation +908 added lines, -908 removed lines

@@ -52,915 +52,915 @@
  */
 class LocalAuthentication implements AuthenticateInterface {
 
-    protected $ci;
-
-    protected $user = null;
-
-    public $user_model = null;
-
-    public $error = null;
-
-    //--------------------------------------------------------------------
-
-    public function __construct( $ci=null )
-    {
-        if ($ci)
-        {
-            $this->ci= $ci;
-        }
-        else
-        {
-            $this->ci =& get_instance();
-        }
-
-        // Get our compatibility password file loaded up.
-        if (! function_exists('password_hash'))
-        {
-            require_once dirname(__FILE__) .'password.php';
-        }
-
-        if (empty($this->ci->session))
-        {
-            $this->ci->load->library('session');
-        }
-
-        $this->ci->config->load('auth');
-        $this->ci->load->model('auth/login_model');
-        $this->ci->load->language('auth/auth');
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Attempt to log a user into the system.
-     *
-     * $credentials is an array of key/value pairs needed to log the user in.
-     * This is often email/password, or username/password.
-     *
-     * @param array $credentials
-     * @param bool  $remember
-     * @return bool|mixed
-     */
-    public function login($credentials, $remember=false)
-    {
-        $user = $this->validate($credentials, true);
-
-        if (! $user)
-        {
-            $this->user = null;
-            return $user;
-        }       
-
-        $this->loginUser($user);
-
-        if ($remember)
-        {
-            $this->rememberUser($user);
-        }
-
-        Events::trigger('didLogin', [$user]);
-
-        return true;
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Validates user login information without logging them in.
-     *
-     * $credentials is an array of key/value pairs needed to log the user in.
-     * This is often email/password, or username/password.
-     *
-     * @param $credentials
-     * @param bool $return_user
-     * @return mixed
-     */
-    public function validate($credentials, $return_user=false)
-    {
-        // Can't validate without a password.
-        if (empty($credentials['password']) || count($credentials) < 2)
-        {
-            return null;
-        }
-
-        $password = $credentials['password'];
-        unset($credentials['password']);
-
-        // We should only be allowed 1 single other credential to
-        // test against.
-        if (count($credentials) > 1)
-        {
-            $this->error = lang('auth.too_many_credentials');
-            return false;
-        }
-
-        // Ensure that the fields are allowed validation fields
-        if (! in_array(key($credentials), config_item('auth.valid_fields')) )
-        {
-            $this->error = lang('auth.invalid_credentials');
-            return false;
-        }
-
-        // We do not want to force case-sensitivity on things
-        // like username and email for usability sake.
-        if (! empty($credentials['email']))
-        {
-            $credentials['email'] = strtolower($credentials['email']);
-        }
-
-        // Can we find a user with those credentials?
-        $user = $this->user_model->as_array()
-                                 ->where($credentials)
-                                 ->first();
-
-        // If the user is throttled due to too many invalid logins
-        // or the system is under attack, kick them back.
-
-        // If throttling time is above zero, we can't allow
-        // logins now.
-        $time = (int)$this->isThrottled($user);
-        if ($time > 0)
-        {
-            $this->error = sprintf(lang('auth.throttled'), $time);
-            return false;
-        }
-
-        // Get ip address
-        $ip_address = $this->ci->input->ip_address();
-
-        if (! $user)
-        {
-            $this->error = lang('auth.invalid_user');
-            $this->ci->login_model->recordLoginAttempt($ip_address);
-            return false;
-        }
-
-        // Now, try matching the passwords.
-        $result =  password_verify($password, $user['password_hash']);
-
-        if (! $result)
-        {
-            $this->error = lang('auth.invalid_password');
-            $this->ci->login_model->recordLoginAttempt($ip_address, $user['id']);
-            return false;
-        }
-
-        // Check to see if the password needs to be rehashed.
-        // This would be due to the hash algorithm or hash
-        // cost changing since the last time that a user
-        // logged in.
-        if (password_needs_rehash($user['password_hash'], PASSWORD_DEFAULT, ['cost' => config_item('auth.hash_cost')] ))
-        {
-            $new_hash = Password::hashPassword($password);
-            $this->user_model->skip_validation()
-                             ->update($user['id'], ['password_hash' => $new_hash]);
-            unset($new_hash);
-        }
-
-        // Is the user active?
-        if (! $user['active'])
-        {
-            $this->error = lang('auth.inactive_account');
-            return false;
-        }
-
-        return $return_user ? $user : true;
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Logs a user out and removes all session information.
-     *
-     * @return mixed
-     */
-    public function logout()
-    {
-        $this->ci->load->helper('cookie');
-
-        if (! Events::trigger('beforeLogout', [$this->user]))
-        {
-            return false;
-        }
-
-        // Destroy the session data - but ensure a session is still
-        // available for flash messages, etc.
-        if (isset($_SESSION))
-        {
-            foreach ( $_SESSION as $key => $value )
-            {
-                $_SESSION[ $key ] = NULL;
-                unset( $_SESSION[ $key ] );
-            }
-        }
-        // Also, regenerate the session ID for a touch of added safety.
-        $this->ci->session->sess_regenerate(true);
-
-        // Take care of any rememberme functionality.
-        if (config_item('auth.allow_remembering'))
-        {
-            $token = get_cookie('remember');
-
-            $this->invalidateRememberCookie($this->user['email'], $token);
-        }
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Checks whether a user is logged in or not.
-     *
-     * @return bool
-     */
-    public function isLoggedIn()
-    {
-        $id = $this->ci->session->userdata('logged_in');
-
-        if (! $id)
-        {
-            return false;
-        }
-
-        // If the user var hasn't been filled in, we need to fill it in,
-        // since this method will typically be used as the only method
-        // to determine whether a user is logged in or not.
-        if (! $this->user)
-        {
-            $this->user = $this->user_model->as_array()
-                                           ->find_by('id', (int)$id);
-
-            if (empty($this->user))
-            {
-                return false;
-            }
-        }
-
-        // If logged in, ensure cache control
-        // headers are in place
-        $this->setHeaders();
-
-        return true;
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Attempts to log a user in based on the "remember me" cookie.
-     *
-     * @return bool
-     */
-    public function viaRemember()
-    {
-        if (! config_item('auth.allow_remembering'))
-        {
-            return false;
-        }
-
-        $this->ci->load->helper('cookie');
-
-        if (! $token = get_cookie('remember'))
-        {
-            return false;
-        }
-
-        // Attempt to match the token against our auth_tokens table.
-        $query = $this->ci->db->where('hash', $this->ci->login_model->hashRememberToken($token))
-                              ->get('auth_tokens');
-
-        if (! $query->num_rows())
-        {
-            return false;
-        }
-
-        // Grab the user
-        $email = $query->row()->email;
-
-        $user = $this->user_model->as_array()
-                                 ->find_by('email', $email);
-
-        $this->loginUser($user);
-
-        // We only want our remember me tokens to be valid
-        // for a single use.
-        $this->refreshRememberCookie($user, $token);
-
-        return true;
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Registers a new user and handles activation method.
-     *
-     * @param $user_data
-     * @return bool
-     */
-    public function registerUser($user_data)
-    {
-        // Anything special needed for Activation?
-        $method = config_item('auth.activation_method');
-
-        $user_data['active'] = $method == 'auto' ? 1 : 0;
-
-        // If via email, we need to generate a hash
-        $this->ci->load->helper('string');
-        $token = random_string('alnum', 24);
-        $user_data['activate_hash'] = hash('sha1', config_item('auth.salt') . $token);
-
-        // Email should NOT be case sensitive.
-        if (! empty($user_data['email']))
-        {
-            $user_data['email'] = strtolower($user_data['email']);
-        }
-
-        // Save the user
-        if (! $id = $this->user_model->insert($user_data))
-        {
-            $this->error = $this->user_model->error();
-            return false;
-        }
-
-        $data = [
-            'user_id' => $id,
-            'email'   => $user_data['email'],
-            'token'   => $token,
-            'method'  => $method
-        ];
-
-        Events::trigger('didRegisterUser', [$data]);
-
-        return true;
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Used to verify the user values and activate a user so they can
-     * visit the site.
-     *
-     * @param $data
-     * @return bool
-     */
-    public function activateUser($data)
-    {
-        $post = [
-            'email'         => $data['email'],
-            'activate_hash' => hash('sha1', config_item('auth.salt') . $data['code'])
-        ];
-
-        $user = $this->user_model->where($post)
-                                 ->first();
-
-        if (! $user) {
-            $this->error = $this->user_model->error() ? $this->user_model->error() : lang('auth.activate_no_user');
-
-            return false;
-        }
-
-        if (! $this->user_model->update($user->id, ['active' => 1, 'activate_hash' => null]))
-        {
-            $this->error = $this->user_model->error();
-            return false;
-        }
-
-        Events::trigger('didActivate', [(array)$user]);
-
-        return true;
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Used to allow manual activation of a user with a known ID.
-     *
-     * @param $id
-     * @return bool
-     */
-    public function activateUserById($id)
-    {
-        if (! $this->user_model->update($id, ['active' => 1, 'activate_hash' => null]))
-        {
-            $this->error = $this->user_model->error();
-            return false;
-        }
-
-        Events::trigger('didActivate', [$this->user_model->as_array()->find($id)]);
-
-        return true;
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Grabs the current user object. Returns NULL if nothing found.
