mdaniels5757 /
waca
@@ -12,30 +12,30 @@ |
||
| 12 | 12 | |
| 13 | 13 | interface IBanHelper |
| 14 | 14 | { |
| 15 | - /** |
|
| 16 | - * Summary of nameIsBanned |
|
| 17 | - * |
|
| 18 | - * @param string $name The name to test if is banned. |
|
| 19 | - * |
|
| 20 | - * @return Ban |
|
| 21 | - */ |
|
| 22 | - public function nameIsBanned($name); |
|
| 15 | + /** |
|
| 16 | + * Summary of nameIsBanned |
|
| 17 | + * |
|
| 18 | + * @param string $name The name to test if is banned. |
|
| 19 | + * |
|
| 20 | + * @return Ban |
|
| 21 | + */ |
|
| 22 | + public function nameIsBanned($name); |
|
| 23 | 23 | |
| 24 | - /** |
|
| 25 | - * Summary of emailIsBanned |
|
| 26 | - * |
|
| 27 | - * @param string $email |
|
| 28 | - * |
|
| 29 | - * @return Ban |
|
| 30 | - */ |
|
| 31 | - public function emailIsBanned($email); |
|
| 24 | + /** |
|
| 25 | + * Summary of emailIsBanned |
|
| 26 | + * |
|
| 27 | + * @param string $email |
|
| 28 | + * |
|
| 29 | + * @return Ban |
|
| 30 | + */ |
|
| 31 | + public function emailIsBanned($email); |
|
| 32 | 32 | |
| 33 | - /** |
|
| 34 | - * Summary of ipIsBanned |
|
| 35 | - * |
|
| 36 | - * @param string $ip |
|
| 37 | - * |
|
| 38 | - * @return Ban |
|
| 39 | - */ |
|
| 40 | - public function ipIsBanned($ip); |
|
| 33 | + /** |
|
| 34 | + * Summary of ipIsBanned |
|
| 35 | + * |
|
| 36 | + * @param string $ip |
|
| 37 | + * |
|
| 38 | + * @return Ban |
|
| 39 | + */ |
|
| 40 | + public function ipIsBanned($ip); |
|
| 41 | 41 | } |
@@ -10,12 +10,12 @@ |
||
| 10 | 10 | |
| 11 | 11 | interface IBlacklistHelper |
| 12 | 12 | { |
| 13 | - /** |
|
| 14 | - * Returns a value indicating whether the provided username is blacklisted by the on-wiki title blacklist |
|
| 15 | - * |
|
| 16 | - * @param string $username |
|
| 17 | - * |
|
| 18 | - * @return bool |
|
| 19 | - */ |
|
| 20 | - public function isBlacklisted($username); |
|
| 13 | + /** |
|
| 14 | + * Returns a value indicating whether the provided username is blacklisted by the on-wiki title blacklist |
|
| 15 | + * |
|
| 16 | + * @param string $username |
|
| 17 | + * |
|
| 18 | + * @return bool |
|
| 19 | + */ |
|
| 20 | + public function isBlacklisted($username); |
|
| 21 | 21 | } |
| 22 | 22 | \ No newline at end of file |
@@ -13,87 +13,87 @@ |
||
| 13 | 13 | |
| 14 | 14 | class LogSearchHelper extends SearchHelperBase |
| 15 | 15 | { |
| 16 | - /** |
|
| 17 | - * LogSearchHelper constructor. |
|
| 18 | - * |
|
| 19 | - * @param PdoDatabase $database |
|
| 20 | - */ |
|
| 21 | - protected function __construct(PdoDatabase $database) |
|
| 22 | - { |
|
| 23 | - parent::__construct($database, 'log', Log::class, 'timestamp DESC'); |
|
| 24 | - } |
|
| 16 | + /** |
|
| 17 | + * LogSearchHelper constructor. |
|
| 18 | + * |
|
| 19 | + * @param PdoDatabase $database |
|
| 20 | + */ |
|
| 21 | + protected function __construct(PdoDatabase $database) |
|
| 22 | + { |
|
