tweet_live: web/rsln/Zend/Form/Element/Hash.php@d522fd390921 (annotated)

20 7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	1	<?php
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	2	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	3	* Zend Framework
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	4	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	5	* LICENSE
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	6	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	7	* This source file is subject to the new BSD license that is bundled
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	8	* with this package in the file LICENSE.txt.
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	9	* It is also available through the world-wide-web at this URL:
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	10	* http://framework.zend.com/license/new-bsd
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	11	* If you did not receive a copy of the license and are unable to
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	12	* obtain it through the world-wide-web, please send an email
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	13	* to license@zend.com so we can send you a copy immediately.
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	14	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	15	* @category Zend
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	16	* @package Zend_Form
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	17	* @subpackage Element
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	18	* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	19	* @license http://framework.zend.com/license/new-bsd New BSD License
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	20	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	21
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	22	/** Zend_Form_Element_Xhtml */
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	23	require_once 'Zend/Form/Element/Xhtml.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	24
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	25	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	26	* CSRF form protection
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	27	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	28	* @category Zend
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	29	* @package Zend_Form
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	30	* @subpackage Element
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	31	* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	32	* @license http://framework.zend.com/license/new-bsd New BSD License
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	33	* @version $Id: Hash.php 20096 2010-01-06 02:05:09Z bkarwin $
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	34	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	35	class Zend_Form_Element_Hash extends Zend_Form_Element_Xhtml
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	36	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	37	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	38	* Use formHidden view helper by default
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	39	* @var string
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	40	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	41	public $helper = 'formHidden';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	42
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	43	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	44	* Actual hash used.
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	45	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	46	* @var mixed
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	47	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	48	protected $_hash;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	49
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	50	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	51	* Salt for CSRF token
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	52	* @var string
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	53	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	54	protected $_salt = 'salt';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	55
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	56	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	57	* @var Zend_Session_Namespace
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	58	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	59	protected $_session;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	60
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	61	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	62	* TTL for CSRF token
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	63	* @var int
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	64	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	65	protected $_timeout = 300;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	66
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	67	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	68	* Constructor
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	69	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	70	* Creates session namespace for CSRF token, and adds validator for CSRF
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	71	* token.
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	72	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	73	* @param string\|array\|Zend_Config $spec
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	74	* @param array\|Zend_Config $options
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	75	* @return void
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	76	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	77	public function __construct($spec, $options = null)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	78	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	79	parent::__construct($spec, $options);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	80
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	81	$this->setAllowEmpty(false)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	82	->setRequired(true)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	83	->initCsrfValidator();
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	84	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	85
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	86	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	87	* Set session object
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	88	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	89	* @param Zend_Session_Namespace $session
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	90	* @return Zend_Form_Element_Hash
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	91	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	92	public function setSession($session)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	93	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	94	$this->_session = $session;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	95	return $this;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	96	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	97
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	98	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	99	* Get session object
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	100	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	101	* Instantiate session object if none currently exists
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	102	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	103	* @return Zend_Session_Namespace
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	104	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	105	public function getSession()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	106	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	107	if (null === $this->_session) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	108	require_once 'Zend/Session/Namespace.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	109	$this->_session = new Zend_Session_Namespace($this->getSessionName());
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	110	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	111	return $this->_session;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	112	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	113
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	114	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	115	* Initialize CSRF validator
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	116	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	117	* Creates Session namespace, and initializes CSRF token in session.
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	118	* Additionally, adds validator for validating CSRF token.
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	119	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	120	* @return Zend_Form_Element_Hash
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	121	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	122	public function initCsrfValidator()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	123	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	124	$session = $this->getSession();
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	125	if (isset($session->hash)) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	126	$rightHash = $session->hash;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	127	} else {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	128	$rightHash = null;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	129	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	130
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	131	$this->addValidator('Identical', true, array($rightHash));
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	132	return $this;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	133	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	134
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	135	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	136	* Salt for CSRF token
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	137	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	138	* @param string $salt
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	139	* @return Zend_Form_Element_Hash
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	140	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	141	public function setSalt($salt)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	142	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	143	$this->_salt = (string) $salt;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	144	return $this;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	145	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	146
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	147	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	148	* Retrieve salt for CSRF token
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	149	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	150	* @return string
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	151	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	152	public function getSalt()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	153	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	154	return $this->_salt;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	155	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	156
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	157	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	158	* Retrieve CSRF token
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	159	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	160	* If no CSRF token currently exists, generates one.
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	161	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	162	* @return string
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	163	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	164	public function getHash()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	165	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	166	if (null === $this->_hash) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	167	$this->_generateHash();
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	168	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	169	return $this->_hash;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	170	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	171
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	172	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	173	* Get session namespace for CSRF token
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	174	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	175	* Generates a session namespace based on salt, element name, and class.
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	176	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	177	* @return string
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	178	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	179	public function getSessionName()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	180	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	181	return __CLASS__ . '_' . $this->getSalt() . '_' . $this->getName();
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	182	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	183
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	184	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	185	* Set timeout for CSRF session token
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	186	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	187	* @param int $ttl
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	188	* @return Zend_Form_Element_Hash
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	189	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	190	public function setTimeout($ttl)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	191	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	192	$this->_timeout = (int) $ttl;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	193	return $this;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	194	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	195
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	196	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	197	* Get CSRF session token timeout
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	198	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	199	* @return int
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	200	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	201	public function getTimeout()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	202	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	203	return $this->_timeout;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	204	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	205
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	206	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	207	* Override getLabel() to always be empty
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	208	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	209	* @return null
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	210	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	211	public function getLabel()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	212	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	213	return null;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	214	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	215
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	216	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	217	* Initialize CSRF token in session
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	218	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	219	* @return void
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	220	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	221	public function initCsrfToken()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	222	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	223	$session = $this->getSession();
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	224	$session->setExpirationHops(1, null, true);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	225	$session->setExpirationSeconds($this->getTimeout());
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	226	$session->hash = $this->getHash();
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	227	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	228
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	229	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	230	* Render CSRF token in form
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	231	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	232	* @param Zend_View_Interface $view
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	233	* @return string
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	234	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	235	public function render(Zend_View_Interface $view = null)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	236	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	237	$this->initCsrfToken();
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	238	return parent::render($view);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	239	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	240
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	241	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	242	* Generate CSRF token
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	243	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	244	* Generates CSRF token and stores both in {@link $_hash} and element
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	245	* value.
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	246	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	247	* @return void
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	248	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	249	protected function _generateHash()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	250	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	251	$this->_hash = md5(
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	252	mt_rand(1,1000000)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	253	. $this->getSalt()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	254	. $this->getName()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	255	. mt_rand(1,1000000)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	256	);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	257	$this->setValue($this->_hash);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	258	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	259	}

author	Samuel Huron <samuel.huron@centrepompidou.fr>
	Tue, 08 Mar 2011 10:57:18 +0100
changeset 52	d522fd390921
parent 20	7e0a67a20e74
permissions	-rw-r--r--