ci-bonfire / Sprint

myth/Auth/AuthenticateInterface.php

Indentation +191 added lines, -191 removed lines

@@ -42,196 +42,196 @@
  */
 interface AuthenticateInterface {
 
-    /**
-     * Attempt to log a user into the system.
-     *
-     * $credentials is an array of key/value pairs needed to log the user in.
-     * This is often email/password, or username/password.
-     *
-     * @param $credentials
-     * @param bool $remember
-     */
-    public function login($credentials, $remember=false);
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Validates user login information without logging them in.
-     *
-     * $credentials is an array of key/value pairs needed to log the user in.
-     * This is often email/password, or username/password.
-     *
-     * @param $credentials
-     * @param bool $return_user
-     * @return mixed
-     */
-    public function validate($credentials, $return_user=false);
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Logs a user out and removes all session information.
-     *
-     * @return mixed
-     */
-    public function logout();
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Checks whether a user is logged in or not.
-     *
-     * @return bool
-     */
-    public function isLoggedIn();
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Attempts to log a user in based on the "remember me" cookie.
-     *
-     * @return bool
-     */
-    public function viaRemember();
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Registers a new user and handles activation method.
-     *
-     * @param $user_data
-     * @return bool
-     */
-    public function registerUser($user_data);
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Used to verify the user values and activate a user so they can
-     * visit the site.
-     *
-     * @param $data
-     * @return bool
-     */
-    public function activateUser($data);
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Used to allow manual activation of a user with a known ID.
-     *
-     * @param $id
-     * @return bool
-     */
-    public function activateUserById($id);
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Grabs the current user object. Returns NULL if nothing found.
-     *
-     * @return array|null
-     */
-    public function user();
-
-    //--------------------------------------------------------------------
-
-    /**
-     * A convenience method to grab the current user's ID.
-     *
-     * @return int|null
-     */
-    public function id();
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Tells the system to start throttling a user. This may vary by implementation,
-     * but will often add additional time before another login is allowed.
-     *
-     * @param $email
-     * @return mixed
-     */
-    public function isThrottled($email);
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Sends a password reminder email to the user associated with
-     * the passed in $email.
-     *
-     * @param $email
-     * @return mixed
-     */
-    public function remindUser($email);
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Validates the credentials provided and, if valid, resets the password.
-     *
-     * @param $credentials
-     * @param $password
-     * @param $passConfirm
-     * @return mixed
-     */
-    public function resetPassword($credentials, $password, $passConfirm);
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Provides a way for implementations to allow new statuses to be set
-     * on the user. The details will vary based upon implementation, but
-     * will often allow for banning or suspending users.
-     *
-     * @param $newStatus
-     * @param null $message
-     * @return mixed
-     */
-    public function changeStatus($newStatus, $message=null);
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Allows the consuming application to pass in a reference to the
-     * model that should be used.
-     *
-     * The model MUST extend Myth\Models\CIDbModel.
-     *
-     * @param $model
-     * @return mixed
-     */
-    public function useModel($model);
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Returns the current error string.
-     *
-     * @return mixed
-     */
-    public function error();
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Purges all login attempt records from the database.
-     *
-     * @param $email
-     */
-    public function purgeLoginAttempts($email);
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Purges all remember tokens for a single user. Effectively logs
-     * a user out of all devices. Intended to allow users to log themselves
-     * out of all devices as a security measure.
-     *
-     * @param $email
-     */
-    public function purgeRememberTokens($email);
-
-    //--------------------------------------------------------------------
+	/**
+	 * Attempt to log a user into the system.
+	 *
+	 * $credentials is an array of key/value pairs needed to log the user in.
+	 * This is often email/password, or username/password.
+	 *
+	 * @param $credentials
+	 * @param bool $remember
+	 */
+	public function login($credentials, $remember=false);
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Validates user login information without logging them in.
+	 *
+	 * $credentials is an array of key/value pairs needed to log the user in.
+	 * This is often email/password, or username/password.
+	 *
+	 * @param $credentials
+	 * @param bool $return_user
+	 * @return mixed
+	 */
+	public function validate($credentials, $return_user=false);
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Logs a user out and removes all session information.
+	 *
+	 * @return mixed
+	 */
+	public function logout();
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Checks whether a user is logged in or not.
+	 *
+	 * @return bool
+	 */
+	public function isLoggedIn();
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Attempts to log a user in based on the "remember me" cookie.
+	 *
+	 * @return bool
+	 */
+	public function viaRemember();
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Registers a new user and handles activation method.
+	 *
+	 * @param $user_data
+	 * @return bool
+	 */
+	public function registerUser($user_data);
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Used to verify the user values and activate a user so they can
+	 * visit the site.
+	 *
+	 * @param $data
+	 * @return bool
+	 */
+	public function activateUser($data);
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Used to allow manual activation of a user with a known ID.
+	 *
+	 * @param $id
+	 * @return bool
+	 */
+	public function activateUserById($id);
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Grabs the current user object. Returns NULL if nothing found.
+	 *
+	 * @return array|null
+	 */
+	public function user();
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * A convenience method to grab the current user's ID.
+	 *
+	 * @return int|null
+	 */
+	public function id();
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Tells the system to start throttling a user. This may vary by implementation,
+	 * but will often add additional time before another login is allowed.
+	 *
+	 * @param $email
+	 * @return mixed
+	 */
+	public function isThrottled($email);
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Sends a password reminder email to the user associated with
+	 * the passed in $email.
+	 *
+	 * @param $email
+	 * @return mixed
+	 */
+	public function remindUser($email);
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Validates the credentials provided and, if valid, resets the password.
+	 *
+	 * @param $credentials
+	 * @param $password
+	 * @param $passConfirm
+	 * @return mixed
+	 */
+	public function resetPassword($credentials, $password, $passConfirm);
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Provides a way for implementations to allow new statuses to be set
+	 * on the user. The details will vary based upon implementation, but
+	 * will often allow for banning or suspending users.
+	 *
+	 * @param $newStatus
+	 * @param null $message
+	 * @return mixed
+	 */
+	public function changeStatus($newStatus, $message=null);
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Allows the consuming application to pass in a reference to the
+	 * model that should be used.
+	 *
+	 * The model MUST extend Myth\Models\CIDbModel.
+	 *
+	 * @param $model
+	 * @return mixed
+	 */
+	public function useModel($model);
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Returns the current error string.
+	 *
+	 * @return mixed
+	 */
+	public function error();
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Purges all login attempt records from the database.
+	 *
+	 * @param $email
+	 */
+	public function purgeLoginAttempts($email);
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Purges all remember tokens for a single user. Effectively logs
+	 * a user out of all devices. Intended to allow users to log themselves
+	 * out of all devices as a security measure.
+	 *
+	 * @param $email
+	 */
+	public function purgeRememberTokens($email);
+
+	//--------------------------------------------------------------------
 
 }

myth/Auth/Flat/FlatGroupsModel.php

Indentation +22 added lines, -22 removed lines

@@ -85,10 +85,10 @@ 
 	 */
 	public function addUserToGroup($user_id, $group_id)
 	{
-	    $data = [
-		    'user_id'   => (int)$user_id,
-		    'group_id'  => (int)$group_id
-	    ];
+		$data = [
+			'user_id'   => (int)$user_id,
+			'group_id'  => (int)$group_id
+		];
 
 		return $this->db->insert('auth_groups_users', $data);
 	}
@@ -105,10 +105,10 @@ 
 	 */
 	public function removeUserFromGroup($user_id, $group_id)
 	{
-	    return $this->where([
-		    'user_id' => (int)$user_id,
-		    'group_id' => (int)$group_id
-	    ])->delete('auth_groups_users');
+		return $this->where([
+			'user_id' => (int)$user_id,
+			'group_id' => (int)$group_id
+		])->delete('auth_groups_users');
 	}
 
 	//--------------------------------------------------------------------
@@ -122,8 +122,8 @@ 
 	 */
 	public function removeUserFromAllGroups($user_id)
 	{
-	    return $this->db->where('user_id', (int)$user_id)
-		                ->delete('auth_groups_users');
+		return $this->db->where('user_id', (int)$user_id)
+						->delete('auth_groups_users');
 	}
 
 	//--------------------------------------------------------------------
@@ -137,11 +137,11 @@ 
 	 */
 	public function getGroupsForUser($user_id)
 	{
-	    return $this->select('auth_groups_users.*, auth_groups.name, auth_groups.description')
-		            ->join('auth_groups_users', 'auth_groups_users.group_id = auth_groups.id', 'left')
-		            ->where('user_id', $user_id)
-		            ->as_array()
-		            ->find_all();
+		return $this->select('auth_groups_users.*, auth_groups.name, auth_groups.description')
+					->join('auth_groups_users', 'auth_groups_users.group_id = auth_groups.id', 'left')
+					->where('user_id', $user_id)
+					->as_array()
+					->find_all();
 	}
 
 	//--------------------------------------------------------------------
@@ -160,7 +160,7 @@ 
 			'group_id'      => (int)$group_id
 		];
 
-	    return $this->db->insert('auth_groups_permissions', $data);
+		return $this->db->insert('auth_groups_permissions', $data);
 	}
 
 	//--------------------------------------------------------------------
@@ -176,10 +176,10 @@ 
 	 */
 	public function removePermissionFromGroup($permission_id, $group_id)
 	{
-	    return $this->db->where([
-		    'permission_id' => $permission_id,
-		    'group_id'      => $group_id
-	    ])->delete('auth_groups_permissions');
+		return $this->db->where([
+			'permission_id' => $permission_id,
+			'group_id'      => $group_id
+		])->delete('auth_groups_permissions');
 	}
 
 	//--------------------------------------------------------------------
@@ -193,8 +193,8 @@ 
 	 */
 	public function removePermissionFromAllGroups($permission_id)
 	{
-	    return $this->db->where('permission_id', $permission_id)
-		                ->delete('auth_groups_permissions');
+		return $this->db->where('permission_id', $permission_id)
+						->delete('auth_groups_permissions');
 	}
 