| 23 | + parent::__construct($database, 'log', Log::class, 'timestamp DESC'); |
|
| 24 | + } |
|
| 25 | 25 | |
| 26 | - /** |
|
| 27 | - * Initiates a search for requests |
|
| 28 | - * |
|
| 29 | - * @param PdoDatabase $database |
|
| 30 | - * |
|
| 31 | - * @return LogSearchHelper |
|
| 32 | - */ |
|
| 33 | - public static function get(PdoDatabase $database) |
|
| 34 | - { |
|
| 35 | - $helper = new LogSearchHelper($database); |
|
| 26 | + /** |
|
| 27 | + * Initiates a search for requests |
|
| 28 | + * |
|
| 29 | + * @param PdoDatabase $database |
|
| 30 | + * |
|
| 31 | + * @return LogSearchHelper |
|
| 32 | + */ |
|
| 33 | + public static function get(PdoDatabase $database) |
|
| 34 | + { |
|
| 35 | + $helper = new LogSearchHelper($database); |
|
| 36 | 36 | |
| 37 | - return $helper; |
|
| 38 | - } |
|
| 37 | + return $helper; |
|
| 38 | + } |
|
| 39 | 39 | |
| 40 | - /** |
|
| 41 | - * Filters the results by user |
|
| 42 | - * |
|
| 43 | - * @param int $userId |
|
| 44 | - * |
|
| 45 | - * @return $this |
|
| 46 | - */ |
|
| 47 | - public function byUser($userId) |
|
| 48 | - { |
|
| 49 | - $this->whereClause .= ' AND user = ?'; |
|
| 50 | - $this->parameterList[] = $userId; |
|
| 40 | + /** |
|
| 41 | + * Filters the results by user |
|
| 42 | + * |
|
| 43 | + * @param int $userId |
|
| 44 | + * |
|
| 45 | + * @return $this |
|
| 46 | + */ |
|
| 47 | + public function byUser($userId) |
|
| 48 | + { |
|
| 49 | + $this->whereClause .= ' AND user = ?'; |
|
| 50 | + $this->parameterList[] = $userId; |
|
| 51 | 51 | |
| 52 | - return $this; |
|
| 53 | - } |
|
| 52 | + return $this; |
|
| 53 | + } |
|
| 54 | 54 | |
| 55 | - /** |
|
| 56 | - * Filters the results by log action |
|
| 57 | - * |
|
| 58 | - * @param string $action |
|
| 59 | - * |
|
| 60 | - * @return $this |
|
| 61 | - */ |
|
| 62 | - public function byAction($action) |
|
| 63 | - { |
|
| 64 | - $this->whereClause .= ' AND action = ?'; |
|
| 65 | - $this->parameterList[] = $action; |
|
| 55 | + /** |
|
| 56 | + * Filters the results by log action |
|
| 57 | + * |
|
| 58 | + * @param string $action |
|
| 59 | + * |
|
| 60 | + * @return $this |
|
| 61 | + */ |
|
| 62 | + public function byAction($action) |
|
| 63 | + { |
|
| 64 | + $this->whereClause .= ' AND action = ?'; |
|
| 65 | + $this->parameterList[] = $action; |
|
| 66 | 66 | |
| 67 | - return $this; |
|
| 68 | - } |
|
| 67 | + return $this; |
|
| 68 | + } |
|
| 69 | 69 | |
| 70 | - /** |
|
| 71 | - * Filters the results by object type |
|
| 72 | - * |
|
| 73 | - * @param string $objectType |
|
| 74 | - * |
|
| 75 | - * @return $this |
|
| 76 | - */ |
|
| 77 | - public function byObjectType($objectType) |
|
| 78 | - { |
|
| 79 | - $this->whereClause .= ' AND objecttype = ?'; |
|
| 80 | - $this->parameterList[] = $objectType; |
|
| 70 | + /** |
|
| 71 | + * Filters the results by object type |
|
| 72 | + * |
|
| 73 | + * @param string $objectType |
|
| 74 | + * |
|
| 75 | + * @return $this |
|
| 76 | + */ |