-     *
-     * @return array|null
-     */
-    public function user()
-    {
-        return $this->user;
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * A convenience method to grab the current user's ID.
-     *
-     * @return int|null
-     */
-    public function id()
-    {
-        if (! is_array($this->user) || empty($this->user['id']))
-        {
-            return null;
-        }
-
-        return (int)$this->user['id'];
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Checks to see if the user is currently being throttled.
-     *
-     *  - If they are NOT, will return FALSE.
-     *  - If they ARE, will return the number of seconds until they can try again.
-     *
-     * @param $user
-     * @return mixed
-     */
-    public function isThrottled($user)
-    {
-        // Not throttling? Get outta here!
-        if (! config_item('auth.allow_throttling'))
-        {
-            return false;
-        }
-
-        // Get user_id
-        $user_id = $user ? $user['id'] : null;
+	protected $ci;
+
+	protected $user = null;
+
+	public $user_model = null;
+
+	public $error = null;
+
+	//--------------------------------------------------------------------
+
+	public function __construct( $ci=null )
+	{
+		if ($ci)
+		{
+			$this->ci= $ci;
+		}
+		else
+		{
+			$this->ci =& get_instance();
+		}
+
+		// Get our compatibility password file loaded up.
+		if (! function_exists('password_hash'))
+		{
+			require_once dirname(__FILE__) .'password.php';
+		}
+
+		if (empty($this->ci->session))
+		{
+			$this->ci->load->library('session');
+		}
+
+		$this->ci->config->load('auth');
+		$this->ci->load->model('auth/login_model');
+		$this->ci->load->language('auth/auth');
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Attempt to log a user into the system.
+	 *
+	 * $credentials is an array of key/value pairs needed to log the user in.
+	 * This is often email/password, or username/password.
+	 *
+	 * @param array $credentials
+	 * @param bool  $remember
+	 * @return bool|mixed
+	 */
+	public function login($credentials, $remember=false)
+	{
+		$user = $this->validate($credentials, true);
+
+		if (! $user)
+		{
+			$this->user = null;
+			return $user;
+		}       
+
+		$this->loginUser($user);
+
+		if ($remember)
+		{
+			$this->rememberUser($user);
+		}
+
+		Events::trigger('didLogin', [$user]);
+
+		return true;
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Validates user login information without logging them in.
+	 *
+	 * $credentials is an array of key/value pairs needed to log the user in.
+	 * This is often email/password, or username/password.
+	 *
+	 * @param $credentials
+	 * @param bool $return_user
+	 * @return mixed
+	 */
+	public function validate($credentials, $return_user=false)
+	{
+		// Can't validate without a password.
+		if (empty($credentials['password']) || count($credentials) < 2)
+		{
+			return null;
+		}
+
+		$password = $credentials['password'];
+		unset($credentials['password']);
+
+		// We should only be allowed 1 single other credential to
+		// test against.
+		if (count($credentials) > 1)
+		{
+			$this->error = lang('auth.too_many_credentials');
+			return false;
+		}
+
+		// Ensure that the fields are allowed validation fields
+		if (! in_array(key($credentials), config_item('auth.valid_fields')) )
+		{
+			$this->error = lang('auth.invalid_credentials');
+			return false;
+		}
+
+		// We do not want to force case-sensitivity on things
+		// like username and email for usability sake.
+		if (! empty($credentials['email']))
+		{
+			$credentials['email'] = strtolower($credentials['email']);
+		}
+
+		// Can we find a user with those credentials?
+		$user = $this->user_model->as_array()
+								 ->where($credentials)
+								 ->first();
+
+		// If the user is throttled due to too many invalid logins
+		// or the system is under attack, kick them back.
+
+		// If throttling time is above zero, we can't allow
+		// logins now.
+		$time = (int)$this->isThrottled($user);
+		if ($time > 0)
+		{
+			$this->error = sprintf(lang('auth.throttled'), $time);
+			return false;
+		}
+
+		// Get ip address
+		$ip_address = $this->ci->input->ip_address();
+
+		if (! $user)
+		{
+			$this->error = lang('auth.invalid_user');
+			$this->ci->login_model->recordLoginAttempt($ip_address);
+			return false;
+		}
+
+		// Now, try matching the passwords.
+		$result =  password_verify($password, $user['password_hash']);
+
+		if (! $result)
+		{
+			$this->error = lang('auth.invalid_password');
+			$this->ci->login_model->recordLoginAttempt($ip_address, $user['id']);
+			return false;
+		}
+
+		// Check to see if the password needs to be rehashed.
+		// This would be due to the hash algorithm or hash
+		// cost changing since the last time that a user
+		// logged in.
+		if (password_needs_rehash($user['password_hash'], PASSWORD_DEFAULT, ['cost' => config_item('auth.hash_cost')] ))
+		{
+			$new_hash = Password::hashPassword($password);
+			$this->user_model->skip_validation()
+							 ->update($user['id'], ['password_hash' => $new_hash]);
+			unset($new_hash);
+		}
+
+		// Is the user active?
+		if (! $user['active'])
+		{
+			$this->error = lang('auth.inactive_account');
+			return false;
+		}
+
+		return $return_user ? $user : true;
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Logs a user out and removes all session information.
+	 *
+	 * @return mixed
+	 */
+	public function logout()
+	{
+		$this->ci->load->helper('cookie');
+
+		if (! Events::trigger('beforeLogout', [$this->user]))
+		{
+			return false;
+		}
+
+		// Destroy the session data - but ensure a session is still
+		// available for flash messages, etc.
+		if (isset($_SESSION))
+		{
+			foreach ( $_SESSION as $key => $value )
+			{
+				$_SESSION[ $key ] = NULL;
+				unset( $_SESSION[ $key ] );
+			}
+		}
+		// Also, regenerate the session ID for a touch of added safety.
+		$this->ci->session->sess_regenerate(true);
+
+		// Take care of any rememberme functionality.
+		if (config_item('auth.allow_remembering'))
+		{
+			$token = get_cookie('remember');
+
+			$this->invalidateRememberCookie($this->user['email'], $token);
+		}
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Checks whether a user is logged in or not.
+	 *
+	 * @return bool
+	 */
+	public function isLoggedIn()
+	{
+		$id = $this->ci->session->userdata('logged_in');
+
+		if (! $id)
+		{
+			return false;
+		}
+
+		// If the user var hasn't been filled in, we need to fill it in,
+		// since this method will typically be used as the only method
+		// to determine whether a user is logged in or not.
+		if (! $this->user)
+		{
+			$this->user = $this->user_model->as_array()
+										   ->find_by('id', (int)$id);
+
+			if (empty($this->user))
+			{
+				return false;
+			}
+		}
+
+		// If logged in, ensure cache control
+		// headers are in place
+		$this->setHeaders();
+
+		return true;
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Attempts to log a user in based on the "remember me" cookie.
+	 *
+	 * @return bool
+	 */
+	public function viaRemember()
+	{
+		if (! config_item('auth.allow_remembering'))
+		{
+			return false;
+		}
+
+		$this->ci->load->helper('cookie');
+
+		if (! $token = get_cookie('remember'))
+		{
+			return false;
+		}
+
+		// Attempt to match the token against our auth_tokens table.
+		$query = $this->ci->db->where('hash', $this->ci->login_model->hashRememberToken($token))
+							  ->get('auth_tokens');
+
+		if (! $query->num_rows())
+		{
+			return false;
+		}
+
+		// Grab the user
+		$email = $query->row()->email;
+
+		$user = $this->user_model->as_array()
+								 ->find_by('email', $email);
+
+		$this->loginUser($user);
+
+		// We only want our remember me tokens to be valid
+		// for a single use.
+		$this->refreshRememberCookie($user, $token);
+
+		return true;
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Registers a new user and handles activation method.
+	 *
+	 * @param $user_data
+	 * @return bool
+	 */
+	public function registerUser($user_data)
+	{
+		// Anything special needed for Activation?
+		$method = config_item('auth.activation_method');
+
+		$user_data['active'] = $method == 'auto' ? 1 : 0;
+
+		// If via email, we need to generate a hash
+		$this->ci->load->helper('string');
+		$token = random_string('alnum', 24);
+		$user_data['activate_hash'] = hash('sha1', config_item('auth.salt') . $token);
+
+		// Email should NOT be case sensitive.
+		if (! empty($user_data['email']))
+		{
+			$user_data['email'] = strtolower($user_data['email']);
+		}
+
+		// Save the user
+		if (! $id = $this->user_model->insert($user_data))
+		{
+			$this->error = $this->user_model->error();
+			return false;
+		}
+
+		$data = [
+			'user_id' => $id,
+			'email'   => $user_data['email'],
+			'token'   => $token,
+			'method'  => $method
+		];
+
+		Events::trigger('didRegisterUser', [$data]);
+
+		return true;
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Used to verify the user values and activate a user so they can
+	 * visit the site.
+	 *
+	 * @param $data
+	 * @return bool
+	 */
+	public function activateUser($data)
+	{
+		$post = [
+			'email'         => $data['email'],
+			'activate_hash' => hash('sha1', config_item('auth.salt') . $data['code'])
+		];
+
+		$user = $this->user_model->where($post)
+								 ->first();
+
+		if (! $user) {
+			$this->error = $this->user_model->error() ? $this->user_model->error() : lang('auth.activate_no_user');
+
+			return false;
+		}
+
+		if (! $this->user_model->update($user->id, ['active' => 1, 'activate_hash' => null]))
+		{
+			$this->error = $this->user_model->error();
+			return false;
+		}
+
+		Events::trigger('didActivate', [(array)$user]);
+
+		return true;
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Used to allow manual activation of a user with a known ID.
+	 *
+	 * @param $id
+	 * @return bool
+	 */
+	public function activateUserById($id)
+	{
+		if (! $this->user_model->update($id, ['active' => 1, 'activate_hash' => null]))
+		{
+			$this->error = $this->user_model->error();
+			return false;
+		}
+
+		Events::trigger('didActivate', [$this->user_model->as_array()->find($id)]);
+
+		return true;
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Grabs the current user object. Returns NULL if nothing found.
+	 *
+	 * @return array|null
+	 */
+	public function user()
+	{
+		return $this->user;
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * A convenience method to grab the current user's ID.
+	 *
+	 * @return int|null
+	 */
+	public function id()
+	{
+		if (! is_array($this->user) || empty($this->user['id']))
+		{
+			return null;
+		}
+
+		return (int)$this->user['id'];
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Checks to see if the user is currently being throttled.
+	 *
+	 *  - If they are NOT, will return FALSE.
+	 *  - If they ARE, will return the number of seconds until they can try again.
+	 *
+	 * @param $user
+	 * @return mixed
+	 */
+	public function isThrottled($user)
+	{
+		// Not throttling? Get outta here!
+		if (! config_item('auth.allow_throttling'))
+		{
+			return false;
+		}
+
+		// Get user_id
+		$user_id = $user ? $user['id'] : null;
         