 	//--------------------------------------------------------------------

myth/Auth/Password.php

Indentation +321 added lines, -321 removed lines

@@ -51,325 +51,325 @@
  */
 class Password {
 
-    /**
-     * A standardized method for hasing a password before storing
-     * in the database.
-     *
-     * @param $password
-     * @return bool|mixed|string
-     */
-    public static function hashPassword($password)
-    {
-        if (! config_item('auth.hash_cost'))
-        {
-            get_instance()->load->config('auth');
-        }
-
-        return password_hash($password, PASSWORD_DEFAULT, ['cost' => config_item('auth.hash_cost')]);
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Determines the number of entropy bits a password has based on
-     *
-     *
-     * @param $password
-     * @param bool $repeatcalc
-     * @return int
-     */
-    public static function getNISTNumBits($password, $repeatcalc = false)
-    {
-        $y = strlen($password);
-        if ($repeatcalc)
-        {
-            // Variant on NIST rules to reduce long sequences of repeated characters.
-            $result = 0;
-            $charmult = array_fill(0, 256, 1);
-            for ($x = 0; $x < $y; $x++)
-            {
-                $tempchr = ord(substr($password, $x, 1));
-                if ($x > 19)  $result += $charmult[$tempchr];
-                else if ($x > 7)  $result += $charmult[$tempchr] * 1.5;
-                else if ($x > 0)  $result += $charmult[$tempchr] * 2;
-                else  $result += 4;
-
-                $charmult[$tempchr] *= 0.75;
-            }
-
-            return $result;
-        }
-        else
-        {
-            if ($y > 20)  return 4 + (7 * 2) + (12 * 1.5) + $y - 20;
-            if ($y > 8)  return 4 + (7 * 2) + (($y - 8) * 1.5);
-            if ($y > 1)  return 4 + (($y - 1) * 2);
-
-            return ($y == 1 ? 4 : 0);
-        }
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Determines whether a password is strong enough to use. You should check
-     * the password against this method and reject it if the password is not
-     * strong enough.
-     *
-     * The following guidelines come from the author's tests against 10.4 million actual passwords
-     * ( see post: http://cubicspot.blogspot.com/2012/01/how-to-calculate-password-strength-part.html )
-     * and represents the suggested minimum entropy bits for different types of sites:
-     *
-     *      - 18 bits of entropy = minimum for ANY website.
-     *      - 25 bits of entropy = minimum for a general purpose web service used relatively widely (e.g. Hotmail).
-     *      - 30 bits of entropy = minimum for a web service with business critical applications (e.g. SAAS).
-     *      - 40 bits of entropy = minimum for a bank or other financial service.
-     *
-     * The algorithm is based upon a modified version of the NIST rules which suggest the following:
-     *
-     *      - The first byte counts as 4 bits.
-     *      - The next 7 bytes count as 2 bits each.
-     *      - The next 12 bytes count as 1.5 bits each.
-     *      - Anything beyond that counts as 1 bit each.
-     *      - Mixed case + non-alphanumeric = up to 6 extra bits.
-     *
-     * @param string    $password   - The password to check
-     * @param int       $minbits    - Minimum "entropy bits" that is allowed
-     * @param bool      $usedict    - Should we check the password against a 300,000 word English dictionary?
-     * @param int       $minwordlen -
-     * @return bool
-     */
-    public static function isStrongPassword($password, $minbits = 18, $usedict = false, $minwordlen = 4)
-    {
-        // NIST password strength rules allow up to 6 extra bits for mixed case and non-alphabetic.
-        $upper = false;
-        $lower = false;
-        $numeric = false;
-        $other = false;
-        $space = false;
-        $y = strlen($password);
-        for ($x = 0; $x < $y; $x++)
-        {
-            $tempchr = ord(substr($password, $x, 1));
-            if ($tempchr >= ord("A") && $tempchr <= ord("Z"))  $upper = true;
-            else if ($tempchr >= ord("a") && $tempchr <= ord("z"))  $lower = true;
-            else if ($tempchr >= ord("0") && $tempchr <= ord("9"))  $numeric = true;
-            else if ($tempchr == ord(" "))  $space = true;
-            else  $other = true;
-        }
-        $extrabits = ($upper && $lower && $other ? ($numeric ? 6 : 5) : ($numeric && !$upper && !$lower ? ($other ? -2 : -6) : 0));
-        if (!$space)  $extrabits -= 2;
-        else if (count(explode(" ", preg_replace('/\s+/', " ", $password))) > 3)  $extrabits++;
-        $result = self::getNISTNumBits($password, true) + $extrabits;
-
-        $password = strtolower($password);
-        $revpassword = strrev($password);
-        $numbits = self::getNISTNumBits($password) + $extrabits;
-        if ($result > $numbits)  $result = $numbits;
-
-        // Remove QWERTY strings.
-        $qwertystrs = array(
-            "1234567890-qwertyuiopasdfghjkl;zxcvbnm,./",
-            "1qaz2wsx3edc4rfv5tgb6yhn7ujm8ik,9ol.0p;/-['=]:?_{\"+}",
-            "1qaz2wsx3edc4rfv5tgb6yhn7ujm8ik9ol0p",
-            "qazwsxedcrfvtgbyhnujmik,ol.p;/-['=]:?_{\"+}",
-            "qazwsxedcrfvtgbyhnujmikolp",
-            "]\"/=[;.-pl,0okm9ijn8uhb7ygv6tfc5rdx4esz3wa2q1",
-            "pl0okm9ijn8uhb7ygv6tfc5rdx4esz3wa2q1",
-            "]\"/[;.pl,okmijnuhbygvtfcrdxeszwaq",
-            "plokmijnuhbygvtfcrdxeszwaq",
-            "014725836914702583697894561230258/369*+-*/",
-            "abcdefghijklmnopqrstuvwxyz"
-        );
-        foreach ($qwertystrs as $qwertystr)
-        {
-            $qpassword = $password;
-            $qrevpassword = $revpassword;
-            $z = 6;
-            do
-            {
-                $y = strlen($qwertystr) - $z;
-                for ($x = 0; $x < $y; $x++)
-                {
-                    $str = substr($qwertystr, $x, $z);
-                    $qpassword = str_replace($str, "*", $qpassword);
-                    $qrevpassword = str_replace($str, "*", $qrevpassword);
-                }
-
-                $z--;
-            } while ($z > 2);
-
-            $numbits = self::getNISTNumBits($qpassword) + $extrabits;
-            if ($result > $numbits)  $result = $numbits;
-            $numbits = self::getNISTNumBits($qrevpassword) + $extrabits;
-            if ($result > $numbits)  $result = $numbits;
-
-            if ($result < $minbits)  return false;
-        }
-
-        if ($usedict && $result >= $minbits)
-        {
-            $passwords = array();
-
-            // Add keyboard shifting password variants.
-            $keyboardmap_down_noshift = array(
-                "z" => "", "x" => "", "c" => "", "v" => "", "b" => "", "n" => "", "m" => "", "," => "", "." => "", "/" => "", "<" => "", ">" => "", "?" => ""
-            );
-            if ($password == str_replace(array_keys($keyboardmap_down_noshift), array_values($keyboardmap_down_noshift), $password))
-            {
-                $keyboardmap_downright = array(
-                    "a" => "z",
-                    "q" => "a",
-                    "1" => "q",
-                    "s" => "x",
-                    "w" => "s",
-                    "2" => "w",
-                    "d" => "c",
-                    "e" => "d",
-                    "3" => "e",
-                    "f" => "v",
-                    "r" => "f",
-                    "4" => "r",
-                    "g" => "b",
-                    "t" => "g",
-                    "5" => "t",
-                    "h" => "n",
-                    "y" => "h",
-                    "6" => "y",
-                    "j" => "m",
-                    "u" => "j",
-                    "7" => "u",
-                    "i" => "k",
-                    "8" => "i",
-                    "o" => "l",
-                    "9" => "o",
-                    "0" => "p",
-                );
-
-                $keyboardmap_downleft = array(
-                    "2" => "q",
-                    "w" => "a",
-                    "3" => "w",
-                    "s" => "z",
-                    "e" => "s",
-                    "4" => "e",
-                    "d" => "x",
-                    "r" => "d",
-                    "5" => "r",
-                    "f" => "c",
-                    "t" => "f",
-                    "6" => "t",
-                    "g" => "v",
-                    "y" => "g",
-                    "7" => "y",
-                    "h" => "b",
-                    "u" => "h",
-                    "8" => "u",
-                    "j" => "n",
-                    "i" => "j",
-                    "9" => "i",
-                    "k" => "m",
-                    "o" => "k",
-                    "0" => "o",
-                    "p" => "l",
-                    "-" => "p",
-                );
-
-                $password2 = str_replace(array_keys($keyboardmap_downright), array_values($keyboardmap_downright), $password);
-                $passwords[] = $password2;
-                $passwords[] = strrev($password2);
-
-                $password2 = str_replace(array_keys($keyboardmap_downleft), array_values($keyboardmap_downleft), $password);
-                $passwords[] = $password2;
-                $passwords[] = strrev($password2);
-            }
-
-            // Deal with LEET-Speak substitutions.
-            $leetspeakmap = array(
-                "@" => "a",
-                "!" => "i",
-                "$" => "s",
-                "1" => "i",
-                "2" => "z",
-                "3" => "e",
-                "4" => "a",
-                "5" => "s",
-                "6" => "g",
-                "7" => "t",
-                "8" => "b",
-                "9" => "g",
-                "0" => "o"
-            );
-
-            $password2 = str_replace(array_keys($leetspeakmap), array_values($leetspeakmap), $password);
-            $passwords[] = $password2;
-            $passwords[] = strrev($password2);
-
-            $leetspeakmap["1"] = "l";
-            $password3 = str_replace(array_keys($leetspeakmap), array_values($leetspeakmap), $password);
-            if ($password3 != $password2)
-            {
-                $passwords[] = $password3;
-                $passwords[] = strrev($password3);
-            }
-
-            // Process the password, while looking for words in the dictionary.
-            $a = ord("a");
-            $z = ord("z");
-            $data = file_get_contents(DICTIONARY_PATH);
-            foreach ($passwords as $num => $password)
-            {
-                $y = strlen($password);
-                for ($x = 0; $x < $y; $x++)
-                {
-                    $tempchr = ord(substr($password, $x, 1));
-                    if ($tempchr >= $a && $tempchr <= $z)
-                    {
-                        for ($x2 = $x + 1; $x2 < $y; $x2++)
-                        {
-                            $tempchr = ord(substr($password, $x2, 1));
-                            if ($tempchr < $a || $tempchr > $z)  break;
-                        }
-
-                        $found = false;
-                        while (!$found && $x2 - $x >= $minwordlen)
-                        {