|
| 77 | + public function byObjectType($objectType) |
|
| 78 | + { |
|
| 79 | + $this->whereClause .= ' AND objecttype = ?'; |
|
| 80 | + $this->parameterList[] = $objectType; |
|
| 81 | 81 | |
| 82 | - return $this; |
|
| 83 | - } |
|
| 82 | + return $this; |
|
| 83 | + } |
|
| 84 | 84 | |
| 85 | - /** |
|
| 86 | - * Filters the results by object type |
|
| 87 | - * |
|
| 88 | - * @param integer $objectId |
|
| 89 | - * |
|
| 90 | - * @return $this |
|
| 91 | - */ |
|
| 92 | - public function byObjectId($objectId) |
|
| 93 | - { |
|
| 94 | - $this->whereClause .= ' AND objectid = ?'; |
|
| 95 | - $this->parameterList[] = $objectId; |
|
| 85 | + /** |
|
| 86 | + * Filters the results by object type |
|
| 87 | + * |
|
| 88 | + * @param integer $objectId |
|
| 89 | + * |
|
| 90 | + * @return $this |
|
| 91 | + */ |
|
| 92 | + public function byObjectId($objectId) |
|
| 93 | + { |
|
| 94 | + $this->whereClause .= ' AND objectid = ?'; |
|
| 95 | + $this->parameterList[] = $objectId; |
|
| 96 | 96 | |
| 97 | - return $this; |
|
| 98 | - } |
|
| 97 | + return $this; |
|
| 98 | + } |
|
| 99 | 99 | } |
| 100 | 100 | \ No newline at end of file |
@@ -12,52 +12,52 @@ |
||
| 12 | 12 | |
| 13 | 13 | class WikiTextHelper |
| 14 | 14 | { |
| 15 | - /** |
|
| 16 | - * @var SiteConfiguration |
|
| 17 | - */ |
|
| 18 | - private $configuration; |
|
| 19 | - /** |
|
| 20 | - * @var HttpHelper |
|
| 21 | - */ |
|
| 22 | - private $http; |
|
| 23 | - |
|
| 24 | - /** |
|
| 25 | - * WikiTextHelper constructor. |
|
| 26 | - * |
|
| 27 | - * @param SiteConfiguration $configuration |
|
| 28 | - * @param HttpHelper $http |
|
| 29 | - */ |
|
| 30 | - public function __construct(SiteConfiguration $configuration, HttpHelper $http) |
|
| 31 | - { |
|
| 32 | - $this->configuration = $configuration; |
|
| 33 | - $this->http = $http; |
|
| 34 | - } |
|
| 35 | - |
|
| 36 | - /** |
|
| 37 | - * Gets the HTML for the provided wiki-markup from the MediaWiki service endpoint |
|
| 38 | - * |
|
| 39 | - * @param string $wikiText |
|
| 40 | - * |
|
| 41 | - * @return string |
|
| 42 | - */ |
|
| 43 | - public function getHtmlForWikiText($wikiText) |
|
| 44 | - { |
|
| 45 | - $endpoint = $this->configuration->getMediawikiWebServiceEndpoint(); |
|
| 46 | - |
|
| 47 | - $parameters = array( |
|
| 48 | - 'action' => 'parse', |
|
| 49 | - 'pst' => true, |
|
| 50 | - 'contentmodel' => 'wikitext', |
|
| 51 | - 'disablelimitreport' => true, |
|
| 52 | - 'disabletoc' => true, |
|
| 53 | - 'disableeditsection' => true, |
|
| 54 | - 'format' => 'php', |
|
| 55 | - 'text' => $wikiText, |
|
| 56 | - ); |
|
| 57 | - |
|
| 58 | - $apiResult = $this->http->get($endpoint, $parameters); |
|
| 59 | - $parseResult = unserialize($apiResult); |
|
| 60 | - |
|
| 61 | - return $parseResult['parse']['text']['*']; |
|
| 62 | - } |
|
| 15 | + /** |
|
| 16 | + * @var SiteConfiguration |
|
| 17 | + */ |
|
| 18 | + private $configuration; |
|