-        // Get ip address
-        $ip_address = $this->ci->input->ip_address();
-
-        // Have any attempts been made?
-        $attempts = $this->ci->login_model->countLoginAttempts($ip_address, $user_id);
-
-        // Grab the amount of time to add if the system thinks we're
-        // under a distributed brute force attack.
-        // Affect users that have at least 1 failure login attempt
-        $dbrute_time = ($attempts === 0) ? 0 : $this->ci->login_model->distributedBruteForceTime();
-
-        // If this user was found to possibly be under a brute
-        // force attack, their account would have been banned
-        // for 15 minutes.
-        if ($time = isset($_SESSION['bruteBan']) ? $_SESSION['bruteBan'] : false)
-        {
-            // If the current time is less than the
-            // the ban expiration, plus any distributed time
-            // then the user can't login just yet.
-            if ($time + $dbrute_time > time())
-            {
-                // The user is banned still...
-                $this->error = lang('auth.bruteBan_notice');
-                return ($time + $dbrute_time) - time();
-            }
-
-            // Still here? The the ban time is over...
-            unset($_SESSION['bruteBan']);
-        }
-
-        // Grab the time of last attempt and
-        // determine if we're throttled by amount of time passed.
-        $last_time = $this->ci->login_model->lastLoginAttemptTime($ip_address, $user_id);
-
-        $allowed = config_item('auth.allowed_login_attempts');
-
-        // We're not throttling if there are 0 attempts or
-        // the number is less than or equal to the allowed free attempts
-        if ($attempts === 0 || $attempts < $allowed)
-        {
-            // Before we can say there's nothing up here,
-            // we need to check dbrute time.
-            $time_left = $last_time + $dbrute_time - time();
-
-            if ($time_left > 0)
-            {
-                return $time_left;
-            }
-
-            return false;
-        }
-
-        // If the number of attempts is excessive (above 100) we need
-        // to check the elapsed time of all of these attacks. If they are
-        // less than 1 minute it's obvious this is a brute force attack,
-        // so we'll set a session flag and block that user for 15 minutes.
-        if ($attempts > 100 && $this->ci->login_model->isBruteForced($ip_address, $user_id))
-        {
-            $this->error = lang('auth.bruteBan_notice');
-
-            $ban_time = 60 * 15;    // 15 minutes
-            $_SESSION['bruteBan'] = time() + $ban_time;
-            return $ban_time;
-        }
-
-        // Get our allowed attempts out of the picture.
-        $attempts = $attempts - $allowed;
-
-        $max_time = config_item('auth.max_throttle_time');
-
-        $add_time = 5 * pow(2, $attempts);
-
-        if ($add_time > $max_time)
-        {
-            $add_time = $max_time;
-        }
-
-        $next_time = $last_time + $add_time + $dbrute_time;
-
-        $current = time();
-
-        // We are NOT throttled if we are already
-        // past the allowed time.
-        if ($current > $next_time)
-        {
-            return false;
-        }
-
-        return $next_time - $current;
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Sends a password reset link email to the user associated with
-     * the passed in $email.
-     *
-     * @param $email
-     * @return mixed
-     */
-    public function remindUser($email)
-    {
-        // Emails should NOT be case sensitive.
-        $email = strtolower($email);
-
-        // Is it a valid user?
-        $user = $this->user_model->find_by('email', $email);
-
-        if (! $user)
-        {
-            $this->error = lang('auth.invalid_email');
-            return false;
-        }
-
-        // Generate/store our codes
-        $this->ci->load->helper('string');
-        $token = random_string('alnum', 24);
-        $hash = hash('sha1', config_item('auth.salt') .$token);
-
-        $result = $this->user_model->update($user->id, ['reset_hash' => $hash]);
-
-        if (! $result)
-        {
-            $this->error = $this->user_model->error();
-            return false;
-        }
-
-        Events::trigger('didRemindUser', [(array)$user, $token]);
-
-        return true;
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Validates the credentials provided and, if valid, resets the password.
-     *
-     * The $credentials array MUST contain a 'code' key with the string to
-     * hash and check against the reset_hash.
-     *
-     * @param $credentials
-     * @param $password
-     * @param $passConfirm
-     * @return mixed
-     */
-    public function resetPassword($credentials, $password, $passConfirm)
-    {
-        if (empty($credentials['code']))
-        {
-            $this->error = lang('auth.need_reset_code');
-            return false;
-        }
-
-        // Generate a hash to match against the table.
-        $reset_hash = hash('sha1', config_item('auth.salt') .$credentials['code']);
-        unset($credentials['code']);
-
-        if (! empty($credentials['email']))
-        {
-            $credentials['email'] = strtolower($credentials['email']);
-        }
-
-        // Is there a matching user?
-        $user = $this->user_model->as_array()
-                                 ->where($credentials)
-                                 ->first();
-
-        // If throttling time is above zero, we can't allow
-        // logins now.
-        $time = (int)$this->isThrottled($user);
-        if ($time > 0)
-        {
-            $this->error = sprintf(lang('auth.throttled'), $time);
-            return false;
-        }
-
-        // Get ip address
-        $ip_address = $this->ci->input->ip_address();
-
-        if (! $user)
-        {
-            $this->error = lang('auth.reset_no_user');
-            $this->ci->login_model->recordLoginAttempt($ip_address);
-            return false;
-        }
-
-        // Is generated reset_hash string matches one from the table?
-        if ($reset_hash !== $user['reset_hash'])
-        {
-            $this->error = lang('auth.reset_no_user');
-            $this->ci->login_model->recordLoginAttempt($ip_address, $user['id']);
-            return false;
-        }
-
-        // Update their password and reset their reset_hash
-        $data = [
-            'password'     => $password,
-            'pass_confirm' => $passConfirm,
-            'reset_hash'   => null
-        ];
-
-        if (! $this->user_model->update($user['id'], $data))
-        {
-            $this->error = $this->user_model->error();
-            return false;
-        }
-
-        // Clear our login attempts
-        $this->ci->login_model->purgeLoginAttempts($ip_address, $user['id']);
-
-        Events::trigger('didResetPassword', [$user]);
-
-        return true;
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Provides a way for implementations to allow new statuses to be set
-     * on the user. The details will vary based upon implementation, but
-     * will often allow for banning or suspending users.
-     *
-     * @param $newStatus
-     * @param null $message
-     * @return mixed
-     */
-    public function changeStatus($newStatus, $message=null)
-    {
-        // todo actually record new users status!
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Allows the consuming application to pass in a reference to the
-     * model that should be used.
-     *
-     * The model MUST extend Myth\Models\CIDbModel.
-     *
-     * @param $model
-     * @param bool $allow_any_parent
-     * @return mixed
-     */
-    public function useModel($model, $allow_any_parent=false)
-    {
-        if (! $allow_any_parent && get_parent_class($model) != 'Myth\Models\CIDbModel')
-        {
-            throw new \RuntimeException('Models passed into LocalAuthenticate MUST extend Myth\Models\CIDbModel');
-        }
-
-        $this->user_model =& $model;
-
-        return $this;
-    }
-
-    //--------------------------------------------------------------------
-
-    public function error()
-    {
-        if (validation_errors())
-        {
-            return validation_errors();
-        }
-
-        return $this->error;
-    }
-
-    //--------------------------------------------------------------------
-
-    //--------------------------------------------------------------------
-    // Login Records
-    //--------------------------------------------------------------------
-
-    /**
-     * Purges all login attempt records from the database.
-     *
-     * @param null $ip_address
-     * @param null $user_id
-     */
-    public function purgeLoginAttempts($ip_address = null, $user_id = null)
-    {
-        $this->ci->login_model->purgeLoginAttempts($ip_address, $user_id);
-
-        // @todo record activity of login attempts purge.
-        Events::trigger('didPurgeLoginAttempts', [$email]);
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Purges all remember tokens for a single user. Effectively logs