-                            $word = "/\\n" . substr($password, $x, $minwordlen);
-                            for ($x3 = $x + $minwordlen; $x3 < $x2; $x3++)  $word .= "(" . $password{$x3};
-                            for ($x3 = $x + $minwordlen; $x3 < $x2; $x3++)  $word .= ")?";
-                            $word .= "\\n/";
-
-                            preg_match_all($word, $data, $matches);
-                            if (!count($matches[0]))
-                            {
-                                $password{$x} = "*";
-                                $x++;
-                                $numbits = self::getNISTNumBits(substr($password, 0, $x)) + $extrabits;
-                                if ($numbits >= $minbits)  $found = true;
-                            }
-                            else
-                            {
-                                foreach ($matches[0] as $match)
-                                {
-                                    $password2 = str_replace(trim($match), "*", $password);
-                                    $numbits = self::getNISTNumBits($password2) + $extrabits;
-                                    if ($result > $numbits)  $result = $numbits;
-
-                                    if ($result < $minbits)  return false;
-                                }
-
-                                $found = true;
-                            }
-                        }
-
-                        if ($found)  break;
-
-                        $x = $x2 - 1;
-                    }
-                }
-            }
-        }
-
-        return $result >= $minbits;
-    }
+	/**
+	 * A standardized method for hasing a password before storing
+	 * in the database.
+	 *
+	 * @param $password
+	 * @return bool|mixed|string
+	 */
+	public static function hashPassword($password)
+	{
+		if (! config_item('auth.hash_cost'))
+		{
+			get_instance()->load->config('auth');
+		}
+
+		return password_hash($password, PASSWORD_DEFAULT, ['cost' => config_item('auth.hash_cost')]);
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Determines the number of entropy bits a password has based on
+	 *
+	 *
+	 * @param $password
+	 * @param bool $repeatcalc
+	 * @return int
+	 */
+	public static function getNISTNumBits($password, $repeatcalc = false)
+	{
+		$y = strlen($password);
+		if ($repeatcalc)
+		{
+			// Variant on NIST rules to reduce long sequences of repeated characters.
+			$result = 0;
+			$charmult = array_fill(0, 256, 1);
+			for ($x = 0; $x < $y; $x++)
+			{
+				$tempchr = ord(substr($password, $x, 1));
+				if ($x > 19)  $result += $charmult[$tempchr];
+				else if ($x > 7)  $result += $charmult[$tempchr] * 1.5;
+				else if ($x > 0)  $result += $charmult[$tempchr] * 2;
+				else  $result += 4;
+
+				$charmult[$tempchr] *= 0.75;
+			}
+
+			return $result;
+		}
+		else
+		{
+			if ($y > 20)  return 4 + (7 * 2) + (12 * 1.5) + $y - 20;
+			if ($y > 8)  return 4 + (7 * 2) + (($y - 8) * 1.5);
+			if ($y > 1)  return 4 + (($y - 1) * 2);
+
+			return ($y == 1 ? 4 : 0);
+		}
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Determines whether a password is strong enough to use. You should check
+	 * the password against this method and reject it if the password is not
+	 * strong enough.
+	 *
+	 * The following guidelines come from the author's tests against 10.4 million actual passwords
+	 * ( see post: http://cubicspot.blogspot.com/2012/01/how-to-calculate-password-strength-part.html )
+	 * and represents the suggested minimum entropy bits for different types of sites:
+	 *
+	 *      - 18 bits of entropy = minimum for ANY website.
+	 *      - 25 bits of entropy = minimum for a general purpose web service used relatively widely (e.g. Hotmail).
+	 *      - 30 bits of entropy = minimum for a web service with business critical applications (e.g. SAAS).
+	 *      - 40 bits of entropy = minimum for a bank or other financial service.
+	 *
+	 * The algorithm is based upon a modified version of the NIST rules which suggest the following:
+	 *
+	 *      - The first byte counts as 4 bits.
+	 *      - The next 7 bytes count as 2 bits each.
+	 *      - The next 12 bytes count as 1.5 bits each.
+	 *      - Anything beyond that counts as 1 bit each.
+	 *      - Mixed case + non-alphanumeric = up to 6 extra bits.
+	 *
+	 * @param string    $password   - The password to check
+	 * @param int       $minbits    - Minimum "entropy bits" that is allowed
+	 * @param bool      $usedict    - Should we check the password against a 300,000 word English dictionary?
+	 * @param int       $minwordlen -
+	 * @return bool
+	 */
+	public static function isStrongPassword($password, $minbits = 18, $usedict = false, $minwordlen = 4)
+	{
+		// NIST password strength rules allow up to 6 extra bits for mixed case and non-alphabetic.
+		$upper = false;
+		$lower = false;
+		$numeric = false;
+		$other = false;
+		$space = false;
+		$y = strlen($password);
+		for ($x = 0; $x < $y; $x++)
+		{
+			$tempchr = ord(substr($password, $x, 1));
+			if ($tempchr >= ord("A") && $tempchr <= ord("Z"))  $upper = true;
+			else if ($tempchr >= ord("a") && $tempchr <= ord("z"))  $lower = true;
+			else if ($tempchr >= ord("0") && $tempchr <= ord("9"))  $numeric = true;
+			else if ($tempchr == ord(" "))  $space = true;
+			else  $other = true;
+		}
+		$extrabits = ($upper && $lower && $other ? ($numeric ? 6 : 5) : ($numeric && !$upper && !$lower ? ($other ? -2 : -6) : 0));
+		if (!$space)  $extrabits -= 2;
+		else if (count(explode(" ", preg_replace('/\s+/', " ", $password))) > 3)  $extrabits++;
+		$result = self::getNISTNumBits($password, true) + $extrabits;
+
+		$password = strtolower($password);
+		$revpassword = strrev($password);
+		$numbits = self::getNISTNumBits($password) + $extrabits;
+		if ($result > $numbits)  $result = $numbits;
+
+		// Remove QWERTY strings.
+		$qwertystrs = array(
+			"1234567890-qwertyuiopasdfghjkl;zxcvbnm,./",
+			"1qaz2wsx3edc4rfv5tgb6yhn7ujm8ik,9ol.0p;/-['=]:?_{\"+}",
+			"1qaz2wsx3edc4rfv5tgb6yhn7ujm8ik9ol0p",
+			"qazwsxedcrfvtgbyhnujmik,ol.p;/-['=]:?_{\"+}",
+			"qazwsxedcrfvtgbyhnujmikolp",
+			"]\"/=[;.-pl,0okm9ijn8uhb7ygv6tfc5rdx4esz3wa2q1",
+			"pl0okm9ijn8uhb7ygv6tfc5rdx4esz3wa2q1",
+			"]\"/[;.pl,okmijnuhbygvtfcrdxeszwaq",
+			"plokmijnuhbygvtfcrdxeszwaq",
+			"014725836914702583697894561230258/369*+-*/",
+			"abcdefghijklmnopqrstuvwxyz"
+		);
+		foreach ($qwertystrs as $qwertystr)
+		{
+			$qpassword = $password;
+			$qrevpassword = $revpassword;
+			$z = 6;
+			do
+			{
+				$y = strlen($qwertystr) - $z;
+				for ($x = 0; $x < $y; $x++)
+				{
+					$str = substr($qwertystr, $x, $z);
+					$qpassword = str_replace($str, "*", $qpassword);
+					$qrevpassword = str_replace($str, "*", $qrevpassword);
+				}
+
+				$z--;
+			} while ($z > 2);
+
+			$numbits = self::getNISTNumBits($qpassword) + $extrabits;
+			if ($result > $numbits)  $result = $numbits;
+			$numbits = self::getNISTNumBits($qrevpassword) + $extrabits;
+			if ($result > $numbits)  $result = $numbits;
+
+			if ($result < $minbits)  return false;
+		}
+
+		if ($usedict && $result >= $minbits)
+		{
+			$passwords = array();
+
+			// Add keyboard shifting password variants.
+			$keyboardmap_down_noshift = array(
+				"z" => "", "x" => "", "c" => "", "v" => "", "b" => "", "n" => "", "m" => "", "," => "", "." => "", "/" => "", "<" => "", ">" => "", "?" => ""
+			);
+			if ($password == str_replace(array_keys($keyboardmap_down_noshift), array_values($keyboardmap_down_noshift), $password))
+			{
+				$keyboardmap_downright = array(
+					"a" => "z",
+					"q" => "a",
+					"1" => "q",
+					"s" => "x",
+					"w" => "s",
+					"2" => "w",
+					"d" => "c",
+					"e" => "d",
+					"3" => "e",
+					"f" => "v",
+					"r" => "f",
+					"4" => "r",
+					"g" => "b",
+					"t" => "g",
+					"5" => "t",
+					"h" => "n",
+					"y" => "h",
+					"6" => "y",
+					"j" => "m",
+					"u" => "j",
+					"7" => "u",
+					"i" => "k",
+					"8" => "i",
+					"o" => "l",
+					"9" => "o",
+					"0" => "p",
+				);
+
+				$keyboardmap_downleft = array(
+					"2" => "q",
+					"w" => "a",
+					"3" => "w",
+					"s" => "z",
+					"e" => "s",
+					"4" => "e",
+					"d" => "x",
+					"r" => "d",
+					"5" => "r",
+					"f" => "c",
+					"t" => "f",
+					"6" => "t",
+					"g" => "v",
+					"y" => "g",
+					"7" => "y",
+					"h" => "b",
+					"u" => "h",
+					"8" => "u",
+					"j" => "n",
+					"i" => "j",
+					"9" => "i",
+					"k" => "m",
+					"o" => "k",
+					"0" => "o",
+					"p" => "l",
+					"-" => "p",
+				);
+
+				$password2 = str_replace(array_keys($keyboardmap_downright), array_values($keyboardmap_downright), $password);
+				$passwords[] = $password2;
+				$passwords[] = strrev($password2);
+
+				$password2 = str_replace(array_keys($keyboardmap_downleft), array_values($keyboardmap_downleft), $password);
+				$passwords[] = $password2;
+				$passwords[] = strrev($password2);
+			}
+
+			// Deal with LEET-Speak substitutions.
+			$leetspeakmap = array(
+				"@" => "a",
+				"!" => "i",
+				"$" => "s",
+				"1" => "i",
+				"2" => "z",
+				"3" => "e",
+				"4" => "a",
+				"5" => "s",
+				"6" => "g",
+				"7" => "t",
+				"8" => "b",
+				"9" => "g",
+				"0" => "o"
+			);
+
+			$password2 = str_replace(array_keys($leetspeakmap), array_values($leetspeakmap), $password);
+			$passwords[] = $password2;
+			$passwords[] = strrev($password2);
+
+			$leetspeakmap["1"] = "l";
+			$password3 = str_replace(array_keys($leetspeakmap), array_values($leetspeakmap), $password);
+			if ($password3 != $password2)
+			{
+				$passwords[] = $password3;
+				$passwords[] = strrev($password3);
+			}
+
+			// Process the password, while looking for words in the dictionary.
+			$a = ord("a");
+			$z = ord("z");
+			$data = file_get_contents(DICTIONARY_PATH);
+			foreach ($passwords as $num => $password)
+			{
+				$y = strlen($password);
+				for ($x = 0; $x < $y; $x++)
+				{
+					$tempchr = ord(substr($password, $x, 1));
+					if ($tempchr >= $a && $tempchr <= $z)
+					{
+						for ($x2 = $x + 1; $x2 < $y; $x2++)
+						{
+							$tempchr = ord(substr($password, $x2, 1));
+							if ($tempchr < $a || $tempchr > $z)  break;
+						}
+
+						$found = false;
+						while (!$found && $x2 - $x >= $minwordlen)
+						{
+							$word = "/\\n" . substr($password, $x, $minwordlen);
+							for ($x3 = $x + $minwordlen; $x3 < $x2; $x3++)  $word .= "(" . $password{$x3};
+							for ($x3 = $x + $minwordlen; $x3 < $x2; $x3++)  $word .= ")?";
+							$word .= "\\n/";
+
+							preg_match_all($word, $data, $matches);
+							if (!count($matches[0]))
+							{
+								$password{$x} = "*";
+								$x++;
+								$numbits = self::getNISTNumBits(substr($password, 0, $x)) + $extrabits;
+								if ($numbits >= $minbits)  $found = true;
+							}
+							else
+							{
+								foreach ($matches[0] as $match)
+								{
+									$password2 = str_replace(trim($match), "*", $password);
+									$numbits = self::getNISTNumBits($password2) + $extrabits;
+									if ($result > $numbits)  $result = $numbits;
+
+									if ($result < $minbits)  return false;
+								}
+
+								$found = true;
+							}
+						}
+
+						if ($found)  break;
+
+						$x = $x2 - 1;
+					}
+				}
+			}
+		}
+
+		return $result >= $minbits;
+	}
 }