| 19 | + /** |
|
| 20 | + * @var HttpHelper |
|
| 21 | + */ |
|
| 22 | + private $http; |
|
| 23 | + |
|
| 24 | + /** |
|
| 25 | + * WikiTextHelper constructor. |
|
| 26 | + * |
|
| 27 | + * @param SiteConfiguration $configuration |
|
| 28 | + * @param HttpHelper $http |
|
| 29 | + */ |
|
| 30 | + public function __construct(SiteConfiguration $configuration, HttpHelper $http) |
|
| 31 | + { |
|
| 32 | + $this->configuration = $configuration; |
|
| 33 | + $this->http = $http; |
|
| 34 | + } |
|
| 35 | + |
|
| 36 | + /** |
|
| 37 | + * Gets the HTML for the provided wiki-markup from the MediaWiki service endpoint |
|
| 38 | + * |
|
| 39 | + * @param string $wikiText |
|
| 40 | + * |
|
| 41 | + * @return string |
|
| 42 | + */ |
|
| 43 | + public function getHtmlForWikiText($wikiText) |
|
| 44 | + { |
|
| 45 | + $endpoint = $this->configuration->getMediawikiWebServiceEndpoint(); |
|
| 46 | + |
|
| 47 | + $parameters = array( |
|
| 48 | + 'action' => 'parse', |
|
| 49 | + 'pst' => true, |
|
| 50 | + 'contentmodel' => 'wikitext', |
|
| 51 | + 'disablelimitreport' => true, |
|
| 52 | + 'disabletoc' => true, |
|
| 53 | + 'disableeditsection' => true, |
|
| 54 | + 'format' => 'php', |
|
| 55 | + 'text' => $wikiText, |
|
| 56 | + ); |
|
| 57 | + |
|
| 58 | + $apiResult = $this->http->get($endpoint, $parameters); |
|
| 59 | + $parseResult = unserialize($apiResult); |
|
| 60 | + |
|
| 61 | + return $parseResult['parse']['text']['*']; |
|
| 62 | + } |
|
| 63 | 63 | } |
| 64 | 64 | \ No newline at end of file |
@@ -12,21 +12,21 @@ |
||
| 12 | 12 | |
| 13 | 13 | class EmailHelper implements IEmailHelper |
| 14 | 14 | { |
| 15 | - /** |
|
| 16 | - * @param string $to |
|
| 17 | - * @param string $subject |
|
| 18 | - * @param string $content |
|
| 19 | - * @param array $headers Extra headers to include |
|
| 20 | - */ |
|
| 21 | - public function sendMail($to, $subject, $content, $headers = array()) |
|
| 22 | - { |
|
| 23 | - $headers['From'] = '[email protected]'; |
|
| 24 | - $headerString = ''; |
|
| 15 | + /** |
|
| 16 | + * @param string $to |
|
| 17 | + * @param string $subject |
|
| 18 | + * @param string $content |
|
| 19 | + * @param array $headers Extra headers to include |
|
| 20 | + */ |
|
| 21 | + public function sendMail($to, $subject, $content, $headers = array()) |
|
| 22 | + { |
|
| 23 | + $headers['From'] = '[email protected]'; |
|
| 24 | + $headerString = ''; |
|
| 25 | 25 | |
| 26 | - foreach ($headers as $header => $headerValue) { |
|
| 27 | - $headerString .= $header . ': ' . $headerValue . "\r\n"; |
|
| 28 | - } |
|
| 26 | + foreach ($headers as $header => $headerValue) { |
|
| 27 | + $headerString .= $header . ': ' . $headerValue . "\r\n"; |
|
| 28 | + } |
|
| 29 | 29 | |
| 30 | - mail($to, $subject, $content, $headerString); |
|
| 31 | - } |
|
| 30 | + mail($to, $subject, $content, $headerString); |
|
| 31 | + } |
|
| 32 | 32 | } |
| 33 | 33 | \ No newline at end of file |