-     * a user out of all devices. Intended to allow users to log themselves
-     * out of all devices as a security measure.
-     *
-     * @param $email
-     */
-    public function purgeRememberTokens($email)
-    {
-        // Emails should NOT be case sensitive.
-        $email = strtolower($email);
-
-        $this->ci->login_model->purgeRememberTokens($email);
-
-        // todo record activity of remember me purges.
-        Events::trigger('didPurgeRememberTokens', [$email]);
-    }
-
-    //--------------------------------------------------------------------
-
-    //--------------------------------------------------------------------
-    // Protected Methods
-    //--------------------------------------------------------------------
-
-    /**
-     * Check if Allow Persistent Login Cookies is enable
-     *
-     * @param $user
-     */
-    protected function rememberUser($user)
-    {
-        if (! config_item('auth.allow_remembering'))
-        {
-            log_message('debug', 'Auth library set to refuse "Remember Me" functionality.');
-            return false;
-        }
-
-        $this->refreshRememberCookie($user);
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Invalidates the current rememberme cookie/database entry, creates
-     * a new one, stores it and returns the new value.
-     *
-     * @param $user
-     * @param null $token
-     * @return mixed
-     */
-    protected function refreshRememberCookie($user, $token=null)
-    {
-        $this->ci->load->helper('cookie');
-
-        // If a token is passed in, we know we're removing the
-        // old one.
-        if (! empty($token))
-        {
-            $this->invalidateRememberCookie($user['email'], $token);
-        }
-
-        $new_token = $this->ci->login_model->generateRememberToken($user);
-
-        // Save the token to the database.
-        $data = [
-            'email'   => $user['email'],
-            'hash'    => sha1(config_item('auth.salt') . $new_token),
-            'created' => date('Y-m-d H:i:s')
-        ];
-
-        $this->ci->db->insert('auth_tokens', $data);
-
-        // Create the cookie
-        set_cookie(
-            'remember',                             // Cookie Name
-            $new_token,                             // Value
-            config_item('auth.remember_length'),    // # Seconds until it expires
-            config_item('cookie_domain'),
-            config_item('cookie_path'),
-            config_item('cookie_prefix'),
-            false,                                  // Only send over HTTPS?
-            true                                    // Hide from Javascript?
-        );
-
-        return $new_token;
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Deletes any current remember me cookies and database entries.
-     *
-     * @param $email
-     * @param $token
-     * @return string The new token (not the hash).
-     */
-    protected function invalidateRememberCookie($email, $token)
-    {
-        // Emails should NOT be case sensitive.
-        $email = strtolower($email);
-
-        // Remove from the database
-        $this->ci->login_model->deleteRememberToken($email, $token);
-
-        // Remove the cookie
-        delete_cookie(
-            'remember',
-            config_item('cookie_domain'),
-            config_item('cookie_path'),
-            config_item('cookie_prefix')
-        );
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Handles the nitty gritty of actually logging our user into the system.
-     * Does NOT perform the authentication, just sets the system up so that
-     * it knows we're here.
-     *
-     * @param $user
-     */
-    protected function loginUser($user)
-    {
-        // Save the user for later access
-        $this->user = $user;
-
-        // Get ip address
-        $ip_address = $this->ci->input->ip_address();
-
-        // Regenerate the session ID to help protect
-        // against session fixation
-        $this->ci->session->sess_regenerate();
-
-        // Let the session know that we're logged in.
-        $this->ci->session->set_userdata('logged_in', $user['id']);
-
-        // Clear our login attempts
-        $this->ci->login_model->purgeLoginAttempts($ip_address, $user['id']);
-
-        // Record a new Login
-        $this->ci->login_model->recordLogin($user);
-
-        // If logged in, ensure cache control
-        // headers are in place
-        $this->setHeaders();
-
-        // We'll give a 20% chance to need to do a purge since we
-        // don't need to purge THAT often, it's just a maintenance issue.
-        // to keep the table from getting out of control.
-        if (mt_rand(1, 100) < 20)
-        {
-            $this->ci->login_model->purgeOldRememberTokens();
-        }
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Sets the headers to ensure that pages are not cached when a user
-     * is logged in, helping to protect against logging out and then
-     * simply hitting the Back button on the browser and getting private
-     * information because the page was loaded from cache.
-     */
-    protected function setHeaders()
-    {
-        $this->ci->output->set_header('Cache-Control: no-store, no-cache, must-revalidate');
-        $this->ci->output->set_header('Cache-Control: post-check=0, pre-check=0');
-        $this->ci->output->set_header('Pragma: no-cache');
-    }
-
-    //--------------------------------------------------------------------
+		// Get ip address
+		$ip_address = $this->ci->input->ip_address();
+
+		// Have any attempts been made?
+		$attempts = $this->ci->login_model->countLoginAttempts($ip_address, $user_id);
+
+		// Grab the amount of time to add if the system thinks we're
+		// under a distributed brute force attack.
+		// Affect users that have at least 1 failure login attempt
+		$dbrute_time = ($attempts === 0) ? 0 : $this->ci->login_model->distributedBruteForceTime();
+
+		// If this user was found to possibly be under a brute
+		// force attack, their account would have been banned
+		// for 15 minutes.
+		if ($time = isset($_SESSION['bruteBan']) ? $_SESSION['bruteBan'] : false)
+		{
+			// If the current time is less than the
+			// the ban expiration, plus any distributed time
+			// then the user can't login just yet.
+			if ($time + $dbrute_time > time())
+			{
+				// The user is banned still...
+				$this->error = lang('auth.bruteBan_notice');
+				return ($time + $dbrute_time) - time();
+			}
+
+			// Still here? The the ban time is over...
+			unset($_SESSION['bruteBan']);
+		}
+
+		// Grab the time of last attempt and
+		// determine if we're throttled by amount of time passed.
+		$last_time = $this->ci->login_model->lastLoginAttemptTime($ip_address, $user_id);
+
+		$allowed = config_item('auth.allowed_login_attempts');
+
+		// We're not throttling if there are 0 attempts or
+		// the number is less than or equal to the allowed free attempts
+		if ($attempts === 0 || $attempts < $allowed)
+		{
+			// Before we can say there's nothing up here,
+			// we need to check dbrute time.
+			$time_left = $last_time + $dbrute_time - time();
+
+			if ($time_left > 0)
+			{
+				return $time_left;
+			}
+
+			return false;
+		}
+
+		// If the number of attempts is excessive (above 100) we need
+		// to check the elapsed time of all of these attacks. If they are
+		// less than 1 minute it's obvious this is a brute force attack,
+		// so we'll set a session flag and block that user for 15 minutes.
+		if ($attempts > 100 && $this->ci->login_model->isBruteForced($ip_address, $user_id))
+		{
+			$this->error = lang('auth.bruteBan_notice');
+
+			$ban_time = 60 * 15;    // 15 minutes
+			$_SESSION['bruteBan'] = time() + $ban_time;
+			return $ban_time;
+		}
+
+		// Get our allowed attempts out of the picture.
+		$attempts = $attempts - $allowed;
+
+		$max_time = config_item('auth.max_throttle_time');
+
+		$add_time = 5 * pow(2, $attempts);
+
+		if ($add_time > $max_time)
+		{
+			$add_time = $max_time;
+		}
+
+		$next_time = $last_time + $add_time + $dbrute_time;
+
+		$current = time();
+
+		// We are NOT throttled if we are already
+		// past the allowed time.
+		if ($current > $next_time)
+		{
+			return false;
+		}
+
+		return $next_time - $current;
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Sends a password reset link email to the user associated with
+	 * the passed in $email.
+	 *
+	 * @param $email
+	 * @return mixed
+	 */
+	public function remindUser($email)
+	{
+		// Emails should NOT be case sensitive.
+		$email = strtolower($email);
+
+		// Is it a valid user?
+		$user = $this->user_model->find_by('email', $email);
+
+		if (! $user)
+		{
+			$this->error = lang('auth.invalid_email');
+			return false;
+		}
+
+		// Generate/store our codes
+		$this->ci->load->helper('string');
+		$token = random_string('alnum', 24);
+		$hash = hash('sha1', config_item('auth.salt') .$token);
+
+		$result = $this->user_model->update($user->id, ['reset_hash' => $hash]);
+
+		if (! $result)
+		{
+			$this->error = $this->user_model->error();