myth/CIModules/auth/helpers/password_helper.php

Indentation +21 added lines, -21 removed lines

@@ -32,28 +32,28 @@
 
 if (! function_exists('isStrongPassword'))
 {
-    /**
-     * Works with Myth\Auth\Password to enforce a strong password.
-     * Uses settings from the auth config file.
-     *
-     * @param $password
-     */
-    function isStrongPassword($password)
-    {
-        $min_strength = config_item('auth.min_password_strength');
-        $use_dict = config_item('auth.use_dictionary');
+	/**
+	 * Works with Myth\Auth\Password to enforce a strong password.
+	 * Uses settings from the auth config file.
+	 *
+	 * @param $password
+	 */
+	function isStrongPassword($password)
+	{
+		$min_strength = config_item('auth.min_password_strength');
+		$use_dict = config_item('auth.use_dictionary');
 
-        $strong = \Myth\Auth\Password::isStrongPassword($password, $min_strength, $use_dict);
+		$strong = \Myth\Auth\Password::isStrongPassword($password, $min_strength, $use_dict);
 
-        if (! $strong)
-        {
-            if (isset(get_instance()->form_validation))
-            {
-                get_instance()->form_validation->set_message('isStrongPassword', lang('auth.pass_not_strong'));
-            }
-            return false;
-        }
+		if (! $strong)
+		{
+			if (isset(get_instance()->form_validation))
+			{
+				get_instance()->form_validation->set_message('isStrongPassword', lang('auth.pass_not_strong'));
+			}
+			return false;
+		}
 
-        return true;
-    }
+		return true;
+	}
 }

myth/CIModules/auth/models/Login_model.php

Indentation +269 added lines, -269 removed lines

@@ -41,274 +41,274 @@
  */
 class Login_model extends \Myth\Models\CIDbModel {
 
-    protected $table_name = 'auth_logins';
-
-    protected $set_created = false;
-    protected $set_modified = false;
-
-    //--------------------------------------------------------------------
-
-    //--------------------------------------------------------------------
-    // Login Attempts
-    //--------------------------------------------------------------------
-
-    /**
-     * Records a login attempt. This is used to implement
-     * throttling of user login attempts.
-     *
-     * @param $email
-     * @return object
-     */
-    public function recordLoginAttempt($email)
-    {
-        $data = [
-            'email' => $email,
-            'datetime' => date('Y-m-d H:i:s')
-        ];
-
-        return $this->db->insert('auth_login_attempts', $data);
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Purges all login attempt records from the database.
-     *
-     * @param $email
-     * @return mixed
-     */
-    public function purgeLoginAttempts($email)
-    {
-        return $this->db->where('email', $email)
-                        ->delete('auth_login_attempts');
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Checks to see if how many login attempts have been attempted in the
-     * last 60 seconds. If over 100, it is considered to be under a
-     * brute force attempt.
-     *
-     * @param $email
-     * @return bool
-     */
-    public function isBruteForced($email)
-    {
-        $start_time = date('Y-m-d H:i:s', time() - 60);
-
-        $attempts = $this->db->where('email', $email)
-                             ->where('datetime >=', $start_time)
-                             ->count_all_results('auth_login_attempts');
-
-        return $attempts > 100;
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Attempts to determine if the system is under a distributed
-     * brute force attack.
-     *
-     * To determine if we are in under a brute force attack, we first
-     * find the average number of bad logins per day that never converted to
-     * successful logins over the last 3 months. Then we compare
-     * that to the the average number of logins in the past 24 hours.
-     *
-     * If the number of attempts in the last 24 hours is more than X (see config)
-     * times the average, then institute additional throttling.
-     *
-     * @return int The time to add to any throttling.
-     */
-    public function distributedBruteForceTime()
-    {
-        if (! $time = $this->cache->get('dbrutetime'))
-        {
-            $time = 0;
-
-            // Compute our daily average over the last 3 months.
-            $avg_start_time = date('Y-m-d 00:00:00', strtotime('-3 months'));
-
-            $query = $this->db->query("SELECT COUNT(*) / COUNT(DISTINCT DATE(`datetime`)) as num_rows FROM `auth_login_attempts` WHERE `datetime` >= ?", $avg_start_time);
-
-            if (! $query->num_rows())
-            {
-                $average = 0;
-            }
-            else
-            {
-                $average = $query->row()->num_rows;
-            }
-
-            // Get the total in the last 24 hours
-            $today_start_time = date('Y-m-d H:i:s', strtotime('-24 hours'));
-
-            $attempts = $this->db->where('datetime >=', $today_start_time)
-                                 ->count_all_results('auth_login_attempts');
-
-            if ($attempts > (config_item('auth.dbrute_multiplier') * $average))
-            {
-                $time = config_item('auth.distributed_brute_add_time');
-            }
-
-            // Cache it for 3 hours.
-            $this->cache->save('dbrutetime', $time, 60*60*3);
-        }
-
-        return $time;
-    }
-
-    //--------------------------------------------------------------------
-
-    //--------------------------------------------------------------------
-    // Logins
-    //--------------------------------------------------------------------
-
-    /**
-     * Records a successful login. This stores in a table so that a
-     * history can be pulled up later if needed for security analyses.
-     *
-     * @param $user
-     */
-    public function recordLogin($user)
-    {
-        $data = [
-            'user_id'    => (int)$user['id'],
-            'datetime'   => date('Y-m-d H:i:s'),
-            'ip_address' => $this->input->ip_address()
-        ];
-
-        return $this->db->insert('auth_logins', $data);
-    }
-
-    //--------------------------------------------------------------------
-
-    //--------------------------------------------------------------------
-    // Tokens
-    //--------------------------------------------------------------------
-
-    /**
-     * Generates a new token for the rememberme cookie.
-     *
-     * The token is based on the user's email address (since everyone will have one)
-     * with the '@' turned to a '.', followed by a pipe (|) and a random 128-character
-     * string with letters and numbers.
-     *
-     * @param $user
-     * @return mixed
-     */
-    public function generateRememberToken($user)
-    {
-        $this->load->helper('string');
-
-        return str_replace('@', '.', $user['email']) .'|' . random_string('alnum', 128);
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Hashes the token for the Remember Me Functionality.
-     *
-     * @param $token
-     * @return string
-     */
-    public function hashRememberToken($token)
-    {
-        return sha1(config_item('auth.salt') . $token);
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Deletes a single token that matches the email/token combo.
-     *
-     * @param $email
-     * @param $token
-     * @return mixed
-     */
-    public function deleteRememberToken($email, $token)
-    {
-        $where = [
-            'email' => $email,
-            'hash'  => $this->hashRememberToken($token)
-        ];
-
-        $this->db->delete('auth_tokens', $where);
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Removes all persistent login tokens (RememberMe) for a single user
-     * across all devices they may have logged in with.
-     *
-     * @param $email
-     * @return mixed
-     */
-    public function purgeRememberTokens($email)
-    {
-        return $this->db->delete('auth_tokens', ['email' => $email]);
-    }
-
-    //--------------------------------------------------------------------
-
-
-    /**
-     * Purges the 'auth_tokens' table of any records that are too old
-     * to be of any use anymore. This equates to 1 week older than
-     * the remember_length set in the config file.
-     */
-    public function purgeOldRememberTokens()
-    {
-        if (! config_item('auth.allow_remembering'))
-        {
-            return;
-        }
-
-        $date = time() - config_item('auth.remember_length') - 604800; // 1 week
-        $date = date('Y-m-d 00:00:00', $date);
-
-        $this->db->where('created <=', $date)
-                 ->delete('auth_tokens');
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Gets the timestamp of the last attempted login for this user.
-     *
-     * @param $email
-     * @return int|null
-     */
-    public function lastLoginAttemptTime($email)
-    {
-        $query = $this->db->where('email', $email)
-                          ->order_by('datetime', 'desc')
-                          ->limit(1)
-                          ->get('auth_login_attempts');
-
-        if (! $query->num_rows())
-        {
-            return 0;
-        }
-
-        return strtotime($query->row()->datetime);
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Returns the number of failed login attempts for a single email.
-     *
-     * @param $email
-     * @return int
-     */
-    public function countLoginAttempts($email)
-    {
-        return $this->db->where('email', $email)
-                        ->count_all_results('auth_login_attempts');
-    }
-
-    //--------------------------------------------------------------------
+	protected $table_name = 'auth_logins';
+
+	protected $set_created = false;
+	protected $set_modified = false;
+
+	//--------------------------------------------------------------------
+
+	//--------------------------------------------------------------------
+	// Login Attempts
+	//--------------------------------------------------------------------
+
+	/**
+	 * Records a login attempt. This is used to implement
+	 * throttling of user login attempts.
+	 *
+	 * @param $email
+	 * @return object
+	 */
+	public function recordLoginAttempt($email)
+	{
+		$data = [
+			'email' => $email,
+			'datetime' => date('Y-m-d H:i:s')
+		];
+
+		return $this->db->insert('auth_login_attempts', $data);
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Purges all login attempt records from the database.
+	 *
+	 * @param $email
+	 * @return mixed
+	 */
+	public function purgeLoginAttempts($email)
+	{
+		return $this->db->where('email', $email)
+						->delete('auth_login_attempts');
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Checks to see if how many login attempts have been attempted in the
+	 * last 60 seconds. If over 100, it is considered to be under a
+	 * brute force attempt.
+	 *
+	 * @param $email
+	 * @return bool
+	 */
+	public function isBruteForced($email)
+	{
+		$start_time = date('Y-m-d H:i:s', time() - 60);
+
+		$attempts = $this->db->where('email', $email)
+							 ->where('datetime >=', $start_time)
+							 ->count_all_results('auth_login_attempts');
+
+		return $attempts > 100;
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Attempts to determine if the system is under a distributed
+	 * brute force attack.
+	 *
+	 * To determine if we are in under a brute force attack, we first
+	 * find the average number of bad logins per day that never converted to
+	 * successful logins over the last 3 months. Then we compare
+	 * that to the the average number of logins in the past 24 hours.
+	 *
+	 * If the number of attempts in the last 24 hours is more than X (see config)
+	 * times the average, then institute additional throttling.
+	 *
+	 * @return int The time to add to any throttling.
+	 */
+	public function distributedBruteForceTime()
+	{
+		if (! $time = $this->cache->get('dbrutetime'))
+		{
+			$time = 0;
+
+			// Compute our daily average over the last 3 months.
+			$avg_start_time = date('Y-m-d 00:00:00', strtotime('-3 months'));
+
+			$query = $this->db->query("SELECT COUNT(*) / COUNT(DISTINCT DATE(`datetime`)) as num_rows FROM `auth_login_attempts` WHERE `datetime` >= ?", $avg_start_time);
+
+			if (! $query->num_rows())
+			{
+				$average = 0;
+			}
+			else
+			{
+				$average = $query->row()->num_rows;
+			}
+
+			// Get the total in the last 24 hours
+			$today_start_time = date('Y-m-d H:i:s', strtotime('-24 hours'));
+
+			$attempts = $this->db->where('datetime >=', $today_start_time)
+								 ->count_all_results('auth_login_attempts');
+
+			if ($attempts > (config_item('auth.dbrute_multiplier') * $average))
+			{
+				$time = config_item('auth.distributed_brute_add_time');
+			}
+
+			// Cache it for 3 hours.
+			$this->cache->save('dbrutetime', $time, 60*60*3);
+		}
+
+		return $time;
+	}
+
+	//--------------------------------------------------------------------
+
+	//--------------------------------------------------------------------
+	// Logins
+	//--------------------------------------------------------------------
+
+	/**
+	 * Records a successful login. This stores in a table so that a
+	 * history can be pulled up later if needed for security analyses.
+	 *
+	 * @param $user
+	 */
+	public function recordLogin($user)
+	{
+		$data = [
+			'user_id'    => (int)$user['id'],
+			'datetime'   => date('Y-m-d H:i:s'),
+			'ip_address' => $this->input->ip_address()
+		];
+
+		return $this->db->insert('auth_logins', $data);
+	}
+
+	//--------------------------------------------------------------------
+
+	//--------------------------------------------------------------------
+	// Tokens
+	//--------------------------------------------------------------------
+
+	/**
+	 * Generates a new token for the rememberme cookie.
+	 *
+	 * The token is based on the user's email address (since everyone will have one)
+	 * with the '@' turned to a '.', followed by a pipe (|) and a random 128-character
+	 * string with letters and numbers.
+	 *
+	 * @param $user
+	 * @return mixed
+	 */
+	public function generateRememberToken($user)
+	{
+		$this->load->helper('string');
+
+		return str_replace('@', '.', $user['email']) .'|' . random_string('alnum', 128);
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Hashes the token for the Remember Me Functionality.
+	 *
+	 * @param $token
+	 * @return string
+	 */
+	public function hashRememberToken($token)
+	{
+		return sha1(config_item('auth.salt') . $token);
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Deletes a single token that matches the email/token combo.
+	 *
+	 * @param $email
+	 * @param $token
+	 * @return mixed
+	 */
+	public function deleteRememberToken($email, $token)
+	{
+		$where = [
+			'email' => $email,
+			'hash'  => $this->hashRememberToken($token)
+		];
+
+		$this->db->delete('auth_tokens', $where);
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Removes all persistent login tokens (RememberMe) for a single user
+	 * across all devices they may have logged in with.
+	 *
+	 * @param $email
+	 * @return mixed
+	 */
+	public function purgeRememberTokens($email)
+	{
+		return $this->db->delete('auth_tokens', ['email' => $email]);
+	}
+
+	//--------------------------------------------------------------------
+
+
+	/**
+	 * Purges the 'auth_tokens' table of any records that are too old
+	 * to be of any use anymore. This equates to 1 week older than
+	 * the remember_length set in the config file.
+	 */
+	public function purgeOldRememberTokens()
+	{
+		if (! config_item('auth.allow_remembering'))
+		{
+			return;
+		}
+
+		$date = time() - config_item('auth.remember_length') - 604800; // 1 week
+		$date = date('Y-m-d 00:00:00', $date);
+
+		$this->db->where('created <=', $date)
+				 ->delete('auth_tokens');
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Gets the timestamp of the last attempted login for this user.
+	 *
+	 * @param $email
+	 * @return int|null
+	 */
+	public function lastLoginAttemptTime($email)
+	{
+		$query = $this->db->where('email', $email)
+						  ->order_by('datetime', 'desc')
+						  ->limit(1)
+						  ->get('auth_login_attempts');
+
+		if (! $query->num_rows())
+		{
+			return 0;
+		}
+
+		return strtotime($query->row()->datetime);
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Returns the number of failed login attempts for a single email.
+	 *
+	 * @param $email
+	 * @return int
+	 */
+	public function countLoginAttempts($email)
+	{
+		return $this->db->where('email', $email)
+						->count_all_results('auth_login_attempts');
+	}
+
+	//--------------------------------------------------------------------
 
