|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace FFMVC\Helpers; |
|
4
|
|
|
|
|
5
|
|
|
/** |
|
6
|
|
|
* String Helper Class |
|
7
|
|
|
* |
|
8
|
|
|
* @package helpers |
|
9
|
|
|
* @author Vijay Mahrra <[email protected]> |
|
10
|
|
|
* @copyright (c) Copyright 2015 Vijay Mahrra |
|
11
|
|
|
* @license GPLv3 (http://www.gnu.org/licenses/gpl-3.0.html) |
|
12
|
|
|
*/ |
|
13
|
|
|
class Str extends \Prefab |
|
14
|
|
|
{ |
|
15
|
|
|
/** |
|
16
|
|
|
* generate random string |
|
17
|
|
|
* |
|
18
|
|
|
* @param int $length of password |
|
19
|
|
|
* @param null|string $chars characters to use for random string |
|
20
|
|
|
* @return string password |
|
21
|
|
|
*/ |
|
22
|
|
|
public static function random(int $length = 10, string $chars = null): string |
|
23
|
|
|
{ |
|
24
|
|
|
if (empty($chars)) { |
|
25
|
|
|
// ignore characters which can be consued, i, l, 1, o, O, 0 etc |
|
26
|
|
|
$chars = '23456789abcdefghjkmnpqrstuvwxyzABCDEFGHJKMNPQRSTUVWYZ'; |
|
27
|
|
|
} |
|
28
|
|
|
|
|
29
|
|
|
$chars = str_shuffle($chars); // shuffle base character string |
|
30
|
|
|
$x = \UTF::instance()->strlen($chars) - 1; |
|
31
|
|
|
$str = ''; |
|
32
|
|
|
|
|
33
|
|
|
for ($i = 0; $i < $length; $i++) { |
|
34
|
|
|
$str .= \UTF::instance()->substr($chars, rand(0, $x), 1); |
|
35
|
|
|
} |
|
36
|
|
|
|
|
37
|
|
|
return (string) $str; |
|
38
|
|
|
} |
|
39
|
|
|
|
|
40
|
|
|
|
|
41
|
|
|
/** |
|
42
|
|
|
* Generates a hash for a given string |
|
43
|
|
|
* |
|
44
|
|
|
* @param string $string to salt |
|
45
|
|
|
* @param string $pepper string pepper to add to the salted string for extra security |
|
46
|
|
|
* @return string $encoded |
|
47
|
|
|
* @link http://php.net/manual/en/function.hash-hmac.php |
|
48
|
|
|
* @link http://fatfreeframework.com/base#hash |
|
49
|
|
|
*/ |
|
50
|
|
|
public static function salted(string $string, string $pepper = ''): string |
|
51
|
|
|
{ |
|
52
|
|
|
$f3 = \Base::instance(); |
|
53
|
|
|
$salt = $f3->get('security.salt'); |
|
54
|
|
|
$hash = $f3->get('security.hash'); |
|
55
|
|
|
|
|
56
|
|
|
return base64_encode(hash_hmac($hash, $string, $salt . $pepper, true)); |
|
57
|
|
|
} |
|
58
|
|
|
|
|
59
|
|
|
/** |
|
60
|
|
|
* Generates a hashed password a given string |
|
61
|
|
|
* |
|
62
|
|
|
* @param string $string to salt |
|
63
|
|
|
* @param string $pepper string pepper to add to the salted string for extra security |
|
64
|
|
|
* @return string $encoded |
|
65
|
|
|
*/ |
|
66
|
|
|
public static function password(string $string, string $pepper = ''): string |
|
67
|
|
|
{ |
|
68
|
|
|
return \Base::instance()->hash(self::salted($string, $pepper)); |
|
69
|
|
|
} |
|
70
|
|
|
|
|
71
|
|
|
|
|
72
|
|
|
/** |
|
73
|
|
|
* Compares a hashed password with the hashed value of a given string |
|
74
|
|
|
* |
|
75
|
|
|
* @param string $hashed_password a hashed password |
|
76
|
|
|
* @param string $string to salt |
|
77
|
|
|
* @param string $pepper string pepper to add to the salted string for extra security |
|
78
|
|
|
* @return string success on match |
|
79
|
|
|
*/ |
|
80
|
|
|
public static function passwordVerify(string $hashed_password, string $string, string $pepper = ''): string |
|
81