+			return false;
+		}
+
+		Events::trigger('didRemindUser', [(array)$user, $token]);
+
+		return true;
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Validates the credentials provided and, if valid, resets the password.
+	 *
+	 * The $credentials array MUST contain a 'code' key with the string to
+	 * hash and check against the reset_hash.
+	 *
+	 * @param $credentials
+	 * @param $password
+	 * @param $passConfirm
+	 * @return mixed
+	 */
+	public function resetPassword($credentials, $password, $passConfirm)
+	{
+		if (empty($credentials['code']))
+		{
+			$this->error = lang('auth.need_reset_code');
+			return false;
+		}
+
+		// Generate a hash to match against the table.
+		$reset_hash = hash('sha1', config_item('auth.salt') .$credentials['code']);
+		unset($credentials['code']);
+
+		if (! empty($credentials['email']))
+		{
+			$credentials['email'] = strtolower($credentials['email']);
+		}
+
+		// Is there a matching user?
+		$user = $this->user_model->as_array()
+								 ->where($credentials)
+								 ->first();
+
+		// If throttling time is above zero, we can't allow
+		// logins now.
+		$time = (int)$this->isThrottled($user);
+		if ($time > 0)
+		{
+			$this->error = sprintf(lang('auth.throttled'), $time);
+			return false;
+		}
+
+		// Get ip address
+		$ip_address = $this->ci->input->ip_address();
+
+		if (! $user)
+		{
+			$this->error = lang('auth.reset_no_user');
+			$this->ci->login_model->recordLoginAttempt($ip_address);
+			return false;
+		}
+
+		// Is generated reset_hash string matches one from the table?
+		if ($reset_hash !== $user['reset_hash'])
+		{
+			$this->error = lang('auth.reset_no_user');
+			$this->ci->login_model->recordLoginAttempt($ip_address, $user['id']);
+			return false;
+		}
+
+		// Update their password and reset their reset_hash
+		$data = [
+			'password'     => $password,
+			'pass_confirm' => $passConfirm,
+			'reset_hash'   => null
+		];
+
+		if (! $this->user_model->update($user['id'], $data))
+		{
+			$this->error = $this->user_model->error();
+			return false;
+		}
+
+		// Clear our login attempts
+		$this->ci->login_model->purgeLoginAttempts($ip_address, $user['id']);
+
+		Events::trigger('didResetPassword', [$user]);
+
+		return true;
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Provides a way for implementations to allow new statuses to be set
+	 * on the user. The details will vary based upon implementation, but
+	 * will often allow for banning or suspending users.
+	 *
+	 * @param $newStatus
+	 * @param null $message
+	 * @return mixed
+	 */
+	public function changeStatus($newStatus, $message=null)
+	{
+		// todo actually record new users status!
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Allows the consuming application to pass in a reference to the
+	 * model that should be used.
+	 *
+	 * The model MUST extend Myth\Models\CIDbModel.
+	 *
+	 * @param $model
+	 * @param bool $allow_any_parent
+	 * @return mixed
+	 */
+	public function useModel($model, $allow_any_parent=false)
+	{
+		if (! $allow_any_parent && get_parent_class($model) != 'Myth\Models\CIDbModel')
+		{
+			throw new \RuntimeException('Models passed into LocalAuthenticate MUST extend Myth\Models\CIDbModel');
+		}
+
+		$this->user_model =& $model;
+
+		return $this;
+	}
+
+	//--------------------------------------------------------------------
+
+	public function error()
+	{
+		if (validation_errors())
+		{
+			return validation_errors();
+		}
+
+		return $this->error;
+	}
+
+	//--------------------------------------------------------------------
+
+	//--------------------------------------------------------------------
+	// Login Records
+	//--------------------------------------------------------------------
+
+	/**
+	 * Purges all login attempt records from the database.
+	 *
+	 * @param null $ip_address
+	 * @param null $user_id
+	 */
+	public function purgeLoginAttempts($ip_address = null, $user_id = null)
+	{
+		$this->ci->login_model->purgeLoginAttempts($ip_address, $user_id);
+
+		// @todo record activity of login attempts purge.
+		Events::trigger('didPurgeLoginAttempts', [$email]);
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Purges all remember tokens for a single user. Effectively logs
+	 * a user out of all devices. Intended to allow users to log themselves
+	 * out of all devices as a security measure.
+	 *
+	 * @param $email
+	 */
+	public function purgeRememberTokens($email)
+	{
+		// Emails should NOT be case sensitive.
+		$email = strtolower($email);
+
+		$this->ci->login_model->purgeRememberTokens($email);
+
+		// todo record activity of remember me purges.
+		Events::trigger('didPurgeRememberTokens', [$email]);
+	}
+
+	//--------------------------------------------------------------------
+
+	//--------------------------------------------------------------------
+	// Protected Methods
+	//--------------------------------------------------------------------
+
+	/**
+	 * Check if Allow Persistent Login Cookies is enable
+	 *
+	 * @param $user
+	 */
+	protected function rememberUser($user)
+	{
+		if (! config_item('auth.allow_remembering'))
+		{
+			log_message('debug', 'Auth library set to refuse "Remember Me" functionality.');
+			return false;
+		}
+
+		$this->refreshRememberCookie($user);
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Invalidates the current rememberme cookie/database entry, creates
+	 * a new one, stores it and returns the new value.
+	 *
+	 * @param $user
+	 * @param null $token
+	 * @return mixed
+	 */
+	protected function refreshRememberCookie($user, $token=null)
+	{
+		$this->ci->load->helper('cookie');
+
+		// If a token is passed in, we know we're removing the
+		// old one.
+		if (! empty($token))
+		{
+			$this->invalidateRememberCookie($user['email'], $token);
+		}
+
+		$new_token = $this->ci->login_model->generateRememberToken($user);
+
+		// Save the token to the database.
+		$data = [
+			'email'   => $user['email'],
+			'hash'    => sha1(config_item('auth.salt') . $new_token),
+			'created' => date('Y-m-d H:i:s')
+		];
+
+		$this->ci->db->insert('auth_tokens', $data);
+
+		// Create the cookie
+		set_cookie(
+			'remember',                             // Cookie Name
+			$new_token,                             // Value
+			config_item('auth.remember_length'),    // # Seconds until it expires
+			config_item('cookie_domain'),
+			config_item('cookie_path'),
+			config_item('cookie_prefix'),
+			false,                                  // Only send over HTTPS?
+			true                                    // Hide from Javascript?
+		);
+
+		return $new_token;
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Deletes any current remember me cookies and database entries.
+	 *
+	 * @param $email
+	 * @param $token
+	 * @return string The new token (not the hash).
+	 */
+	protected function invalidateRememberCookie($email, $token)
+	{
+		// Emails should NOT be case sensitive.
+		$email = strtolower($email);
+
+		// Remove from the database
+		$this->ci->login_model->deleteRememberToken($email, $token);
+
+		// Remove the cookie
+		delete_cookie(
+			'remember',
+			config_item('cookie_domain'),
+			config_item('cookie_path'),
+			config_item('cookie_prefix')
+		);
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Handles the nitty gritty of actually logging our user into the system.
+	 * Does NOT perform the authentication, just sets the system up so that
+	 * it knows we're here.
+	 *
+	 * @param $user
+	 */
+	protected function loginUser($user)
+	{
+		// Save the user for later access
+		$this->user = $user;
+
+		// Get ip address
+		$ip_address = $this->ci->input->ip_address();
+
+		// Regenerate the session ID to help protect
+		// against session fixation
+		$this->ci->session->sess_regenerate();
+
+		// Let the session know that we're logged in.
+		$this->ci->session->set_userdata('logged_in', $user['id']);
+
+		// Clear our login attempts
+		$this->ci->login_model->purgeLoginAttempts($ip_address, $user['id']);
+
+		// Record a new Login
+		$this->ci->login_model->recordLogin($user);
+
+		// If logged in, ensure cache control
+		// headers are in place
+		$this->setHeaders();
+
+		// We'll give a 20% chance to need to do a purge since we
+		// don't need to purge THAT often, it's just a maintenance issue.
+		// to keep the table from getting out of control.
+		if (mt_rand(1, 100) < 20)
+		{
+			$this->ci->login_model->purgeOldRememberTokens();
+		}
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Sets the headers to ensure that pages are not cached when a user
+	 * is logged in, helping to protect against logging out and then
+	 * simply hitting the Back button on the browser and getting private
+	 * information because the page was loaded from cache.
+	 */
+	protected function setHeaders()
+	{
+		$this->ci->output->set_header('Cache-Control: no-store, no-cache, must-revalidate');
+		$this->ci->output->set_header('Cache-Control: post-check=0, pre-check=0');
+		$this->ci->output->set_header('Pragma: no-cache');
+	}
+
+	//--------------------------------------------------------------------
 