 }

myth/CIModules/cron/controllers/Cron.php

Indentation +304 added lines, -304 removed lines

@@ -37,325 +37,325 @@
 // todo Add ability to log actual cron jobs to database to verify when they ran for sure.
 class Cron extends \Myth\Controllers\CLIController {
 
-    protected $descriptions = [
-        'show'  => ['show [all/<task>]', 'Lists the names one or more tasks, with run times.'],
-        'run'   => ['run [<task>]', 'Runs all scheduled tasks. If <task> is present only runs that task.'],
-        'disable'   => ['disable', 'Disables the cron system and will not run any tasks.'],
-        'enable'    => ['enable', 'Enables the cron system and will run tasks again.'],
-        'suspend'   => ['suspend <task>', 'Stops a single task from running until resumed.'],
-        'resume'    => ['resume <task>', 'Resumes execution of a single suspended task.']
-    ];
-
-    protected $long_descriptions = [
-        'show'  => '',
-        'run'   => '',
-        'disable'   => '',
-        'enable'    => '',
-        'suspend'   => '',
-        'resume'    => ''
-    ];
-
-    //--------------------------------------------------------------------
-
-    public function __construct()
-    {
-        parent::__construct();
-
-        // Load our tasks into the sytem.
-        require APPPATH .'config/cron.php';
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Runs all of the tasks (after checking their time, of course...)
-     *
-     * @param string $alias
-     * @return mixed
-     */
-    public function run($alias=null)
-    {
-        // Has the system been disabled?
-        if (Settings::get('is_disabled', 'cron') == 'y')
-        {
-            return CLI::error('The cron system has been disabled. No tasks were run.');
-        }
-
-        $force_run = false;
-
-        // Run one task or all?
-        if (! empty($alias))
-        {
-            $tasks = \Myth\Cron\CronManager::task($alias);
-
-            if (is_null($tasks))
-            {
-                return CLI::error("Unable to find the task: '{$alias}'.");
-            }
-
-            $tasks = [ $alias => $tasks];
-            $force_run = true;
-        }
-        else
-        {
-            $tasks = \Myth\Cron\CronManager::tasks();
-        }
-
-        if (empty($tasks))
-        {
-            return CLI::write("There are no tasks to run at this time.");
-        }
-
-        // We need to be able to check against suspended tasks.
-        $suspended = Settings::get('suspended_tasks', 'cron');
-
-        if (! is_array($suspended))
-        {
-            $suspended = array($suspended);
-        }
-
-        // Loop over all of our tasks, checking them against the
-        // suspended tasks to see if they're okay to run.
-
-        // Collect the output of the actions so that we can make
-        // it available to the event (for sending emails and the like)
-        $output = '';
-
-        echo CLI::write('Starting Tasks...');
-
-        foreach ($tasks as $alias => $task)
-        {
-            if (in_array($alias, $suspended))
-            {
-                echo CLI::write("\t[Suspended] {$alias} will not run until resumed.", 'yellow');
-                $output .= "[Suspended] {$alias} will not run until resumed.";
-                continue;
-            }
-
-            echo CLI::write("\tRunning task: {$alias}...");
-            $output .= \Myth\Cron\CronManager::run($alias, $force_run);
-        }
-
-        // Give other people a chance to respond.
-        echo CLI::write('Done. Firing the event so others can play too...');
-
-        Events::trigger('afterCron', [$output]);
-
-        // And we're out of here boys and girls!
-        echo CLI::write('Done');
-    }
-
-    //--------------------------------------------------------------------
-
-
-    /**
-     * Lists one or more tasks with their scheduled run times.
-     *
-     * @param null $task
-     * @return mixed
-     */
-    public function show($task=null)
-    {
-        if (empty($task))
-        {
-            return $this->listTaskNames();
-        }
-
-        if (trim(strtolower($task)) == 'all')
-        {
-            $tasks = \Myth\Cron\CronManager::listAll();
-        }
-        else
-        {
-            $tasks = \Myth\Cron\CronManager::task($task);
-        }
-
-        if (! is_array($tasks))
-        {
-            $tasks = [ $task => [
-                'next_run'  => $tasks->nextRunDate(),
-                'prev_run'  => $tasks->previousRunDate()
-            ]];
-        }
-
-        if (! count($tasks))
-        {
-            return CLI::found('No tasks found.', 'red');
-        }
-
-        $suspended = Settings::get('suspended_tasks', 'cron');
-
-        if (empty($suspended))
-        {
-            $suspended = [];
-        }
-        /*
+	protected $descriptions = [
+		'show'  => ['show [all/<task>]', 'Lists the names one or more tasks, with run times.'],
+		'run'   => ['run [<task>]', 'Runs all scheduled tasks. If <task> is present only runs that task.'],
+		'disable'   => ['disable', 'Disables the cron system and will not run any tasks.'],
+		'enable'    => ['enable', 'Enables the cron system and will run tasks again.'],
+		'suspend'   => ['suspend <task>', 'Stops a single task from running until resumed.'],
+		'resume'    => ['resume <task>', 'Resumes execution of a single suspended task.']
+	];
+
+	protected $long_descriptions = [
+		'show'  => '',
+		'run'   => '',
+		'disable'   => '',
+		'enable'    => '',
+		'suspend'   => '',
+		'resume'    => ''
+	];
+
+	//--------------------------------------------------------------------
+
+	public function __construct()
+	{
+		parent::__construct();
+
+		// Load our tasks into the sytem.
+		require APPPATH .'config/cron.php';
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Runs all of the tasks (after checking their time, of course...)
+	 *
+	 * @param string $alias
+	 * @return mixed
+	 */
+	public function run($alias=null)
+	{
+		// Has the system been disabled?
+		if (Settings::get('is_disabled', 'cron') == 'y')
+		{
+			return CLI::error('The cron system has been disabled. No tasks were run.');
+		}
+
+		$force_run = false;
+
+		// Run one task or all?
+		if (! empty($alias))
+		{
+			$tasks = \Myth\Cron\CronManager::task($alias);
+
+			if (is_null($tasks))
+			{
+				return CLI::error("Unable to find the task: '{$alias}'.");
+			}
+
+			$tasks = [ $alias => $tasks];
+			$force_run = true;
+		}
+		else
+		{
+			$tasks = \Myth\Cron\CronManager::tasks();
+		}
+
+		if (empty($tasks))
+		{
+			return CLI::write("There are no tasks to run at this time.");
+		}
+
+		// We need to be able to check against suspended tasks.
+		$suspended = Settings::get('suspended_tasks', 'cron');
+
+		if (! is_array($suspended))
+		{
+			$suspended = array($suspended);
+		}
+
+		// Loop over all of our tasks, checking them against the
+		// suspended tasks to see if they're okay to run.
+
+		// Collect the output of the actions so that we can make
+		// it available to the event (for sending emails and the like)
+		$output = '';
+
+		echo CLI::write('Starting Tasks...');
+
+		foreach ($tasks as $alias => $task)
+		{
+			if (in_array($alias, $suspended))
+			{
+				echo CLI::write("\t[Suspended] {$alias} will not run until resumed.", 'yellow');
+				$output .= "[Suspended] {$alias} will not run until resumed.";
+				continue;
+			}
+
+			echo CLI::write("\tRunning task: {$alias}...");
+			$output .= \Myth\Cron\CronManager::run($alias, $force_run);
+		}
+
+		// Give other people a chance to respond.