@@ -13,21 +13,21 @@ |
||
| 13 | 13 | */ |
| 14 | 14 | class Environment |
| 15 | 15 | { |
| 16 | - /** |
|
| 17 | - * @var string Cached copy of the tool version |
|
| 18 | - */ |
|
| 19 | - private static $toolVersion = null; |
|
| 16 | + /** |
|
| 17 | + * @var string Cached copy of the tool version |
|
| 18 | + */ |
|
| 19 | + private static $toolVersion = null; |
|
| 20 | 20 | |
| 21 | - /** |
|
| 22 | - * Gets the tool version, using cached data if available. |
|
| 23 | - * @return string |
|
| 24 | - */ |
|
| 25 | - public static function getToolVersion() |
|
| 26 | - { |
|
| 27 | - if (self::$toolVersion === null) { |
|
| 28 | - self::$toolVersion = exec("git describe --always --dirty"); |
|
| 29 | - } |
|
| 21 | + /** |
|
| 22 | + * Gets the tool version, using cached data if available. |
|
| 23 | + * @return string |
|
| 24 | + */ |
|
| 25 | + public static function getToolVersion() |
|
| 26 | + { |
|
| 27 | + if (self::$toolVersion === null) { |
|
| 28 | + self::$toolVersion = exec("git describe --always --dirty"); |
|
| 29 | + } |
|
| 30 | 30 | |
| 31 | - return self::$toolVersion; |
|
| 32 | - } |
|
| 31 | + return self::$toolVersion; |
|
| 32 | + } |
|
| 33 | 33 | } |
@@ -12,80 +12,80 @@ |
||
| 12 | 12 | |
| 13 | 13 | class Token |
| 14 | 14 | { |
| 15 | - /** @var string */ |
|
| 16 | - private $tokenData; |
|
| 17 | - /** @var string */ |
|
| 18 | - private $context; |
|
| 19 | - /** @var DateTimeImmutable */ |
|
| 20 | - private $generationTimestamp; |
|
| 21 | - /** @var DateTimeImmutable */ |
|
| 22 | - private $usageTimestamp; |
|
| 23 | - /** @var bool */ |
|
| 24 | - private $used; |
|
| 15 | + /** @var string */ |
|
| 16 | + private $tokenData; |
|
| 17 | + /** @var string */ |
|
| 18 | + private $context; |
|
| 19 | + /** @var DateTimeImmutable */ |
|
| 20 | + private $generationTimestamp; |
|
| 21 | + /** @var DateTimeImmutable */ |
|
| 22 | + private $usageTimestamp; |
|
| 23 | + /** @var bool */ |
|
| 24 | + private $used; |
|
| 25 | 25 | |
| 26 | - /** |
|
| 27 | - * Token constructor. |
|
| 28 | - * |
|
| 29 | - * @param string $tokenData |
|
| 30 | - * @param string $context |
|
| 31 | - */ |
|
| 32 | - public function __construct($tokenData, $context) |
|
| 33 | - { |
|
| 34 | - $this->tokenData = $tokenData; |
|
| 35 | - $this->context = $context; |
|
| 36 | - $this->generationTimestamp = new DateTimeImmutable(); |
|
| 37 | - $this->usageTimestamp = null; |
|
| 38 | - $this->used = false; |
|
| 39 | - } |
|
| 26 | + /** |
|
| 27 | + * Token constructor. |
|
| 28 | + * |
|
| 29 | + * @param string $tokenData |
|
| 30 | + * @param string $context |
|
| 31 | + */ |
|
| 32 | + public function __construct($tokenData, $context) |
|
| 33 | + { |
|
| 34 | + $this->tokenData = $tokenData; |
|
| 35 | + $this->context = $context; |
|
| 36 | + $this->generationTimestamp = new DateTimeImmutable(); |
|
| 37 | + $this->usageTimestamp = null; |
|
| 38 | + $this->used = false; |
|