 
 }

Spacing +59 added lines, -59 removed lines

@@ -62,21 +62,21 @@ 
 
     //--------------------------------------------------------------------
 
-    public function __construct( $ci=null )
+    public function __construct($ci = null)
     {
         if ($ci)
         {
-            $this->ci= $ci;
+            $this->ci = $ci;
         }
         else
         {
-            $this->ci =& get_instance();
+            $this->ci = & get_instance();
         }
 
         // Get our compatibility password file loaded up.
-        if (! function_exists('password_hash'))
+        if ( ! function_exists('password_hash'))
         {
-            require_once dirname(__FILE__) .'password.php';
+            require_once dirname(__FILE__).'password.php';
         }
 
         if (empty($this->ci->session))
@@ -101,11 +101,11 @@ 
      * @param bool  $remember
      * @return bool|mixed
      */
-    public function login($credentials, $remember=false)
+    public function login($credentials, $remember = false)
     {
         $user = $this->validate($credentials, true);
 
-        if (! $user)
+        if ( ! $user)
         {
             $this->user = null;
             return $user;
@@ -135,7 +135,7 @@ 
      * @param bool $return_user
      * @return mixed
      */
-    public function validate($credentials, $return_user=false)
+    public function validate($credentials, $return_user = false)
     {
         // Can't validate without a password.
         if (empty($credentials['password']) || count($credentials) < 2)
@@ -155,7 +155,7 @@ 
         }
 
         // Ensure that the fields are allowed validation fields
-        if (! in_array(key($credentials), config_item('auth.valid_fields')) )
+        if ( ! in_array(key($credentials), config_item('auth.valid_fields')))
         {
             $this->error = lang('auth.invalid_credentials');
             return false;
@@ -163,7 +163,7 @@ 
 
         // We do not want to force case-sensitivity on things
         // like username and email for usability sake.
-        if (! empty($credentials['email']))
+        if ( ! empty($credentials['email']))
         {
             $credentials['email'] = strtolower($credentials['email']);
         }
@@ -178,7 +178,7 @@ 
 
         // If throttling time is above zero, we can't allow
         // logins now.
-        $time = (int)$this->isThrottled($user);
+        $time = (int) $this->isThrottled($user);
         if ($time > 0)
         {
             $this->error = sprintf(lang('auth.throttled'), $time);
@@ -188,7 +188,7 @@ 
         // Get ip address
         $ip_address = $this->ci->input->ip_address();
 
-        if (! $user)
+        if ( ! $user)
         {
             $this->error = lang('auth.invalid_user');
             $this->ci->login_model->recordLoginAttempt($ip_address);
@@ -196,9 +196,9 @@ 
         }
 
         // Now, try matching the passwords.
-        $result =  password_verify($password, $user['password_hash']);
+        $result = password_verify($password, $user['password_hash']);
 
-        if (! $result)
+        if ( ! $result)
         {
             $this->error = lang('auth.invalid_password');
             $this->ci->login_model->recordLoginAttempt($ip_address, $user['id']);
@@ -209,7 +209,7 @@ 
         // This would be due to the hash algorithm or hash
         // cost changing since the last time that a user
         // logged in.
-        if (password_needs_rehash($user['password_hash'], PASSWORD_DEFAULT, ['cost' => config_item('auth.hash_cost')] ))
+        if (password_needs_rehash($user['password_hash'], PASSWORD_DEFAULT, ['cost' => config_item('auth.hash_cost')]))
         {
             $new_hash = Password::hashPassword($password);
             $this->user_model->skip_validation()
@@ -218,7 +218,7 @@ 
         }
 
         // Is the user active?
-        if (! $user['active'])
+        if ( ! $user['active'])
         {
             $this->error = lang('auth.inactive_account');
             return false;
@@ -238,7 +238,7 @@ 
     {
         $this->ci->load->helper('cookie');
 
-        if (! Events::trigger('beforeLogout', [$this->user]))
+        if ( ! Events::trigger('beforeLogout', [$this->user]))
         {
             return false;
         }
@@ -247,10 +247,10 @@ 
         // available for flash messages, etc.
         if (isset($_SESSION))
         {
-            foreach ( $_SESSION as $key => $value )
+            foreach ($_SESSION as $key => $value)
             {
-                $_SESSION[ $key ] = NULL;
-                unset( $_SESSION[ $key ] );
+                $_SESSION[$key] = NULL;
+                unset($_SESSION[$key]);
             }
         }
         // Also, regenerate the session ID for a touch of added safety.
@@ -276,7 +276,7 @@ 
     {
         $id = $this->ci->session->userdata('logged_in');
 
-        if (! $id)
+        if ( ! $id)
         {
             return false;
         }
@@ -284,10 +284,10 @@ 
         // If the user var hasn't been filled in, we need to fill it in,
         // since this method will typically be used as the only method
         // to determine whether a user is logged in or not.
-        if (! $this->user)
+        if ( ! $this->user)
         {
             $this->user = $this->user_model->as_array()
-                                           ->find_by('id', (int)$id);
+                                           ->find_by('id', (int) $id);
 
             if (empty($this->user))
             {
@@ -311,14 +311,14 @@ 
      */
     public function viaRemember()
     {
-        if (! config_item('auth.allow_remembering'))
+        if ( ! config_item('auth.allow_remembering'))
         {
             return false;
         }
 
         $this->ci->load->helper('cookie');
 
-        if (! $token = get_cookie('remember'))
+        if ( ! $token = get_cookie('remember'))
         {
             return false;
         }
@@ -327,7 +327,7 @@ 
         $query = $this->ci->db->where('hash', $this->ci->login_model->hashRememberToken($token))
                               ->get('auth_tokens');
 
-        if (! $query->num_rows())
+        if ( ! $query->num_rows())
         {
             return false;
         }
@@ -365,16 +365,16 @@ 
         // If via email, we need to generate a hash
         $this->ci->load->helper('string');
         $token = random_string('alnum', 24);
-        $user_data['activate_hash'] = hash('sha1', config_item('auth.salt') . $token);
+        $user_data['activate_hash'] = hash('sha1', config_item('auth.salt').$token);
 
         // Email should NOT be case sensitive.
-        if (! empty($user_data['email']))
+        if ( ! empty($user_data['email']))
         {
             $user_data['email'] = strtolower($user_data['email']);
         }
 
         // Save the user
-        if (! $id = $this->user_model->insert($user_data))
+        if ( ! $id = $this->user_model->insert($user_data))
         {
             $this->error = $this->user_model->error();
             return false;
@@ -405,25 +405,25 @@ 
     {
         $post = [
             'email'         => $data['email'],
-            'activate_hash' => hash('sha1', config_item('auth.salt') . $data['code'])
+            'activate_hash' => hash('sha1', config_item('auth.salt').$data['code'])
         ];
 
         $user = $this->user_model->where($post)
                                  ->first();
 
-        if (! $user) {
+        if ( ! $user) {
             $this->error = $this->user_model->error() ? $this->user_model->error() : lang('auth.activate_no_user');
 
             return false;
         }
 
-        if (! $this->user_model->update($user->id, ['active' => 1, 'activate_hash' => null]))
+        if ( ! $this->user_model->update($user->id, ['active' => 1, 'activate_hash' => null]))
         {
             $this->error = $this->user_model->error();
             return false;
         }
 
-        Events::trigger('didActivate', [(array)$user]);
+        Events::trigger('didActivate', [(array) $user]);
 
         return true;
     }
@@ -438,7 +438,7 @@ 
      */
     public function activateUserById($id)
     {
-        if (! $this->user_model->update($id, ['active' => 1, 'activate_hash' => null]))
+        if ( ! $this->user_model->update($id, ['active' => 1, 'activate_hash' => null]))
         {
             $this->error = $this->user_model->error();
             return false;
@@ -470,12 +470,12 @@ 
      */
     public function id()
     {
-        if (! is_array($this->user) || empty($this->user['id']))
+        if ( ! is_array($this->user) || empty($this->user['id']))
         {
             return null;
         }
 
-        return (int)$this->user['id'];
+        return (int) $this->user['id'];
     }
 
     //--------------------------------------------------------------------
@@ -492,7 +492,7 @@ 
     public function isThrottled($user)
     {
         // Not throttling? Get outta here!
-        if (! config_item('auth.allow_throttling'))
+        if ( ! config_item('auth.allow_throttling'))
         {
             return false;
         }
@@ -560,7 +560,7 @@ 
         {
             $this->error = lang('auth.bruteBan_notice');
 
-            $ban_time = 60 * 15;    // 15 minutes
+            $ban_time = 60 * 15; // 15 minutes
             $_SESSION['bruteBan'] = time() + $ban_time;
             return $ban_time;
         }
@@ -608,7 +608,7 @@ 
         // Is it a valid user?
         $user = $this->user_model->find_by('email', $email);
 