|
|
|
{ |
|
82
|
|
|
return ($hashed_password === \Base::instance()->hash(self::salted($string, $pepper))); |
|
83
|
|
|
} |
|
84
|
|
|
|
|
85
|
|
|
|
|
86
|
|
|
/** |
|
87
|
|
|
* Generate name based md5 UUID (version 3). |
|
88
|
|
|
* |
|
89
|
|
|
* @param null|int $len limit the length |
|
90
|
|
|
* @example '7e57d004-2b97-0e7a-b45f-5387367791cd' |
|
91
|
|
|
* @copyright Copyright (c) 2011 François Zaninotto and others |
|
92
|
|
|
* @url https://github.com/fzaninotto/Faker |
|
93
|
|
|
* @return string $uuid |
|
94
|
|
|
*/ |
|
95
|
|
|
public static function uuid($len = null): string |
|
96
|
|
|
{ |
|
97
|
|
|
// fix for compatibility with 32bit architecture; seed range restricted to 62bit |
|
98
|
|
|
$seed = mt_rand(0, 2147483647) . '#' . mt_rand(0, 2147483647); |
|
99
|
|
|
|
|
100
|
|
|
// Hash the seed and convert to a byte array |
|
101
|
|
|
$val = md5($seed, true); |
|
102
|
|
|
$byte = array_values(unpack('C16', $val)); |
|
103
|
|
|
|
|
104
|
|
|
// extract fields from byte array |
|
105
|
|
|
$tLo = ($byte[0] << 24) | ($byte[1] << 16) | ($byte[2] << 8) | $byte[3]; |
|
106
|
|
|
$tMi = ($byte[4] << 8) | $byte[5]; |
|
107
|
|
|
$tHi = ($byte[6] << 8) | $byte[7]; |
|
108
|
|
|
$csLo = $byte[9]; |
|
109
|
|
|
$csHi = $byte[8] & 0x3f | (1 << 7); |
|
110
|
|
|
|
|
111
|
|
|
// correct byte order for big edian architecture |
|
112
|
|
|
if (pack('L', 0x6162797A) == pack('N', 0x6162797A)) { |
|
113
|
|
|
$tLo = (($tLo & 0x000000ff) << 24) | (($tLo & 0x0000ff00) << 8) |
|
114
|
|
|
| (($tLo & 0x00ff0000) >> 8) | (($tLo & 0xff000000) >> 24); |
|
115
|
|
|
$tMi = (($tMi & 0x00ff) << 8) | (($tMi & 0xff00) >> 8); |
|
116
|
|
|
$tHi = (($tHi & 0x00ff) << 8) | (($tHi & 0xff00) >> 8); |
|
117
|
|
|
} |
|
118
|
|
|
|
|
119
|
|
|
// apply version number |
|
120
|
|
|
$tHi &= 0x0fff; |
|
121
|
|
|
$tHi |= (3 << 12); |
|
122
|
|
|
|
|
123
|
|
|
// cast to string |
|
124
|
|
|
$uuid = sprintf( |
|
125
|
|
|
'%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x', |
|
126
|
|
|
$tLo, |
|
127
|
|
|
$tMi, |
|
128
|
|
|
$tHi, |
|
129
|
|
|
$csHi, |
|
130
|
|
|
$csLo, |
|
131
|
|
|
$byte[10], |
|
132
|
|
|
$byte[11], |
|
133
|
|
|
$byte[12], |
|
134
|
|
|
$byte[13], |
|
135
|
|
|
$byte[14], |
|
136
|
|
|
$byte[15] |
|
137
|
|
|
); |
|
138
|
|
|
|
|
139
|
|
|
return empty($len) ? $uuid : substr($uuid, 0, $len); |
|
140
|
|
|
} |
|
141
|
|
|
|
|
142
|
|
|
/** |
|
143
|
|
|
* Deserialize a value as an object or array if serialized |
|
144
|
|
|
* |
|
145
|
|
|
* @param mixed $value |
|
146
|
|
|
*/ |
|
147
|
|
|
public static function deserialize($value) |
|
148
|
|
|
{ |
|
149
|
|
|
// first try to unserialize php object |
|
150
|
|
|
$v = @unserialize($value); // object if success |
|
151
|
|
|
|
|
152
|
|
|
// next try to json_decode - results in array |
|
153
|
|
|
if (empty($v) || !is_object($v)) { |
|
154
|
|
|
$v = json_decode($value, true); |
|
155
|
|
|
} |
|
156
|
|
|
|
|
157
|
|
|
// update value to unserialized object/array if necessary |
|
158
|
|
|
if (is_object($v) || is_array($v)) { |
|
159
|
|
|
return $v; |
|
160
|
|
|
} |
|
161
|
|
|
|
|
162
|
|
|
return $value; |
|
163
|
|
|
} |
|
164
|
|
|
} |
|
165
|
|
|
|
vijinho /
FFMVC