| 39 | + } |
|
| 40 | 40 | |
| 41 | - /** |
|
| 42 | - * @return DateTimeImmutable |
|
| 43 | - */ |
|
| 44 | - public function getGenerationTimestamp() |
|
| 45 | - { |
|
| 46 | - return $this->generationTimestamp; |
|
| 47 | - } |
|
| 41 | + /** |
|
| 42 | + * @return DateTimeImmutable |
|
| 43 | + */ |
|
| 44 | + public function getGenerationTimestamp() |
|
| 45 | + { |
|
| 46 | + return $this->generationTimestamp; |
|
| 47 | + } |
|
| 48 | 48 | |
| 49 | - /** |
|
| 50 | - * @return string |
|
| 51 | - */ |
|
| 52 | - public function getContext() |
|
| 53 | - { |
|
| 54 | - return $this->context; |
|
| 55 | - } |
|
| 49 | + /** |
|
| 50 | + * @return string |
|
| 51 | + */ |
|
| 52 | + public function getContext() |
|
| 53 | + { |
|
| 54 | + return $this->context; |
|
| 55 | + } |
|
| 56 | 56 | |
| 57 | - /** |
|
| 58 | - * @return string |
|
| 59 | - */ |
|
| 60 | - public function getTokenData() |
|
| 61 | - { |
|
| 62 | - return $this->tokenData; |
|
| 63 | - } |
|
| 57 | + /** |
|
| 58 | + * @return string |
|
| 59 | + */ |
|
| 60 | + public function getTokenData() |
|
| 61 | + { |
|
| 62 | + return $this->tokenData; |
|
| 63 | + } |
|
| 64 | 64 | |
| 65 | - /** |
|
| 66 | - * Returns a value indicating whether the token has already been used or not |
|
| 67 | - * |
|
| 68 | - * @return boolean |
|
| 69 | - */ |
|
| 70 | - public function isUsed() |
|
| 71 | - { |
|
| 72 | - return $this->used; |
|
| 73 | - } |
|
| 65 | + /** |
|
| 66 | + * Returns a value indicating whether the token has already been used or not |
|
| 67 | + * |
|
| 68 | + * @return boolean |
|
| 69 | + */ |
|
| 70 | + public function isUsed() |
|
| 71 | + { |
|
| 72 | + return $this->used; |
|
| 73 | + } |
|
| 74 | 74 | |
| 75 | - /** |
|
| 76 | - * Marks the token as used |
|
| 77 | - */ |
|
| 78 | - public function markAsUsed() |
|
| 79 | - { |
|
| 80 | - $this->used = true; |
|
| 81 | - $this->usageTimestamp = new DateTimeImmutable(); |
|
| 82 | - } |
|
| 75 | + /** |
|
| 76 | + * Marks the token as used |
|
| 77 | + */ |
|
| 78 | + public function markAsUsed() |
|
| 79 | + { |
|
| 80 | + $this->used = true; |
|
| 81 | + $this->usageTimestamp = new DateTimeImmutable(); |
|
| 82 | + } |
|
| 83 | 83 | |
| 84 | - /** |
|
| 85 | - * @return DateTimeImmutable |
|
| 86 | - */ |
|
| 87 | - public function getUsageTimestamp() |
|
| 88 | - { |
|
| 89 | - return $this->usageTimestamp; |
|
| 90 | - } |
|
| 84 | + /** |
|
| 85 | + * @return DateTimeImmutable |
|
| 86 | + */ |
|
| 87 | + public function getUsageTimestamp() |
|
| 88 | + { |
|
| 89 | + return $this->usageTimestamp; |
|
| 90 | + } |
|
| 91 | 91 | } |
| 92 | 92 | \ No newline at end of file |
@@ -13,91 +13,91 @@ |
||
| 13 | 13 | |
| 14 | 14 | class TokenManager |
| 15 | 15 | { |
| 16 | - /** |
|
| 17 | - * Validates a CSRF token |
|
| 18 | - * |
|
| 19 | - * @param string $data The token data string itself |
|
| 20 | - * @param string|null $context Token context for extra validation |
