silverstripe / silverstripe-framework

security/MemberAuthenticator.php

Doc Comments +2 added lines, -2 removed lines

@@ -134,7 +134,7 @@ 
 	 * @param Form $form Optional: If passed, better error messages can be
 	 *                             produced by using
 	 *                             {@link Form::sessionMessage()}
-	 * @return bool|Member Returns FALSE if authentication fails, otherwise
+	 * @return Member|null Returns FALSE if authentication fails, otherwise
 	 *                     the member object
 	 * @see Security::setDefaultAdmin()
 	 */
@@ -165,7 +165,7 @@ 
 	/**
 	 * Method that creates the login form for this authentication method
 	 *
-	 * @param Controller The parent controller, necessary to create the
+	 * @param Controller Controller parent controller, necessary to create the
 	 *                   appropriate form action tag
 	 * @return Form Returns the login form to use with this authentication
 	 *              method

security/MemberLoginForm.php

Doc Comments -1 removed lines

@@ -47,7 +47,6 @@
 	 * @param bool $checkCurrentUser If set to TRUE, it will be checked if a
 	 *                               the user is currently logged in, and if
 	 *                               so, only a logout button will be rendered
-	 * @param string $authenticatorClassName Name of the authenticator class that this form uses.
 	 */
 	public function __construct($controller, $name, $fields = null, $actions = null,
 								$checkCurrentUser = true) {

security/MemberPassword.php

Doc Comments +1 added lines

@@ -32,6 +32,7 @@
 	/**
 	 * Log a password change from the given member.
 	 * Call MemberPassword::log($this) from within Member whenever the password is changed.
+	 * @param Member $member
 	 */
 	public static function log($member) {
 		$record = new MemberPassword();

security/PasswordEncryptor.php

Doc Comments +6 added lines, -2 removed lines

@@ -85,6 +85,10 @@ 
 	 * but is necessary for retain compatibility with password hashed
 	 * with flawed algorithms - see {@link PasswordEncryptor_LegacyPHPHash} and
 	 * {@link PasswordEncryptor_Blowfish}
+	 * @param string $hash
+	 * @param string $password
+	 * @param string $salt
+	 * @param Member $member
 	 */
 	public function check($hash, $password, $salt = null, $member = null) {
 		return $hash === $this->encrypt($password, $salt, $member);
@@ -127,8 +131,7 @@ 
 	/**
 	 * Gets the cost that is set for the blowfish algorithm
 	 *
-	 * @param int $cost
-	 * @return null
+	 * @return integer
 	 */
 	public static function get_cost() {
 		return self::$cost;
@@ -240,6 +243,7 @@ 
 
 	/**
 	 * self::$cost param is forced to be two digits with leading zeroes for ints 4-9
+	 * @param string $password
 	 */
 	public function salt($password, $member = null) {
 		$generator = new RandomGenerator();

security/PasswordValidator.php

Doc Comments +4 added lines, -2 removed lines

@@ -28,6 +28,7 @@ 
 
 	/**
 	 * Minimum password length
+	 * @param integer $minLength
 	 */
 	public function minLength($minLength) {
 		$this->minLength = $minLength;
@@ -39,8 +40,8 @@ 
 	 *
 	 * Eg: $this->characterStrength(3, array("lowercase", "uppercase", "digits", "punctuation"))
 	 *
-	 * @param $minScore The minimum number of character tests that must pass
-	 * @param $testNames The names of the tests to perform
+	 * @param integer $minScore The minimum number of character tests that must pass
+	 * @param string[] $testNames The names of the tests to perform
 	 */
 	public function characterStrength($minScore, $testNames) {
 		$this->minScore = $minScore;
@@ -50,6 +51,7 @@ 
 
