Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * A11n (by daGrevis).
- *
- * @version 0.3
- * @author daGrevis
- * @copyright (C) 2011 by daGrevis
- * @license MIT License
- */
- defined( 'SYSPATH' ) or exit( 'No direct script access.' );
- class Model_A11n extends Model {
- /**
- * Model's validation.
- *
- * @param string Mode (example, 'signIn', 'signUp').
- * @param Validation Validation object.
- */
- public function validation( $mode, Validation $extraValidation = null ) {
- if ( empty( $extraValidation ) ) {
- $validation = Validation::factory( array() );
- } else {
- $validation = $extraValidation;
- }
- switch ( $mode ) {
- default:
- throw new Exception( 'Bad mode.' );
- break;
- case 'signUp':
- $validation
- ->rule( 'username', 'not_empty' )
- ->rule( 'username', 'max_length', array( ':value', 32 ) )
- ->rule( 'username', 'alpha_dash', array( ':value', true ) )
- ->rule( 'username', 'Model_A11n::usernameExists', array( ':validation', ':value' ) )
- ->rule( 'password', 'not_empty' )
- ->rule( 'password', 'min_length', array( ':value', 6 ) )
- ->rule( 'password', 'max_length', array( ':value', 255 ) )
- ->rule( 'email', 'not_empty' )
- ->rule( 'email', 'email' )
- ->rule( 'email', 'Model_A11n::emailExists', array( ':validation', ':value' ) );
- break;
- case 'signIn':
- $validation
- ->rule( 'username', 'not_empty' )
- ->rule( 'username', 'max_length', array( ':value', 32 ) )
- ->rule( 'username', 'alpha_dash', array( ':value', true ) )
- ->rule( 'password', 'not_empty' )
- ->rule( 'password', 'min_length', array( ':value', 6 ) )
- ->rule( 'password', 'max_length', array( ':value', 255 ) )
- ->rule( 'password', array( $this, 'checkPassword' ), array( ':validation', ':value' ) );
- break;
- }
- return $validation;
- }
- /**
- * Whether username already exists in the database?
- *
- * @param Validation Validation object.
- * @param string User's username.
- */
- public static function usernameExists( Validation $validation, $username ) {
- $query =
- DB::select( 'id' )
- ->from( 'users' )
- ->where( 'username', '=', $username );
- $result =
- $query->execute()
- ->count();
- if ( $result === 1 ) {
- $validation->error( 'username', 'usernameExists' );
- }
- }
- /**
- * Whether e-mail already exists in the database?
- *
- * @param Validation Validation object.
- * @param string User's e-mail.
- */
- public static function emailExists( Validation $validation, $email ) {
- $query =
- DB::select( 'id' )
- ->from( 'users' )
- ->where( 'email', '=', $email );
- $result =
- $query->execute()
- ->count();
- if ( $result === 1 ) {
- $validation->error( 'email', 'emailExists' );
- }
- }
- /**
- * Checks whether user with given username **and** given password exists. In other words, check that password is correct.
- *
- * @param Validation Validation object.
- * @param string User's password (plain text).
- */
- public function checkPassword( Validation $validation, $password ) {
- $username = $validation['username'];
- $password = $this->_hashPassword( $password, $this->_getSaltFromId( $this->_getIdFromUsername( $username ) ) );
- $query =
- DB::select( 'id' )
- ->from( 'users' )
- ->where( 'username', '=', $username )
- ->where( 'password', '=', $password );
- $result =
- $query->execute()
- ->count();
- if ( $result === 0 ) {
- $validation->error( 'password', 'checkPassword' );
- }
- }
- /**
- * Gets user's ID from database (using username).
- *
- * @param string User's username.
- * @return integer User's ID from database.
- */
- protected function _getIdFromUsername( $username ) {
- $query =
- DB::select( 'id' )
- ->from( 'users' )
- ->where( 'username', '=', $username );
- $result =
- $query->execute()
- ->get( 'id' );
- return
- (integer) $result;
- }
- /**
- * Gets user's access from database (using ID). Use this only when you know that you need value from database because access is saved in session as well.
- *
- * @param string User's ID.
- * @return integer User's access from database.
- */
- protected function _getAccessFromId( $id ) {
- $query =
- DB::select( 'access' )
- ->from( 'users' )
- ->where( 'id', '=', $id );
- $result =
- $query->execute()
- ->get( 'access' );
- return
- (integer) $result;
- }
- /**
- * Gets user's salt from database (using ID).
- *
- * @param string User's ID.
- * @return string User's salt from database.
- */
- protected function _getSaltFromId( $id ) {
- $query =
- DB::select( 'salt' )
- ->from( 'users' )
- ->where( 'id', '=', $id );
- $result =
- $query->execute()
- ->get( 'salt' );
- return
- (string) $result;
- }
- /**
- * Hashes password (plain text), salt (value stored in database (auto-generated for each user)) and nuts (value from configuration that's stored on file-server (MUST BE CHANGED BEFORE PRODUCTION STAGE FROM DEFAULT ("Cartman")!)) using SHA-1 algorythm.
- *
- * @param string User's password.
- * @param string Salt (auto-generated for each user).
- * @param string Nuts from configuration that's stored on file-server.
- * @return string Hashed password.
- */
- protected function _hashPassword( $password, $salt, $nuts = '' ) {
- $nuts = ( $nuts === '' ) ? Kohana::config( 'A11n' )->get( 'nuts' ) : $nuts;
- $password =
- sha1(
- $password
- . $salt
- . $nuts
- );
- return $password;
- }
- /**
- * ...
- *
- * @param ... ...
- */
- protected function _generateSalt() {
- $salt = uniqId( null, true );
- return $salt;
- }
- /**
- * Adds new user in the database.
- *
- * @param Validation Validation object.
- */
- public function signUp( $username, $password, $email ) {
- $salt = $this->_generateSalt();
- $password = $this->_hashPassword( $password, $salt );
- DB::insert( 'users', array( 'username', 'password', 'salt', 'email' ) )
- ->values( array( $username, $password, $salt, $email ) )
- ->execute();
- }
- /**
- * ...
- *
- * @param ... ...
- */
- public function signIn( $username ) {
- $id = $this->_getIdFromUsername( $username );
- $access = $this->_getAccessFromId( $id );
- Session::instance()
- ->set(
- 'user',
- array(
- 'id' => $id,
- 'access' => $access
- )
- );
- }
- /**
- * ...
- *
- * @param ... ...
- */
- public function signOut() {
- Session::instance()
- ->destroy( 'user' );
- }
- }
Add Comment
Please, Sign In to add comment