API tools faq
paste
Guest User

Untitled

a guest
Oct 27th, 2017
93
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.08 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /**
  4. * A11n (by daGrevis).
  5. *
  6. * @version 0.2
  7. * @author daGrevis
  8. * @copyright (C) 2011 by daGrevis
  9. * @license MIT License
  10. */
  11.  
  12.  
  13. defined( 'SYSPATH' ) or exit( 'No direct script access.' );
  14.  
  15.  
  16. class Model_A11n extends Model {
  17.  
  18. /**
  19. * Model's validation.
  20. *
  21. * @param Validation Validation object.
  22. */
  23.  
  24. public function validation( Validation $validation ) {
  25.  
  26. $validation
  27. ->rule( 'username', 'not_empty' )
  28. ->rule( 'username', 'max_length', array( ':value', 32 ) )
  29. ->rule( 'username', 'alpha_dash', array( ':value', true ) ) // Alpha chars (from UTF-8), numbers, underscores and dashes...
  30. ->rule( 'username', 'Model_A11n::usernameExists', array( ':validation', ':value' ) )
  31. ->rule( 'password', 'not_empty' )
  32. ->rule( 'password', 'min_length', array( ':value', 6 ) )
  33. ->rule( 'password', 'max_length', array( ':value', 255 ) )
  34. ->rule( 'password', array( Model::factory( 'a11n' ), 'checkPassword' ), array( ':validation', ':value' ) )
  35. ->rule( 'email', 'not_empty' )
  36. ->rule( 'email', 'email' )
  37. ->rule( 'email', 'Model_A11n::emailExists', array( ':validation', ':value' ) );
  38.  
  39.  
  40. return $validation;
  41.  
  42. }
  43.  
  44. /**
  45. * Whether username already exists in the database?
  46. *
  47. * @param Validation Validation object.
  48. * @param string User's username.
  49. */
  50.  
  51. public static function usernameExists( Validation $validation, $username ) {
  52.  
  53. $query =
  54. DB::select( 'id' )
  55. ->from( 'users' )
  56. ->where( 'username', '=', $username );
  57.  
  58. $result =
  59. $query->execute()
  60. ->count();
  61.  
  62.  
  63. if ( $result ) {
  64.  
  65. $validation->error( 'username', 'usernameExists' );
  66.  
  67. }
  68.  
  69. }
  70.  
  71. /**
  72. * Whether e-mail already exists in the database?
  73. *
  74. * @param Validation Validation object.
  75. * @param string User's e-mail.
  76. */
  77.  
  78. public static function emailExists( Validation $validation, $email ) {
  79.  
  80. $query =
  81. DB::select( 'id' )
  82. ->from( 'users' )
  83. ->where( 'email', '=', $email );
  84.  
  85. $result =
  86. $query->execute()
  87. ->count();
  88.  
  89.  
  90. if ( $result ) {
  91.  
  92. $validation->error( 'email', 'emailExists' );
  93.  
  94. }
  95.  
  96. }
  97.  
  98. /**
  99. * Checks whether user with given username **and** given password exists. In other words, check that password is correct.
  100. *
  101. * @param Validation Validation object.
  102. * @param string User's password (plain text).
  103. */
  104.  
  105. public function checkPassword( Validation $validation, $password ) {
  106.  
  107. $username = $validation['username'];
  108. $hashedPassword = $this->_hashPassword( $password, $this->_getSaltFromId( $this->_getIdFromUsername( $username ) ) );
  109.  
  110.  
  111. $query =
  112. DB::select( 'id' )
  113. ->from( 'users' )
  114. ->where( 'username', '=', $username )
  115. ->where( 'password', '=', $hashedPassword );
  116.  
  117. $result =
  118. $query->execute()
  119. ->count();
  120.  
  121.  
  122. if ( !$result ) {
  123.  
  124. $validation->error( 'password', 'checkPassword' );
  125.  
  126. }
  127.  
  128. }
  129.  
  130. /**
  131. * Gets user's ID from database (using username).
  132. *
  133. * @param string User's username.
  134. * @return integer User's ID from database.
  135. */
  136.  
  137. protected function _getIdFromUsername( $username ) {
  138.  
  139. $query =
  140. DB::select( 'id' )
  141. ->from( 'users' )
  142. ->where( 'username', '=', $username );
  143.  
  144. $result =
  145. $query->execute()
  146. ->get( 'id' );
  147.  
  148.  
  149. return
  150. (integer) $result;
  151.  
  152. }
  153.  
  154. /**
  155. * Gets user's access from database (using ID). Use this only when you know that you need value from database because access is saved in session as well.
  156. *
  157. * @param string User's ID.
  158. * @return integer User's access from database.
  159. */
  160.  
  161. protected function _getAccessFromId( $id ) {
  162.  
  163. $query =
  164. DB::select( 'access' )
  165. ->from( 'users' )
  166. ->where( 'id', '=', $id );
  167.  
  168. $result =
  169. $query->execute()
  170. ->get( 'access' );
  171.  
  172.  
  173. return
  174. (integer) $result;
  175.  
  176. }
  177.  
  178. /**
  179. * Gets user's salt from database (using ID).
  180. *
  181. * @param string User's ID.
  182. * @return string User's salt from database.
  183. */
  184.  
  185. protected function _getSaltFromId( $id ) {
  186.  
  187. $query =
  188. DB::select( 'salt' )
  189. ->from( 'users' )
  190. ->where( 'id', '=', $id );
  191.  
  192. $result =
  193. $query->execute()
  194. ->get( 'salt' );
  195.  
  196.  
  197. return
  198. (string) $result;
  199.  
  200. }
  201.  
  202. /**
  203. * Hashes password (plain text), salt (value stored in database (auto-generated for each user)) and nuts (value from configuration that's stored on file-server (MUST BE CHANGED BEFORE PRODUCTION STAGE FROM DEFAULT ("Cartman")!)) using SHA-1 algorythm.
  204. *
  205. * @param string User's password.
  206. * @param string Salt (auto-generated for each user).
  207. * @param string Nuts from configuration that's stored on file-server.
  208. * @return string Hashed password.
  209. */
  210.  
  211. protected function _hashPassword( $password, $salt, $nuts = '' ) {
  212.  
  213. if ( $nuts === '' ) { $nuts = Kohana::config( 'a11n' )->nuts; }
  214.  
  215. $password =
  216. sha1(
  217. $password
  218. . $salt
  219. . $nuts
  220. );
  221.  
  222.  
  223. return $password;
  224.  
  225. }
  226.  
  227.  
  228. // To add `signUp()`, `signIn()`.
  229.  
  230. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!