-        if (! $user)
+        if ( ! $user)
         {
             $this->error = lang('auth.invalid_email');
             return false;
@@ -617,17 +617,17 @@ 
         // Generate/store our codes
         $this->ci->load->helper('string');
         $token = random_string('alnum', 24);
-        $hash = hash('sha1', config_item('auth.salt') .$token);
+        $hash = hash('sha1', config_item('auth.salt').$token);
 
         $result = $this->user_model->update($user->id, ['reset_hash' => $hash]);
 
-        if (! $result)
+        if ( ! $result)
         {
             $this->error = $this->user_model->error();
             return false;
         }
 
-        Events::trigger('didRemindUser', [(array)$user, $token]);
+        Events::trigger('didRemindUser', [(array) $user, $token]);
 
         return true;
     }
@@ -654,10 +654,10 @@ 
         }
 
         // Generate a hash to match against the table.
-        $reset_hash = hash('sha1', config_item('auth.salt') .$credentials['code']);
+        $reset_hash = hash('sha1', config_item('auth.salt').$credentials['code']);
         unset($credentials['code']);
 
-        if (! empty($credentials['email']))
+        if ( ! empty($credentials['email']))
         {
             $credentials['email'] = strtolower($credentials['email']);
         }
@@ -669,7 +669,7 @@ 
 
         // If throttling time is above zero, we can't allow
         // logins now.
-        $time = (int)$this->isThrottled($user);
+        $time = (int) $this->isThrottled($user);
         if ($time > 0)
         {
             $this->error = sprintf(lang('auth.throttled'), $time);
@@ -679,7 +679,7 @@ 
         // Get ip address
         $ip_address = $this->ci->input->ip_address();
 
-        if (! $user)
+        if ( ! $user)
         {
             $this->error = lang('auth.reset_no_user');
             $this->ci->login_model->recordLoginAttempt($ip_address);
@@ -701,7 +701,7 @@ 
             'reset_hash'   => null
         ];
 
-        if (! $this->user_model->update($user['id'], $data))
+        if ( ! $this->user_model->update($user['id'], $data))
         {
             $this->error = $this->user_model->error();
             return false;
@@ -726,7 +726,7 @@ 
      * @param null $message
      * @return mixed
      */
-    public function changeStatus($newStatus, $message=null)
+    public function changeStatus($newStatus, $message = null)
     {
         // todo actually record new users status!
     }
@@ -743,14 +743,14 @@ 
      * @param bool $allow_any_parent
      * @return mixed
      */
-    public function useModel($model, $allow_any_parent=false)
+    public function useModel($model, $allow_any_parent = false)
     {
-        if (! $allow_any_parent && get_parent_class($model) != 'Myth\Models\CIDbModel')
+        if ( ! $allow_any_parent && get_parent_class($model) != 'Myth\Models\CIDbModel')
         {
             throw new \RuntimeException('Models passed into LocalAuthenticate MUST extend Myth\Models\CIDbModel');
         }
 
-        $this->user_model =& $model;
+        $this->user_model = & $model;
 
         return $this;
     }
@@ -820,7 +820,7 @@ 
      */
     protected function rememberUser($user)
     {
-        if (! config_item('auth.allow_remembering'))
+        if ( ! config_item('auth.allow_remembering'))
         {
             log_message('debug', 'Auth library set to refuse "Remember Me" functionality.');
             return false;
@@ -839,13 +839,13 @@ 
      * @param null $token
      * @return mixed
      */
-    protected function refreshRememberCookie($user, $token=null)
+    protected function refreshRememberCookie($user, $token = null)
     {
         $this->ci->load->helper('cookie');
 
         // If a token is passed in, we know we're removing the
         // old one.
-        if (! empty($token))
+        if ( ! empty($token))
         {
             $this->invalidateRememberCookie($user['email'], $token);
         }
@@ -855,7 +855,7 @@ 
         // Save the token to the database.
         $data = [
             'email'   => $user['email'],
-            'hash'    => sha1(config_item('auth.salt') . $new_token),
+            'hash'    => sha1(config_item('auth.salt').$new_token),
             'created' => date('Y-m-d H:i:s')
         ];
 
@@ -863,13 +863,13 @@ 
 
         // Create the cookie
         set_cookie(
-            'remember',                             // Cookie Name
-            $new_token,                             // Value
-            config_item('auth.remember_length'),    // # Seconds until it expires
+            'remember', // Cookie Name
+            $new_token, // Value
+            config_item('auth.remember_length'), // # Seconds until it expires
             config_item('cookie_domain'),
             config_item('cookie_path'),
             config_item('cookie_prefix'),
-            false,                                  // Only send over HTTPS?
+            false, // Only send over HTTPS?
             true                                    // Hide from Javascript?
         );
 

application/config/auth.php

Spacing +1 added lines, -1 removed lines

@@ -29,7 +29,7 @@
  * @link        http://sprintphp.com
  * @since       Version 1.0
  */
-if (!defined('BASEPATH')) exit('No direct script access allowed');
+if ( ! defined('BASEPATH')) exit('No direct script access allowed');
 
 use \Myth\Events\Events as Events;
 use Myth\Mail\Mail as Mail;

Braces +3 added lines, -1 removed lines

@@ -29,7 +29,9 @@
  * @link        http://sprintphp.com
  * @since       Version 1.0
  */
-if (!defined('BASEPATH')) exit('No direct script access allowed');
+if (!defined('BASEPATH')) {
+	exit('No direct script access allowed');
+}
 
 //--------------------------------------------------------------------
 // Allowed Environments

Indentation +12 added lines, -12 removed lines

@@ -76,7 +76,7 @@ 
 // you might not want the extra risk associated with this cookie-based
 // solution.
 //
-    $config['auth.allow_remembering'] = true;
+	$config['auth.allow_remembering'] = true;
 
 //--------------------------------------------------------------------
 // Remember Me Salt
@@ -86,7 +86,7 @@ 
 // If you are using Remember Me functionality, you should consider
 // changing this value to be unique to your site.
 //
-    $config['auth.salt'] = 'ASimpleSalt';
+	$config['auth.salt'] = 'ASimpleSalt';
 
 //--------------------------------------------------------------------
 // Remember Length
@@ -106,7 +106,7 @@ 
 //      6 months - 14515200
 //      1 year   - 29030400
 //
-    $config['auth.remember_length'] = 1209600;
+	$config['auth.remember_length'] = 1209600;
 
 
 
@@ -123,7 +123,7 @@ 
 // Throttling exponentially increases the time between allowed login
 // attempts.
 //
-    $config['auth.allow_throttling'] = true;
+	$config['auth.allow_throttling'] = true;
 
 //--------------------------------------------------------------------
 // Max Throttling Time
@@ -134,7 +134,7 @@ 
 //
 // This is the number of SECONDS max.
 //
-    $config['auth.max_throttle_time'] = 50;
+	$config['auth.max_throttle_time'] = 50;
 
 //--------------------------------------------------------------------
 // Start Throttling After
@@ -142,7 +142,7 @@ 
 // Throttling will start after X number of attempts. Before this,
 // the user can make attempts like normal.
 //
-    $config['auth.allowed_login_attempts'] = 5;
+	$config['auth.allowed_login_attempts'] = 5;
 
 //--------------------------------------------------------------------
 // Distributed Brute Force Checks
@@ -150,7 +150,7 @@ 
 // The amount to multiply the average daily logins over the last 3 months
 // by to determine if we might be under a distributed brute force attempt.
 //
-    $config['auth.dbrute_multiplier'] = 3;
+	$config['auth.dbrute_multiplier'] = 3;
 
 //--------------------------------------------------------------------
 // Additional Suspension Time for Distributed Brute Force Attempts
@@ -158,7 +158,7 @@ 
 // This is the number of SECONDS that will be added to all login
 // attempts that are being throttled.
 //
-    $config['auth.distributed_brute_add_time'] = 45;
+	$config['auth.distributed_brute_add_time'] = 45;
 
 
 //--------------------------------------------------------------------
@@ -176,7 +176,7 @@ 
 //      - 30 bits of entropy = minimum for a web service with business critical applications (e.g. SAAS).
 //      - 40 bits of entropy = minimum for a bank or other financial service.
 //
-    $config['auth.min_password_strength'] = 18;
+	$config['auth.min_password_strength'] = 18;
 
 //--------------------------------------------------------------------
 // Use Dictionary
@@ -185,7 +185,7 @@ 
 // dictionary to eliminate common words and their variations that would
 // be pretty simply for a hacking attempt to guess?
 //
-    $config['auth.use_dictionary'] = false;
+	$config['auth.use_dictionary'] = false;
 
 //--------------------------------------------------------------------
 // PASSWORD HASHING COST
@@ -208,7 +208,7 @@ 
 //      - 'email'   The are sent an email with an activation link/code
 //      - 'manual'  Requires manual approval by a site administrator.
 //
-    $config['auth.activation_method'] = 'auto';
+	$config['auth.activation_method'] = 'auto';
 