 	/**
 	 * Check a number of previous passwords that the user has used, and don't let them change to that.
+	 * @param integer $count
 	 */
 	public function checkHistoricalPasswords($count) {
 		$this->historicalPasswordCount = $count;

security/Permission.php

Doc Comments +2 added lines, -2 removed lines

@@ -652,7 +652,7 @@ 
 	 * Recursively traverse the nested list of declared permissions and create
 	 * a linear list.
 	 *
-	 * @param aeeay $declared Nested structure of permissions.
+	 * @param boolean $declared Nested structure of permissions.
 	 * @param $list List of permissions in the structure. The result will be
 	 *              written to this array.
 	 */
@@ -740,7 +740,7 @@ 
 	/**
 	 * Get permissions
 	 *
-	 * @return array Associative array of permissions in this permission
+	 * @return string Associative array of permissions in this permission
 	 *               group. The array indicies are the permission codes as
 	 *               used in {@link Permission::check()}. The value is
 	 *               suitable for using in an interface.

security/Security.php

Doc Comments +5 added lines, -6 removed lines

@@ -465,7 +465,7 @@ 
 	 * Combine the given forms into a formset with a tabbed interface
 	 *
 	 * @param array $forms List of LoginForm instances
-	 * @return string
+	 * @return HTMLText
 	 */
 	protected function generateLoginFormSet($forms) {
 		$viewData = new ArrayData(array(
@@ -645,7 +645,6 @@ 
 	 * - t: plaintext token
 	 *
 	 * @param Member $member Member object associated with this link.
-	 * @param string $autoLoginHash The auto login token.
 	 */
 	public static function getPasswordResetLink($member, $autologinToken) {
 		$autologinToken = urldecode($autologinToken);
@@ -736,7 +735,7 @@ 
 	/**
 	 * Factory method for the lost password form
 	 *
-	 * @return Form Returns the lost password form
+	 * @return Security Returns the lost password form
 	 */
 	public function ChangePasswordForm() {
 		return Object::create('ChangePasswordForm', $this, 'ChangePasswordForm');
@@ -746,7 +745,7 @@ 
 	 * Gets the template for an include used for security.
 	 * For use in any subclass.
 	 *
-	 * @return string|array Returns the template(s) for rendering
+	 * @return string[] Returns the template(s) for rendering
 	 */
 	public function getIncludeTemplate($name) {
 		return array('Security_' . $name);
@@ -920,7 +919,7 @@ 
 	 * @deprecated 4.0 Use the "Security.password_encryption_algorithm" config setting instead
 	 * @param string $algorithm One of the available password encryption
 	 *  algorithms determined by {@link Security::get_encryption_algorithms()}
-	 * @return bool Returns TRUE if the passed algorithm was valid, otherwise FALSE.
+	 * @return boolean|null Returns TRUE if the passed algorithm was valid, otherwise FALSE.
 	 */
 	public static function set_password_encryption_algorithm($algorithm) {
 		Deprecation::notice('4.0', 'Use the "Security.password_encryption_algorithm" config setting instead');
@@ -1075,7 +1074,7 @@ 
 	/**
 	 * Set to true to ignore access to disallowed actions, rather than returning permission failure
 	 * Note that this is just a flag that other code needs to check with Security::ignore_disallowed_actions()
-	 * @param $flag True or false
+	 * @param boolean $flag True or false
 	 */
 	public static function set_ignore_disallowed_actions($flag) {
 		self::$ignore_disallowed_actions = $flag;

tasks/EncryptAllPasswordsTask.php

Doc Comments +1 added lines

@@ -66,6 +66,7 @@
 
 	/**
 	 * @todo This should really be taken care of by TestRunner
+	 * @param string $msg
 	 */
 	protected function debugMessage($msg) {
 		if(class_exists('SapphireTest', false) && !SapphireTest::is_running_test()) {

tests/api/RestfulServiceTest.php

Doc Comments +2 added lines

@@ -208,6 +208,8 @@
 	 * Simulate cached response file for testing error requests that are supposed to have cache files
 	 *
 	 * @todo Generate the cachepath without hardcoding the cache data
+	 * @param RestfulServiceTest_MockErrorService $connection
+	 * @param string $subUrl
 	 */
 	private function createFakeCachedResponse($connection, $subUrl) {
 		$fullUrl = $connection->getAbsoluteRequestURL($subUrl);