+		echo CLI::write('Done. Firing the event so others can play too...');
+
+		Events::trigger('afterCron', [$output]);
+
+		// And we're out of here boys and girls!
+		echo CLI::write('Done');
+	}
+
+	//--------------------------------------------------------------------
+
+
+	/**
+	 * Lists one or more tasks with their scheduled run times.
+	 *
+	 * @param null $task
+	 * @return mixed
+	 */
+	public function show($task=null)
+	{
+		if (empty($task))
+		{
+			return $this->listTaskNames();
+		}
+
+		if (trim(strtolower($task)) == 'all')
+		{
+			$tasks = \Myth\Cron\CronManager::listAll();
+		}
+		else
+		{
+			$tasks = \Myth\Cron\CronManager::task($task);
+		}
+
+		if (! is_array($tasks))
+		{
+			$tasks = [ $task => [
+				'next_run'  => $tasks->nextRunDate(),
+				'prev_run'  => $tasks->previousRunDate()
+			]];
+		}
+
+		if (! count($tasks))
+		{
+			return CLI::found('No tasks found.', 'red');
+		}
+
+		$suspended = Settings::get('suspended_tasks', 'cron');
+
+		if (empty($suspended))
+		{
+			$suspended = [];
+		}
+		/*
          * Headers
          */
-        echo CLI::write("Task\t\t\t\tNext Run\t\tPrevious Run");
-        echo CLI::write( str_repeat('-', 80) );
-
-        foreach ($tasks as $alias => $task)
-        {
-            // Suspended?
-            $color = 'yellow';
-            $extra = '';
-
-            if (in_array($alias, $suspended) )
-            {
-                $color = 'blue';
-                $extra = "\t[Suspended]";
-            }
-
-            // Alias can only be 24 chars long.
-            $alias = strlen($alias) >= 32 ? substr($alias, 0, 28) .'... ' : $alias . str_repeat(" ", 32 - strlen($alias));
-
-            $next = date('D Y-m-d H:i', $task['next_run']);
-            $prev = date('D Y-m-d H:i', $task['prev_run']);
-
-            echo CLI::write("{$alias}{$next}\t{$prev}{$extra}", $color);
-        }
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Stops a task from being executed during the normal cron runs.
-     *
-     * @param $alias
-     */
-    public function suspend($alias)
-    {
-        // Verify the task actually exists.
-        $task = \Myth\Cron\CronManager::task($alias);
-
-        if (is_null($task))
-        {
-            return CLI::error("Unable to find the task: {$alias}.");
-        }
-
-        // Update the existing setting.
-        $suspended = Settings::get('suspended_tasks', 'cron');
-
-        if (empty($suspended))
-        {
-            $suspended = [];
-        }
-
-        $suspended[] = $alias;
-
-        if (Settings::save('suspended_tasks', $suspended, 'cron') )
-        {
-            return CLI::write('Done');
-        }
-
-        echo CLI::error('Unkown problem saving the settings.');
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Allows the execution of a suspended task to continue again
-     * during normal cron execution.
-     *
-     * @param $alias
-     */
-    public function resume($alias)
-    {
-        // Verify the task actually exists.
-        $task = \Myth\Cron\CronManager::task($alias);
-
-        if (is_null($task))
-        {
-            return CLI::error("Unable to find the task: {$alias}.");
-        }
-
-        // Update the existing setting.
-        $suspended = Settings::get('suspended_tasks', 'cron');
-
-        if (! empty($suspended))
-        {
-            unset($suspended[ array_search($alias, $suspended) ]);
-
-            if (! Settings::save('suspended_tasks', $suspended, 'cron') )
-            {
-                return CLI::error('Unkown problem saving the settings.');
-            }
-        }
-
-        return CLI::write('Done');
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Disables the cron tasks and stops the system from running any tasks.
-     * To start the system allowing it to run again, use the `enable` command.
-     */
-    public function disable()
-    {
-        if (! Settings::save('is_disabled', 'y', 'cron'))
-        {
-            return CLI::error('Unknown problem saving the setting. '. CLI::color('Cron jobs will still run!', 'yellow'));
-        }
-
-        CLI::write('Done');
-    }
+		echo CLI::write("Task\t\t\t\tNext Run\t\tPrevious Run");
+		echo CLI::write( str_repeat('-', 80) );
+
+		foreach ($tasks as $alias => $task)
+		{
+			// Suspended?
+			$color = 'yellow';
+			$extra = '';
+
+			if (in_array($alias, $suspended) )
+			{
+				$color = 'blue';
+				$extra = "\t[Suspended]";
+			}
+
+			// Alias can only be 24 chars long.
+			$alias = strlen($alias) >= 32 ? substr($alias, 0, 28) .'... ' : $alias . str_repeat(" ", 32 - strlen($alias));
+
+			$next = date('D Y-m-d H:i', $task['next_run']);
+			$prev = date('D Y-m-d H:i', $task['prev_run']);
+
+			echo CLI::write("{$alias}{$next}\t{$prev}{$extra}", $color);
+		}
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Stops a task from being executed during the normal cron runs.
+	 *
+	 * @param $alias
+	 */
+	public function suspend($alias)
+	{
+		// Verify the task actually exists.
+		$task = \Myth\Cron\CronManager::task($alias);
+
+		if (is_null($task))
+		{
+			return CLI::error("Unable to find the task: {$alias}.");
+		}
+
+		// Update the existing setting.
+		$suspended = Settings::get('suspended_tasks', 'cron');
+
+		if (empty($suspended))
+		{
+			$suspended = [];
+		}
+
+		$suspended[] = $alias;
+
+		if (Settings::save('suspended_tasks', $suspended, 'cron') )
+		{
+			return CLI::write('Done');
+		}
+
+		echo CLI::error('Unkown problem saving the settings.');
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Allows the execution of a suspended task to continue again
+	 * during normal cron execution.
+	 *
+	 * @param $alias
+	 */
+	public function resume($alias)
+	{
+		// Verify the task actually exists.
+		$task = \Myth\Cron\CronManager::task($alias);
+
+		if (is_null($task))
+		{
+			return CLI::error("Unable to find the task: {$alias}.");
+		}
+
+		// Update the existing setting.
+		$suspended = Settings::get('suspended_tasks', 'cron');
+
+		if (! empty($suspended))
+		{
+			unset($suspended[ array_search($alias, $suspended) ]);
+
+			if (! Settings::save('suspended_tasks', $suspended, 'cron') )
+			{
+				return CLI::error('Unkown problem saving the settings.');
+			}
+		}
+
+		return CLI::write('Done');
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Disables the cron tasks and stops the system from running any tasks.
+	 * To start the system allowing it to run again, use the `enable` command.
+	 */
+	public function disable()
+	{
+		if (! Settings::save('is_disabled', 'y', 'cron'))
+		{
+			return CLI::error('Unknown problem saving the setting. '. CLI::color('Cron jobs will still run!', 'yellow'));
+		}
+
+		CLI::write('Done');
+	}
     
-    //--------------------------------------------------------------------
+	//--------------------------------------------------------------------
 
-    /**
-     * Resumes the running of tasks after the system has been disabled
-     * with the `disable` command.
-     */
-    public function enable()
-    {
-        if (! Settings::save('is_disabled', 'n', 'cron'))
-        {
-            return CLI::error('Unknown problem saving the setting. '. CLI::color('Cron jobs will NOT run!', 'yellow'));
-        }
+	/**
+	 * Resumes the running of tasks after the system has been disabled
+	 * with the `disable` command.
+	 */
+	public function enable()
+	{
+		if (! Settings::save('is_disabled', 'n', 'cron'))
+		{
+			return CLI::error('Unknown problem saving the setting. '. CLI::color('Cron jobs will NOT run!', 'yellow'));
+		}
 