 
 //--------------------------------------------------------------------
@@ -220,4 +220,4 @@ 
 //--------------------------------------------------------------------
 // Sets the Default role id to use when creating new users.
 //
-    $config['auth.default_role_id'] = 3;
+	$config['auth.default_role_id'] = 3;

application/views/notice.php

Braces +5 added lines, -2 removed lines

@@ -4,8 +4,11 @@
         <a href="#" class="close">&times;</a>
     </div>
 
-<?php else: ?>
+<?php else {
+	: ?>
 
     <div id="notice"></div>
 
-<?php endif; ?>
\ No newline at end of file
+<?php endif;
+}
+?>
\ No newline at end of file

myth/Mail/Queue.php

Indentation +3 added lines, -3 removed lines

@@ -34,8 +34,8 @@
 
 class Queue extends CIDbModel {
 
-    protected $table_name = 'mail_queue';
+	protected $table_name = 'mail_queue';
 
-    protected $set_created = false;
-    protected $set_modified = false;
+	protected $set_created = false;
+	protected $set_modified = false;
 }

application/database/migrations/20160111121139_UpdateLoginAttemptsTable.php

Indentation +43 added lines, -43 removed lines

@@ -10,57 +10,57 @@
  */
 class Migration_UpdateLoginAttemmptsTable extends CI_Migration {
 
-    public function up()
-    {
-        $fields = array(
-            'type' => array(
-                'type'       => 'varchar',
-                'constraint' => 64,
-                'null'       => false,
-                'default'    => 'app',
-                'after'      => 'id'
-            ),
-            'ip_address' => array(
-                'type'       => 'varchar',
-                'constraint' => 255,
-                'null'       => true,
-                'after'      => 'type'
-            ),
-            'user_id' => array(
-                'type'       => 'int',
-                'constraint' => 11,
-                'unsigned'   => true,
-                'null'       => true,
-                'after'      => 'ip_address'
-            )
-        );
+	public function up()
+	{
+		$fields = array(
+			'type' => array(
+				'type'       => 'varchar',
+				'constraint' => 64,
+				'null'       => false,
+				'default'    => 'app',
+				'after'      => 'id'
+			),
+			'ip_address' => array(
+				'type'       => 'varchar',
+				'constraint' => 255,
+				'null'       => true,
+				'after'      => 'type'
+			),
+			'user_id' => array(
+				'type'       => 'int',
+				'constraint' => 11,
+				'unsigned'   => true,
+				'null'       => true,
+				'after'      => 'ip_address'
+			)
+		);
 
-        $this->dbforge->add_column('auth_login_attempts', $fields);
+		$this->dbforge->add_column('auth_login_attempts', $fields);
 
-        $this->db->query('ALTER TABLE `auth_login_attempts` ADD KEY (`user_id`)');
+		$this->db->query('ALTER TABLE `auth_login_attempts` ADD KEY (`user_id`)');
 
-        $this->dbforge->drop_column('auth_login_attempts', 'email');
-    }
+		$this->dbforge->drop_column('auth_login_attempts', 'email');
+	}
 
-    //--------------------------------------------------------------------
+	//--------------------------------------------------------------------
 
-    public function down()
-    {
-        $this->dbforge->drop_column('auth_login_attempts', 'type');
-        $this->dbforge->drop_column('auth_login_attempts', 'ip_address');
-        $this->dbforge->drop_column('auth_login_attempts', 'user_id');
+	public function down()
+	{
+		$this->dbforge->drop_column('auth_login_attempts', 'type');
+		$this->dbforge->drop_column('auth_login_attempts', 'ip_address');
+		$this->dbforge->drop_column('auth_login_attempts', 'user_id');
 
-        $column = ['email' => [
-            'type'       => 'varchar',
-            'constraint' => 255,
-            'after'      => 'id'
-        ]];
+		$column = ['email' => [
+			'type'       => 'varchar',
+			'constraint' => 255,
+			'after'      => 'id'
+		]];
 
-        $this->dbforge->add_column('auth_login_attempts', $column);
+		$this->dbforge->add_column('auth_login_attempts', $column);
 
-        $this->db->query('ALTER TABLE `auth_login_attempts` ADD KEY (`email`)');
-    }
+		$this->db->query('ALTER TABLE `auth_login_attempts` ADD KEY (`email`)');
+	}
 
-    //--------------------------------------------------------------------
+	//--------------------------------------------------------------------
 
 }
\ No newline at end of file

myth/_generators/Controller/view_update.tpl.php

Indentation +39 added lines, -39 removed lines

@@ -5,45 +5,45 @@
 <?= $uikit->row([], function() use($uikit, $fields)
 {
 
-    $sizes = [
-        's' => 12,
-        'm' => 6,
-        'l' => 4
-    ];
-    echo $uikit->column( [ 'sizes' => $sizes ], function () use ( $uikit, $fields )
-    {
-
-        foreach ( $fields as $field )
-        {
-
-            echo $uikit->inputWrap( humanize( $field['name'] ), NULL, function () use ( $uikit, $field )
-            {
-
-                switch ( $field['type'] )
-                {
-                    case 'text':
-                        echo "            <input type='text' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
-                        break;
-                    case 'number':
-                        echo "            <input type='number' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
-                        break;
-                    case 'date':
-                        echo "            <input type='date' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
-                        break;
-                    case 'datetime':
-                        echo "            <input type='datetime' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
-                        break;
-                    case 'time':
-                        echo "            <input type='time' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
-                        break;
-                    case 'textarea':
-                        echo "            <textarea  class='form-control' name='{$field['name']}'>@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?></textarea>\n";
-                        break;
-                }
-
-            } );
-        }
-    } );
+	$sizes = [
+		's' => 12,
+		'm' => 6,
+		'l' => 4
+	];
+	echo $uikit->column( [ 'sizes' => $sizes ], function () use ( $uikit, $fields )
+	{
+
+		foreach ( $fields as $field )
+		{
+
+			echo $uikit->inputWrap( humanize( $field['name'] ), NULL, function () use ( $uikit, $field )
+			{
+
+				switch ( $field['type'] )
+				{
+					case 'text':
+						echo "            <input type='text' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
+						break;
+					case 'number':
+						echo "            <input type='number' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
+						break;
+					case 'date':
+						echo "            <input type='date' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
+						break;
+					case 'datetime':
+						echo "            <input type='datetime' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
+						break;
+					case 'time':
+						echo "            <input type='time' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
+						break;
+					case 'textarea':
+						echo "            <textarea  class='form-control' name='{$field['name']}'>@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?></textarea>\n";
+						break;
+				}
+
+			} );
+		}
+	} );
 } );
 ?>
 

Spacing +10 added lines, -10 removed lines

@@ -10,34 +10,34 @@
         'm' => 6,
         'l' => 4
     ];
-    echo $uikit->column( [ 'sizes' => $sizes ], function () use ( $uikit, $fields )
+    echo $uikit->column(['sizes' => $sizes], function() use ($uikit, $fields)
     {
 
-        foreach ( $fields as $field )
+        foreach ($fields as $field)
         {
 
-            echo $uikit->inputWrap( humanize( $field['name'] ), NULL, function () use ( $uikit, $field )
+            echo $uikit->inputWrap(humanize($field['name']), NULL, function() use ($uikit, $field)
             {
 
-                switch ( $field['type'] )
+                switch ($field['type'])
                 {
                     case 'text':
-                        echo "            <input type='text' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
+                        echo "            <input type='text' name='{$field['name']}' class='form-control' value='@= set_value('".$field["name"]."', \$item->".$field['name']." ) ?>' />\n";
                         break;
                     case 'number':
-                        echo "            <input type='number' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
+                        echo "            <input type='number' name='{$field['name']}' class='form-control' value='@= set_value('".$field["name"]."', \$item->".$field['name']." ) ?>' />\n";
                         break;
                     case 'date':
-                        echo "            <input type='date' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
+                        echo "            <input type='date' name='{$field['name']}' class='form-control' value='@= set_value('".$field["name"]."', \$item->".$field['name']." ) ?>' />\n";
                         break;
                     case 'datetime':
-                        echo "            <input type='datetime' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
+                        echo "            <input type='datetime' name='{$field['name']}' class='form-control' value='@= set_value('".$field["name"]."', \$item->".$field['name']." ) ?>' />\n";
                         break;
                     case 'time':
-                        echo "            <input type='time' name='{$field['name']}' class='form-control' value='@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?>' />\n";
+                        echo "            <input type='time' name='{$field['name']}' class='form-control' value='@= set_value('".$field["name"]."', \$item->".$field['name']." ) ?>' />\n";
                         break;
                     case 'textarea':
-                        echo "            <textarea  class='form-control' name='{$field['name']}'>@= set_value('" . $field["name"] . "', \$item->" . $field['name'] . " ) ?></textarea>\n";
+                        echo "            <textarea  class='form-control' name='{$field['name']}'>@= set_value('".$field["name"]."', \$item->".$field['name']." ) ?></textarea>\n";
                         break;
                 }