|
| 21 | - * |
|
| 22 | - * @return bool |
|
| 23 | - */ |
|
| 24 | - public function validateToken($data, $context = null) |
|
| 25 | - { |
|
| 26 | - if (!is_string($data) || strlen($data) === 0) { |
|
| 27 | - // Nothing to validate |
|
| 28 | - return false; |
|
| 29 | - } |
|
| 30 | - |
|
| 31 | - $tokens = WebRequest::getSessionTokenData(); |
|
| 32 | - |
|
| 33 | - // if the token doesn't exist, then it's not valid |
|
| 34 | - if (!array_key_exists($data, $tokens)) { |
|
| 35 | - return false; |
|
| 36 | - } |
|
| 37 | - |
|
| 38 | - /** @var Token $token */ |
|
| 39 | - $token = unserialize($tokens[$data]); |
|
| 40 | - |
|
| 41 | - if ($token->getTokenData() !== $data) { |
|
| 42 | - return false; |
|
| 43 | - } |
|
| 44 | - |
|
| 45 | - if ($token->getContext() !== $context) { |
|
| 46 | - return false; |
|
| 47 | - } |
|
| 48 | - |
|
| 49 | - if ($token->isUsed()) { |
|
| 50 | - return false; |
|
| 51 | - } |
|
| 52 | - |
|
| 53 | - // mark the token as used, and save it back to the session |
|
| 54 | - $token->markAsUsed(); |
|
| 55 | - $this->storeToken($token); |
|
| 56 | - |
|
| 57 | - return true; |
|
| 58 | - } |
|
| 59 | - |
|
| 60 | - /** |
|
| 61 | - * @param string|null $context An optional context for extra validation |
|
| 62 | - * |
|
| 63 | - * @return Token |
|
| 64 | - */ |
|
| 65 | - public function getNewToken($context = null) |
|
| 66 | - { |
|
| 67 | - $token = new Token($this->generateTokenData(), $context); |
|
| 68 | - $this->storeToken($token); |
|
| 69 | - |
|
| 70 | - return $token; |
|
| 71 | - } |
|
| 72 | - |
|
| 73 | - /** |
|
| 74 | - * Stores a token in the session data |
|
| 75 | - * |
|
| 76 | - * @param Token $token |
|
| 77 | - */ |
|
| 78 | - private function storeToken(Token $token) |
|
| 79 | - { |
|
| 80 | - $tokens = WebRequest::getSessionTokenData(); |
|
| 81 | - $tokens[$token->getTokenData()] = serialize($token); |
|
| 82 | - WebRequest::setSessionTokenData($tokens); |
|
| 83 | - } |
|
| 84 | - |
|
| 85 | - /** |
|
| 86 | - * Generates a security token |
|
| 87 | - * |
|
| 88 | - * @return string |
|
| 89 | - * @throws Exception |
|
| 90 | - * |
|
| 91 | - * @category Security-Critical |
|
| 92 | - */ |
|
| 93 | - private function generateTokenData() |
|
| 94 | - { |
|
| 95 | - $genBytes = openssl_random_pseudo_bytes(33); |
|
| 96 | - |
|
| 97 | - if ($genBytes !== false) { |
|
| 98 | - return base64_encode($genBytes); |
|
| 99 | - } |
|
| 100 | - |
|
| 101 | - throw new Exception('Unable to generate secure token.'); |
|
| 102 | - } |
|
| 16 | + /** |
|
| 17 | + * Validates a CSRF token |
|
| 18 | + * |
|
| 19 | + * @param string $data The token data string itself |
|
| 20 | + * @param string|null $context Token context for extra validation |
|
| 21 | + * |
|
| 22 | + * @return bool |
|
| 23 | + */ |
|
| 24 | + public function validateToken($data, $context = null) |
|
| 25 | + { |
|