-        CLI::write('Done');
-    }
+		CLI::write('Done');
+	}
 
-    //--------------------------------------------------------------------
+	//--------------------------------------------------------------------
 
 
-    //--------------------------------------------------------------------
-    // Private Methods
-    //--------------------------------------------------------------------
+	//--------------------------------------------------------------------
+	// Private Methods
+	//--------------------------------------------------------------------
 
-    /**
-     * Lists out all available tasks, names only.
-     */
-    private function listTaskNames()
-    {
-        $suspended = Settings::get('suspended_tasks', 'cron');
+	/**
+	 * Lists out all available tasks, names only.
+	 */
+	private function listTaskNames()
+	{
+		$suspended = Settings::get('suspended_tasks', 'cron');
 
-        if (empty($suspended))
-        {
-            $suspended = [];
-        }
+		if (empty($suspended))
+		{
+			$suspended = [];
+		}
 
-        $tasks = \Myth\Cron\CronManager::listAll();
+		$tasks = \Myth\Cron\CronManager::listAll();
 
-        echo CLI::write("\nAvailable Tasks:");
+		echo CLI::write("\nAvailable Tasks:");
 
-        foreach ($tasks as $alias => $task)
-        {
-            $color = 'yellow';
-            $extra = '';
+		foreach ($tasks as $alias => $task)
+		{
+			$color = 'yellow';
+			$extra = '';
 
-            if (in_array($alias, $suspended) )
-            {
-                $color = 'blue';
-                $extra = "[Suspended]";
-            }
+			if (in_array($alias, $suspended) )
+			{
+				$color = 'blue';
+				$extra = "[Suspended]";
+			}
 
-            echo CLI::write("\t{$extra} {$alias}", $color);
-        }
-    }
+			echo CLI::write("\t{$extra} {$alias}", $color);
+		}
+	}
 
-    //--------------------------------------------------------------------
+	//--------------------------------------------------------------------
 
 }

myth/CIModules/database/controllers/Database.php

Indentation +224 added lines, -224 removed lines

@@ -35,207 +35,207 @@ 
 class Database extends \Myth\Controllers\CLIController
 {
 
-    protected $descriptions = [
-        'migrate'       => ['migrate [$to]',        'Runs the migrations up or down until schema at version \$to'],
-        'quietMigrate'  => ['quiteMigrate [$to]',   'Same as migrate but without any feedback.'],
-        'refresh'       => ['refresh',              'Runs migrations back to version 0 (uninstall) and then back to the most recent migration.'],
-        'newMigration'  => ['newMigration [$name]', 'Creates a new migration file.'],
-        'seed'          => ['seed [$name]',         'Runs the named database seeder.']
-    ];
-
-    protected $long_descriptions = [
-        'migrate'       => '',
-        'quietMigrate'  => '',
-        'refresh'       => '',
-        'newMigration'  => '',
-        'seed'          => ''
-    ];
-
-    //-------------------------------------------------------------------
-
-    //--------------------------------------------------------------------
-    // Migration Methods
-    //--------------------------------------------------------------------
-
-    /**
-     * Provides a command-line interface to the migration scripts.
-     * If no $to is provided, will migrate to the latest version.
-     *
-     * Example:
-     *      > php index.php database migrate
-     *
-     * @param string $type 'app', 'myth', 'all' or {module_name}
-     * @param null $to
-     * @param bool $silent If TRUE, will NOT display any prompts for verification.
-     * @return bool|void
-     */
-    public function migrate($type=null, $to = null, $silent = false)
-    {
-        $this->load->library('migration');
-
-        if (empty($type))
-        {
-            $type = CLI::prompt("Migration group to refresh?", $this->migration->default_migration_path());
-
-            if (empty($type))
-            {
-                return $silent ? false : CLI::error("\tYou must supply a group to refresh.");
-            }
-        }
-
-        // We need to append 'mod:' to properly handle modules, if
-        // the $type is not one of the recognized migration groups.
-        $this->config->load('migration');
-        $groups = config_item('migration_paths');
-        $groups = array_keys($groups);
-
-        // If it's not in the groups list, then assume it's a module.
-        if (! in_array($type, $groups))
-        {
-            if (strpos($type, 'mod:') !== 0)
-            {
-                $type = 'mod:'. $type;
-            }
-        }
-
-        unset($groups);
-
-        // Get our stats on the migrations
-        $latest = $this->migration->get_latest($type);
-        $latest = empty($latest) ? 0 : substr($latest, 0, strpos($latest, '_'));
-
-        if (empty($latest)) {
-            return CLI::write("\tNo migrations found.", 'yellow');
-        }
-
-        $current = $this->migration->get_version($type);
-
-        // Already at the desired version?
-        if ((! is_null($to) && $current == $to) OR (is_null($to) && $current == $latest))
-        {
-            return $silent ? true : CLI::write("\tDatabase is already at the desired version ({$current})", 'yellow');
-        }
-
-        $target = is_null($to) ? $latest : $to;
-
-        // Just to be safe, verify with the user they want to migrate
-        // to the latest version.
-        if (is_null($to)) {
-            // If we're in silent mode, don't prompt, just go to the latest...
-            if (! $silent) {
-                $go_ahead = CLI::prompt('Migrate to the latest available version?', array('y', 'n'));
-
-                if ($go_ahead == 'n') {
-                    return CLI::write('Bailing...', 'yellow');
-                }
-            }
-
-            if (! $this->migration->latest($type)) {
-                return CLI::error("\n\tERROR: " . $this->migration->error_string() . "\n");
-            }
-        } else {
-            if ($this->migration->version($type, $to) === false) {
-                return CLI::error("\n\tERROR: " . $this->migration->error_string() . "\n");
-            }
-        }
-
-        return $silent ? true :
-            CLI::write("\n\tSuccessfully migrated database from version {$current} to {$target}.\n", 'green');
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Performs a migration that does not prompt for any information.
-     * Suitable for use within automated scripts that can't be
-     * bothered with answering questions.
-     *
-     * @param string $type 'app', 'myth', 'all' or {module_name}
-     * @param null $to
-     * @return bool|void
-     */
-    public function quietMigrate($type='app', $to = null)
-    {
-        return $this->migrate($type, $to, true);
-    }
-
-    //--------------------------------------------------------------------
-
-
-    /**
-     * Migrates the database back to 0, then back up to the latest version.
-     *
-     * @param string $type  The group or module to refresh.
-     * @return mixed
-     */
-    public function refresh($type=null)
-    {
-        $this->load->library('migration');
-
-        if (empty($type))
-        {
-            $type = CLI::prompt("Migration group to refresh?", $this->migration->default_migration_path());
-
-            if (empty($type))
-            {
-                return CLI::error("\tYou must supply a group to refresh.");
-            }
-        }
-
-        if ($this->migration->version($type, 0) === false) {
-            return CLI::error("\tERROR: " . $this->migration->error_string());
-        }
-
-        CLI::write(CLI::color("\tCleared the database.", 'green'));
-
-        if ($this->migration->latest($type) === false) {
-            return CLI::error("\tERROR: " . $this->migration->error_string());
-        }
-
-        CLI::write("\tRe-installed the database to the latest migration.", 'green');
-    }
-
-    //--------------------------------------------------------------------
-
-    /**
-     * Creates a new migration file ready to be used.
-     *
-     * @param $name
-     */
-    public function newMigration($name = null, $type = 'app')
-    {
-        if (empty($name)) {
-            $name = CLI::prompt('Migration name? ');
-
-            if (empty($name)) {
-                return CLI::error("\tYou must provide a migration name.", 'red');
-            }
-        }
-
-        $this->load->library('migration');
-
-        $path = $this->migration->determine_migration_path($type);
-
-        // Does the alias path exist in our config?
-        if (! $path) {
-            return CLI::error("\tThe migration path for '{$type}' does not exist.'");
-        }
-
-        // Does the path really exist?
-        if (! is_dir($path)) {
-            return CLI::error("\tThe path for '{$type}' is not a directory.");
-        }
-
-        // Is the folder writeable?
-        if (! is_writeable($path)) {
-            return CLI::error("\tThe folder for '{$type}' migrations is not writeable.");
-        }
-
-        $file = $this->migration->make_name($name);
-
-        $path = rtrim($path, '/') .'/'. $file;
-
-        $contents = <<<EOT
+	protected $descriptions = [
+		'migrate'       => ['migrate [$to]',        'Runs the migrations up or down until schema at version \$to'],
+		'quietMigrate'  => ['quiteMigrate [$to]',   'Same as migrate but without any feedback.'],
+		'refresh'       => ['refresh',              'Runs migrations back to version 0 (uninstall) and then back to the most recent migration.'],
+		'newMigration'  => ['newMigration [$name]', 'Creates a new migration file.'],
+		'seed'          => ['seed [$name]',         'Runs the named database seeder.']
+	];
+
+	protected $long_descriptions = [
+		'migrate'       => '',
+		'quietMigrate'  => '',
+		'refresh'       => '',
+		'newMigration'  => '',
+		'seed'          => ''
+	];
+
+	//-------------------------------------------------------------------
+
+	//--------------------------------------------------------------------
+	// Migration Methods
+	//--------------------------------------------------------------------
+
+	/**
+	 * Provides a command-line interface to the migration scripts.
+	 * If no $to is provided, will migrate to the latest version.
+	 *
+	 * Example:
+	 *      > php index.php database migrate
+	 *
+	 * @param string $type 'app', 'myth', 'all' or {module_name}
+	 * @param null $to
+	 * @param bool $silent If TRUE, will NOT display any prompts for verification.
+	 * @return bool|void
+	 */
+	public function migrate($type=null, $to = null, $silent = false)
+	{
+		$this->load->library('migration');
+
+		if (empty($type))
+		{
+			$type = CLI::prompt("Migration group to refresh?", $this->migration->default_migration_path());
+
+			if (empty($type))
+			{
+				return $silent ? false : CLI::error("\tYou must supply a group to refresh.");
+			}
+		}
+
+		// We need to append 'mod:' to properly handle modules, if
+		// the $type is not one of the recognized migration groups.
+		$this->config->load('migration');
+		$groups = config_item('migration_paths');
+		$groups = array_keys($groups);
+
+		// If it's not in the groups list, then assume it's a module.
+		if (! in_array($type, $groups))
+		{
+			if (strpos($type, 'mod:') !== 0)
+			{
+				$type = 'mod:'. $type;
+			}
+		}
+
+		unset($groups);
+
+		// Get our stats on the migrations
+		$latest = $this->migration->get_latest($type);
+		$latest = empty($latest) ? 0 : substr($latest, 0, strpos($latest, '_'));
+
+		if (empty($latest)) {
+			return CLI::write("\tNo migrations found.", 'yellow');
+		}
+
+		$current = $this->migration->get_version($type);
+
+		// Already at the desired version?
+		if ((! is_null($to) && $current == $to) OR (is_null($to) && $current == $latest))
+		{
+			return $silent ? true : CLI::write("\tDatabase is already at the desired version ({$current})", 'yellow');
+		}
+
+		$target = is_null($to) ? $latest : $to;
+
+		// Just to be safe, verify with the user they want to migrate
+		// to the latest version.
+		if (is_null($to)) {
+			// If we're in silent mode, don't prompt, just go to the latest...
+			if (! $silent) {
+				$go_ahead = CLI::prompt('Migrate to the latest available version?', array('y', 'n'));
+
+				if ($go_ahead == 'n') {
+					return CLI::write('Bailing...', 'yellow');
+				}
+			}
+
+			if (! $this->migration->latest($type)) {
+				return CLI::error("\n\tERROR: " . $this->migration->error_string() . "\n");
+			}
+		} else {
+			if ($this->migration->version($type, $to) === false) {
+				return CLI::error("\n\tERROR: " . $this->migration->error_string() . "\n");
+			}
+		}
+
+		return $silent ? true :
+			CLI::write("\n\tSuccessfully migrated database from version {$current} to {$target}.\n", 'green');
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Performs a migration that does not prompt for any information.
+	 * Suitable for use within automated scripts that can't be
+	 * bothered with answering questions.
+	 *
+	 * @param string $type 'app', 'myth', 'all' or {module_name}
+	 * @param null $to
+	 * @return bool|void
+	 */
+	public function quietMigrate($type='app', $to = null)
+	{
+		return $this->migrate($type, $to, true);
+	}
+
+	//--------------------------------------------------------------------
+
+
+	/**
+	 * Migrates the database back to 0, then back up to the latest version.
+	 *
+	 * @param string $type  The group or module to refresh.
+	 * @return mixed
+	 */
+	public function refresh($type=null)
+	{
+		$this->load->library('migration');
+
+		if (empty($type))
+		{
+			$type = CLI::prompt("Migration group to refresh?", $this->migration->default_migration_path());
+
+			if (empty($type))
+			{
+				return CLI::error("\tYou must supply a group to refresh.");
+			}
+		}
+
+		if ($this->migration->version($type, 0) === false) {
+			return CLI::error("\tERROR: " . $this->migration->error_string());
+		}
+
+		CLI::write(CLI::color("\tCleared the database.", 'green'));
+
+		if ($this->migration->latest($type) === false) {
+			return CLI::error("\tERROR: " . $this->migration->error_string());
+		}
+
+		CLI::write("\tRe-installed the database to the latest migration.", 'green');
+	}
+
+	//--------------------------------------------------------------------
+
+	/**
+	 * Creates a new migration file ready to be used.
+	 *
+	 * @param $name
+	 */
+	public function newMigration($name = null, $type = 'app')
+	{
+		if (empty($name)) {
+			$name = CLI::prompt('Migration name? ');
+
+			if (empty($name)) {
+				return CLI::error("\tYou must provide a migration name.", 'red');
+			}
+		}
+
+		$this->load->library('migration');
+
+		$path = $this->migration->determine_migration_path($type);
+
+		// Does the alias path exist in our config?
+		if (! $path) {
+			return CLI::error("\tThe migration path for '{$type}' does not exist.'");
+		}
+
+		// Does the path really exist?
+		if (! is_dir($path)) {
+			return CLI::error("\tThe path for '{$type}' is not a directory.");
+		}
+
+		// Is the folder writeable?
+		if (! is_writeable($path)) {
+			return CLI::error("\tThe folder for '{$type}' migrations is not writeable.");
+		}
+
+		$file = $this->migration->make_name($name);
+
+		$path = rtrim($path, '/') .'/'. $file;
+
+		$contents = <<<EOT
 <?php
 
