tweet_live: web/lib/Zend/Form/Element/Hash.php@68c69c656a2c (annotated)

0 4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	1	<?php
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	2	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	3	* Zend Framework
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	4	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	5	* LICENSE
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	6	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	7	* This source file is subject to the new BSD license that is bundled
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	8	* with this package in the file LICENSE.txt.
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	9	* It is also available through the world-wide-web at this URL:
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	10	* http://framework.zend.com/license/new-bsd
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	11	* If you did not receive a copy of the license and are unable to
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	12	* obtain it through the world-wide-web, please send an email
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	13	* to license@zend.com so we can send you a copy immediately.
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	14	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	15	* @category Zend
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	16	* @package Zend_Form
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	17	* @subpackage Element
1230 68c69c656a2c upgrade Zend Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: 807 diff changeset	18	* @copyright Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
0 4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	19	* @license http://framework.zend.com/license/new-bsd New BSD License
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	20	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	21
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	22	/** Zend_Form_Element_Xhtml */
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	23	require_once 'Zend/Form/Element/Xhtml.php';
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	24
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	25	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	26	* CSRF form protection
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	27	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	28	* @category Zend
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	29	* @package Zend_Form
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	30	* @subpackage Element
1230 68c69c656a2c upgrade Zend Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: 807 diff changeset	31	* @copyright Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
0 4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	32	* @license http://framework.zend.com/license/new-bsd New BSD License
1230 68c69c656a2c upgrade Zend Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: 807 diff changeset	33	* @version $Id$
0 4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	34	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	35	class Zend_Form_Element_Hash extends Zend_Form_Element_Xhtml
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	36	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	37	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	38	* Use formHidden view helper by default
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	39	* @var string
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	40	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	41	public $helper = 'formHidden';
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	42
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	43	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	44	* Actual hash used.
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	45	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	46	* @var mixed
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	47	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	48	protected $_hash;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	49
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	50	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	51	* Salt for CSRF token
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	52	* @var string
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	53	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	54	protected $_salt = 'salt';
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	55
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	56	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	57	* @var Zend_Session_Namespace
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	58	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	59	protected $_session;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	60
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	61	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	62	* TTL for CSRF token
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	63	* @var int
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	64	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	65	protected $_timeout = 300;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	66
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	67	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	68	* Constructor
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	69	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	70	* Creates session namespace for CSRF token, and adds validator for CSRF
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	71	* token.
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	72	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	73	* @param string\|array\|Zend_Config $spec
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	74	* @param array\|Zend_Config $options
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	75	* @return void
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	76	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	77	public function __construct($spec, $options = null)
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	78	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	79	parent::__construct($spec, $options);
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	80
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	81	$this->setAllowEmpty(false)
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	82	->setRequired(true)
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	83	->initCsrfValidator();
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	84	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	85
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	86	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	87	* Set session object
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	88	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	89	* @param Zend_Session_Namespace $session
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	90	* @return Zend_Form_Element_Hash
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	91	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	92	public function setSession($session)
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	93	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	94	$this->_session = $session;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	95	return $this;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	96	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	97
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	98	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	99	* Get session object
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	100	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	101	* Instantiate session object if none currently exists
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	102	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	103	* @return Zend_Session_Namespace
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	104	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	105	public function getSession()
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	106	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	107	if (null === $this->_session) {
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	108	require_once 'Zend/Session/Namespace.php';
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	109	$this->_session = new Zend_Session_Namespace($this->getSessionName());
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	110	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	111	return $this->_session;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	112	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	113
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	114	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	115	* Initialize CSRF validator
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	116	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	117	* Creates Session namespace, and initializes CSRF token in session.
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	118	* Additionally, adds validator for validating CSRF token.
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	119	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	120	* @return Zend_Form_Element_Hash
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	121	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	122	public function initCsrfValidator()
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	123	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	124	$session = $this->getSession();
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	125	if (isset($session->hash)) {
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	126	$rightHash = $session->hash;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	127	} else {
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	128	$rightHash = null;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	129	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	130
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	131	$this->addValidator('Identical', true, array($rightHash));
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	132	return $this;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	133	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	134
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	135	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	136	* Salt for CSRF token
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	137	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	138	* @param string $salt
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	139	* @return Zend_Form_Element_Hash
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	140	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	141	public function setSalt($salt)
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	142	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	143	$this->_salt = (string) $salt;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	144	return $this;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	145	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	146
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	147	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	148	* Retrieve salt for CSRF token
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	149	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	150	* @return string
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	151	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	152	public function getSalt()
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	153	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	154	return $this->_salt;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	155	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	156
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	157	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	158	* Retrieve CSRF token
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	159	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	160	* If no CSRF token currently exists, generates one.
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	161	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	162	* @return string
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	163	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	164	public function getHash()
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	165	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	166	if (null === $this->_hash) {
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	167	$this->_generateHash();
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	168	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	169	return $this->_hash;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	170	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	171
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	172	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	173	* Get session namespace for CSRF token
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	174	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	175	* Generates a session namespace based on salt, element name, and class.
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	176	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	177	* @return string
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	178	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	179	public function getSessionName()
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	180	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	181	return __CLASS__ . '_' . $this->getSalt() . '_' . $this->getName();
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	182	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	183
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	184	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	185	* Set timeout for CSRF session token
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	186	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	187	* @param int $ttl
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	188	* @return Zend_Form_Element_Hash
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	189	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	190	public function setTimeout($ttl)
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	191	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	192	$this->_timeout = (int) $ttl;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	193	return $this;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	194	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	195
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	196	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	197	* Get CSRF session token timeout
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	198	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	199	* @return int
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	200	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	201	public function getTimeout()
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	202	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	203	return $this->_timeout;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	204	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	205
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	206	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	207	* Override getLabel() to always be empty
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	208	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	209	* @return null
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	210	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	211	public function getLabel()
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	212	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	213	return null;
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	214	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	215
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	216	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	217	* Initialize CSRF token in session
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	218	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	219	* @return void
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	220	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	221	public function initCsrfToken()
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	222	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	223	$session = $this->getSession();
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	224	$session->setExpirationHops(1, null, true);
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	225	$session->setExpirationSeconds($this->getTimeout());
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	226	$session->hash = $this->getHash();
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	227	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	228
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	229	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	230	* Render CSRF token in form
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	231	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	232	* @param Zend_View_Interface $view
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	233	* @return string
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	234	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	235	public function render(Zend_View_Interface $view = null)
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	236	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	237	$this->initCsrfToken();
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	238	return parent::render($view);
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	239	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	240
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	241	/**
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	242	* Generate CSRF token
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	243	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	244	* Generates CSRF token and stores both in {@link $_hash} and element
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	245	* value.
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	246	*
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	247	* @return void
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	248	*/
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	249	protected function _generateHash()
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	250	{
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	251	$this->_hash = md5(
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	252	mt_rand(1,1000000)
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	253	. $this->getSalt()
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	254	. $this->getName()
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	255	. mt_rand(1,1000000)
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	256	);
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	257	$this->setValue($this->_hash);
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	258	}
4eba9c11703f first import Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	259	}

author	Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
	Thu, 07 May 2015 15:16:02 +0200
changeset 1230	68c69c656a2c
parent 807	877f952ae2bd
permissions	-rw-r--r--