ElkArte\UserSettings

Complexity

Total Complexity

15

Size/Duplication

Total Lines	145
Duplicated Lines	0 %

Test Coverage

Coverage

7.89%

Importance

Changes	3
Bugs	0	Features	0

8 Methods

Rating	Name	Duplication	Size	Complexity
A	updateLastLogin()	0	3	1
A	validatePassword()	0	11	2
A	updateTotalTimeLoggedIn()	0	3	1
A	rehashPassword()	0	21	3
A	getActivationStatus()	0	3	2
A	initHasher()	0	16	2
A	updatePassword()	0	6	1
A	fixSalt()	0	11	3

<?php

/**
 * @package   ElkArte Forum
 * @copyright ElkArte Forum contributors
 * @license   BSD http://opensource.org/licenses/BSD-3-Clause (see accompanying LICENSE.txt file)
 *
 * This file contains code covered by:
 * copyright:	2011 Simple Machines (http://www.simplemachines.org)
 *
 * @version 2.0 dev
 *
 */

namespace ElkArte;

/**
 * This class holds all the data belonging to a certain member.
 */
class UserSettings extends \ElkArte\ValuesContainerReadOnly
{
	/**
	 * The object used to create hashes
	 *
	 * @var \PasswordHash

The type PasswordHash was not found. Maybe you did not declare it correctly or list all dependencies?

	 */
	protected $hasher = null;

	/**
	 * Sets last_login to the current time
	 */
	public function updateLastLogin()
	{
		$this->data['last_login'] = time();
	}

	/**
	 * Changes the password to the provided one in $this->settings
	 * Doesn't actually change the database.
	 *
	 * @param string $password The hashed password
	 */
	public function updatePassword($password)
	{
		$this->data['passwd'] = $password;

		$tokenizer = new \ElkArte\TokenHash();
		$this->data['password_salt'] = $tokenizer->generate_hash(UserSettingsLoader::HASH_LENGTH);
	}

	/**
	 * Updates total_time_logged_in
	 *
	 * @param int $increment_offset
	 */
	public function updateTotalTimeLoggedIn($increment_offset)
	{
		$this->data['total_time_logged_in'] += time() - $increment_offset;
	}

	/**
	 * Fixes the password salt if not present or if it needs to be changed
	 *
	 * @param bool $force - If true the salt is changed no matter what
	 */
	public function fixSalt($force = false)
	{
		// Correct password, but they've got no salt; fix it!
		if ($this->data['password_salt'] === '' || $force === true)
		{
			$tokenizer = new \ElkArte\TokenHash();

			$this->data['password_salt'] = $tokenizer->generate_hash(UserSettingsLoader::HASH_LENGTH);
			return true;
		}
		return false;
	}

	/**
	 * Updates total_time_logged_in
	 *
	 * @param int $increment_offset
	 */
	public function getActivationStatus($strip_ban = true)

The parameter $strip_ban is not used and could be removed.

	{
		return $this->is_activated > UserSettingsLoader::BAN_OFFSET ? $this->is_activated - UserSettingsLoader::BAN_OFFSET : $this->is_activated;

The property is_activated does not exist on ElkArte\UserSettings. Since you implemented __get, consider adding a @property annotation.

	}

	/**
	 * Repeat the hashing of the password
	 *
	 * @param string $password The plain text (or sha256 hashed) password
	 * @return bool|null Returns false if something fails
	 */
	public function rehashPassword($password)
	{
		$this->initHasher();

		// If the password is not 64 characters, lets make it a (SHA-256)
		if (strlen($password) !== 64)
		{
			$password = hash('sha256', \ElkArte\Util::strtolower($this->member_name) . un_htmlspecialchars($password));

The property member_name does not exist on ElkArte\UserSettings. Since you implemented __get, consider adding a @property annotation.

		}

		$passhash = $this->hasher->HashPassword($password);

		// Something is not right, we can not generate a valid hash that's <20 characters
		if (strlen($passhash) < 20)
		{
			// @todo here we should throw an exception
			return false;
		}
		else
		{
			$this->settings->updatePassword($passhash);

The method updatePassword() does not exist on null.

The property settings does not exist on ElkArte\UserSettings. Since you implemented __get, consider adding a @property annotation.

		}
	}

	/**
	 * Initialize the password hashing object
	 */
	protected function initHasher()
	{
		if ($this->hasher === null)
		{
			// Our hashing controller
			require_once(EXTDIR . '/PasswordHash.php');

			// Base-2 logarithm of the iteration count used for password stretching, the
			// higher the number the more secure and CPU time consuming
			$hash_cost_log2 = 10;

			// Do we require the hashes to be portable to older systems (less secure)?
			$hash_portable = false;

			// Get an instance of the hasher
			$this->hasher = new \PasswordHash($hash_cost_log2, $hash_portable);
		}
	}

	/**
	 * Checks whether a password meets the current forum rules
	 *
	 * What it does:
	 *
	 * - called when registering/choosing a password.
	 * - checks the password obeys the current forum settings for password strength.
	 * - if password checking is enabled, will check that none of the words in restrict_in appear in the password.
	 * - returns an error identifier if the password is invalid.
	 *
	 * @param string $password
	 * @return bool true or false
	 */
	public function validatePassword($password)
	{
		$this->initHasher();

		// If the password is not 64 characters, lets make it a (SHA-256)
		if (strlen($password) !== 64)
		{
			$password = hash('sha256', \ElkArte\Util::strtolower($this->member_name) . un_htmlspecialchars($password));

The property member_name does not exist on ElkArte\UserSettings. Since you implemented __get, consider adding a @property annotation.

		}

		return (bool) $this->hasher->CheckPassword($password, $this->passwd);

The property passwd does not exist on ElkArte\UserSettings. Since you implemented __get, consider adding a @property annotation.

	}
}