 /**
@@ -262,36 +262,36 @@ 
 
 }
 EOT;
-        $contents = str_replace('{name}', $name, $contents);
-        $contents = str_replace('{date}', date('Y-m-d H:i:s a'), $contents);
-        $contents = str_replace('{clean_name}', ucwords(str_replace('_', ' ', $name)), $contents);
+		$contents = str_replace('{name}', $name, $contents);
+		$contents = str_replace('{date}', date('Y-m-d H:i:s a'), $contents);
+		$contents = str_replace('{clean_name}', ucwords(str_replace('_', ' ', $name)), $contents);
 
-        $this->load->helper('file');
+		$this->load->helper('file');
 
-        if (write_file($path, $contents)) {
-            return CLI::write("\tNew migration created: " . CLI::color($file, 'yellow'), 'green');
-        }
+		if (write_file($path, $contents)) {
+			return CLI::write("\tNew migration created: " . CLI::color($file, 'yellow'), 'green');
+		}
 
-        return CLI::error("\tUnkown error trying to create migration: {$file}", 'red');
-    }
+		return CLI::error("\tUnkown error trying to create migration: {$file}", 'red');
+	}
 
-    //--------------------------------------------------------------------
+	//--------------------------------------------------------------------
 
-    //--------------------------------------------------------------------
-    // Seeding Methods
-    //--------------------------------------------------------------------
+	//--------------------------------------------------------------------
+	// Seeding Methods
+	//--------------------------------------------------------------------
 
-    /**
-     * Installs any database seeds stored in database/seeds. Seeds just need to
-     * extend the Seeder class and have a method named run.
-     */
-    public function seed($name = null)
-    {
-        $this->load->library('seeder');
+	/**
+	 * Installs any database seeds stored in database/seeds. Seeds just need to
+	 * extend the Seeder class and have a method named run.
+	 */
+	public function seed($name = null)
+	{
+		$this->load->library('seeder');
 
-        $this->seeder->call($name);
-    }
+		$this->seeder->call($name);
+	}
 
-    //--------------------------------------------------------------------
+	//--------------------------------------------------------------------
 
 }

myth/CIModules/database/libraries/Seeder.php

Indentation +63 added lines, -63 removed lines

@@ -39,92 +39,92 @@
  */
 class Seeder {
 
-    public $error_string    = '';
+	public $error_string    = '';
 
-    protected $ci;
+	protected $ci;
 
-    protected $is_cli = false;
+	protected $is_cli = false;
 
-    protected $db;
-    protected $dbforge;
+	protected $db;
+	protected $dbforge;
 
-    //--------------------------------------------------------------------
+	//--------------------------------------------------------------------
 
-    public function __construct ()
-    {
-        $this->ci =& get_instance();
+	public function __construct ()
+	{
+		$this->ci =& get_instance();
 
-        $this->is_cli = $this->ci->input->is_cli_request();
+		$this->is_cli = $this->ci->input->is_cli_request();
 
-        if ($this->is_cli)
-        {
-            $cli = new CLI();
-            $cli::_init();
-        }
+		if ($this->is_cli)
+		{
+			$cli = new CLI();
+			$cli::_init();
+		}
 
-        $this->ci->load->dbforge();
+		$this->ci->load->dbforge();
 
-        // Setup some convenience vars.
-        $this->db       =& $this->ci->db;
-        $this->dbforge  =& $this->ci->dbforge;
-    }
+		// Setup some convenience vars.
+		$this->db       =& $this->ci->db;
+		$this->dbforge  =& $this->ci->dbforge;
+	}
 
-    //--------------------------------------------------------------------
+	//--------------------------------------------------------------------
 
 
-    /**
-     * Run the database seeds. It's where the magic happens.
-     * This method MUST be overridden by child classes.
-     */
-    public function run ()
-    {
+	/**
+	 * Run the database seeds. It's where the magic happens.
+	 * This method MUST be overridden by child classes.
+	 */
+	public function run ()
+	{
 
-    }
+	}
 
-    //--------------------------------------------------------------------
+	//--------------------------------------------------------------------
 
-    /**
-     * Loads the class file and calls the run() method
-     * on the class.
-     *
-     * @param $class
-     */
-    public function call ($class)
-    {
-        if (empty($class))
-        {
-            // Ask the user...
-            $class = trim( CLI::prompt("Seeder name") );
+	/**
+	 * Loads the class file and calls the run() method
+	 * on the class.
+	 *
+	 * @param $class
+	 */
+	public function call ($class)
+	{
+		if (empty($class))
+		{
+			// Ask the user...
+			$class = trim( CLI::prompt("Seeder name") );
 
-            if (empty($class)) {
-                return CLI::error("\tNo Seeder was specified.");
-            }
-        }
+			if (empty($class)) {
+				return CLI::error("\tNo Seeder was specified.");
+			}
+		}
 
-        $path = APPPATH .'database/seeds/'. str_replace('.php', '', $class) .'.php';
+		$path = APPPATH .'database/seeds/'. str_replace('.php', '', $class) .'.php';
 
-        if ( ! is_file($path))
-        {
-            return CLI::error("\tUnable to find seed class: ". $class);
-        }
+		if ( ! is_file($path))
+		{
+			return CLI::error("\tUnable to find seed class: ". $class);
+		}
 
-        try {
-            require $path;
+		try {
+			require $path;
 
-            $seeder = new $class();
+			$seeder = new $class();
 
-            $seeder->run();
+			$seeder->run();
 
-            unset($seeder);
-        }
-        catch (\Exception $e)
-        {
-            show_error($e->getMessage(), $e->getCode());
-        }
+			unset($seeder);
+		}
+		catch (\Exception $e)
+		{
+			show_error($e->getMessage(), $e->getCode());
+		}
 
-        return Cli::write("\tSeeded: $class", 'green');
-    }
+		return Cli::write("\tSeeded: $class", 'green');
+	}
 
-    //--------------------------------------------------------------------
+	//--------------------------------------------------------------------
 
 }

myth/CIModules/docs/config/docs.php

Indentation +2 added lines, -2 removed lines

@@ -57,8 +57,8 @@
 | if realpath cannot find/read the folder.
 */
 $config['docs.folders'] = [
-    'application'   => APPPATH .'docs',
-    'developer'     => APPPATH .'../myth/_docs_src'
+	'application'   => APPPATH .'docs',
+	'developer'     => APPPATH .'../myth/_docs_src'
 ];
 
 /*