| 26 | + if (!is_string($data) || strlen($data) === 0) { |
|
| 27 | + // Nothing to validate |
|
| 28 | + return false; |
|
| 29 | + } |
|
| 30 | + |
|
| 31 | + $tokens = WebRequest::getSessionTokenData(); |
|
| 32 | + |
|
| 33 | + // if the token doesn't exist, then it's not valid |
|
| 34 | + if (!array_key_exists($data, $tokens)) { |
|
| 35 | + return false; |
|
| 36 | + } |
|
| 37 | + |
|
| 38 | + /** @var Token $token */ |
|
| 39 | + $token = unserialize($tokens[$data]); |
|
| 40 | + |
|
| 41 | + if ($token->getTokenData() !== $data) { |
|
| 42 | + return false; |
|
| 43 | + } |
|
| 44 | + |
|
| 45 | + if ($token->getContext() !== $context) { |
|
| 46 | + return false; |
|
| 47 | + } |
|
| 48 | + |
|
| 49 | + if ($token->isUsed()) { |
|
| 50 | + return false; |
|
| 51 | + } |
|
| 52 | + |
|
| 53 | + // mark the token as used, and save it back to the session |
|
| 54 | + $token->markAsUsed(); |
|
| 55 | + $this->storeToken($token); |
|
| 56 | + |
|
| 57 | + return true; |
|
| 58 | + } |
|
| 59 | + |
|
| 60 | + /** |
|
| 61 | + * @param string|null $context An optional context for extra validation |
|
| 62 | + * |
|
| 63 | + * @return Token |
|
| 64 | + */ |
|
| 65 | + public function getNewToken($context = null) |
|
| 66 | + { |
|
| 67 | + $token = new Token($this->generateTokenData(), $context); |
|
| 68 | + $this->storeToken($token); |
|
| 69 | + |
|
| 70 | + return $token; |
|
| 71 | + } |
|
| 72 | + |
|
| 73 | + /** |
|
| 74 | + * Stores a token in the session data |
|
| 75 | + * |
|
| 76 | + * @param Token $token |
|
| 77 | + */ |
|
| 78 | + private function storeToken(Token $token) |
|
| 79 | + { |
|
| 80 | + $tokens = WebRequest::getSessionTokenData(); |
|
| 81 | + $tokens[$token->getTokenData()] = serialize($token); |
|
| 82 | + WebRequest::setSessionTokenData($tokens); |
|
| 83 | + } |
|
| 84 | + |
|
| 85 | + /** |
|
| 86 | + * Generates a security token |
|
| 87 | + * |
|
| 88 | + * @return string |
|
| 89 | + * @throws Exception |
|
| 90 | + * |
|
| 91 | + * @category Security-Critical |
|
| 92 | + */ |
|
| 93 | + private function generateTokenData() |
|
| 94 | + { |
|
| 95 | + $genBytes = openssl_random_pseudo_bytes(33); |
|
| 96 | + |
|
| 97 | + if ($genBytes !== false) { |
|
| 98 | + return base64_encode($genBytes); |
|
| 99 | + } |
|
| 100 | + |
|
| 101 | + throw new Exception('Unable to generate secure token.'); |
|
| 102 | + } |
|
| 103 | 103 | } |
| 104 | 104 | \ No newline at end of file |
@@ -15,11 +15,11 @@ |
||
| 15 | 15 | */ |
| 16 | 16 | class ApiException extends Exception |
| 17 | 17 | { |
| 18 | - /** |
|
| 19 | - * @param string $message |
|
| 20 | - */ |
|
| 21 | - public function __construct($message) |
|
| 22 | - { |
|
| 23 | - $this->message = $message; |
|
| 24 | - } |
|
| 18 | + /** |
|
| 19 | + * @param string $message |
|
| 20 | + */ |
|
| 21 | + public function __construct($message) |
|
| 22 | + { |
|
| 23 | + $this->message = $message; |
|
| 24 | + } |
|
| 25 | 25 | } |
