<?php
namespace entities\evr\security;

class Key_Hashes
{
   public function __construct()
   {
      $this->set_path();
      $this->set_hashes();
   }
   private function set_path()
   {
      $this->path = $GLOBALS["KEY_HASHES_PATH"];
   }
   private function set_hashes()
   {
      $this->hashes = file($this->path, FILE_IGNORE_NEW_LINES);
   }
   public function write()
   {
      $string = implode("\n", $this->hashes) . "\n";
      file_put_contents($this->path, $string);
   }
   public function remove($hash)
   {
      $hashes = $this->hashes;
      foreach (range(0, count($hashes) - 1) as $ii)
      {
         if ($hashes[$ii] == $hash)
         {
            array_splice($hashes, $ii, 1);
            break;
         }
      }
      $this->hashes = $hashes;
   }
}
<?php
namespace entities\evr\security;
use entities\html as html;

class Security
{
   public function __construct()
   {
      $this->registrar = new Registrar();
      $this->cookie = new Cookie();
      $this->set_username();
      $this->addresses = new Addresses($this->username);
   }
   private function set_username()
   {
      $username = null;
      if ($this->is_login())
      {
         $submission = $this->get_post_parameter("username");
         $username = $this->find_user_directory($submission);
      }
      else if ($this->cookie->exists())
      {
         $username = $this->cookie->get_username();
      }
      $this->username = $username;
   }
   private function is_login()
   {
      $action = $this->get_post_parameter("action");
      return $action == $GLOBALS["LOGIN_BUTTON_TEXT"];
   }
   public function register_user()
   {
      return $this->registrar->register();
   }
   public static function validate_key()
   {
      $hashes = new Key_Hashes();
      $key = self::get_post_parameter("key");
      if (self::find_hash($hashes, $key))
      {
         return true;
      }
      self::show_error("Key not found");
      return false;
   }
   public static function find_hash($hashes, $key)
   {
      foreach ($hashes->hashes as $hash)
      {
         if (self::match_to_hash($key, $hash))
         {
            return $hash;
         }
      }
   }
   public static function match_to_hash($key, $hash)
   {
      if (!$hash)
      {
         return $hash == crypt($key);
      }
      return $hash == crypt($key, $hash);
   }
   public static function show_error($message)
   {
      echo new html\Div(null, "error", $message);
   }
   public function validate_user()
   {
      $action = $this->get_post_parameter("action");
      if ($this->is_login())
      {
         return $this->log_user_in();
      }
      else if ($this->cookie->exists())
      {
         return $this->validate_cookie();
      }
   }
   public static function get_post_parameter($name)
   {
      if (isset($_POST[$name]))
      {
         return $_POST[$name];
      }
   }
   private function log_user_in()
   {
      $password = $this->get_post_parameter("password");
      if ($hash = $this->verify_credentials($this->username, $password))
      {
         if ($this->get_post_parameter("remember"))
         {
            $this->cookie->set($this->username, $hash);
            $this->addresses->add_current();
         }
         return true;
      }
      return false;
   }
   public static function verify_credentials($username, $password)
   {
      $hash = self::get_stored_hash($username);
      if (self::match_to_hash($password, $hash))
      {
         return $hash;
      }
      self::show_error("Username/password not found");
   }
   public static function get_stored_hash($username)
   {
      $root = $GLOBALS["USERS_PATH"] . "/";
      $path = "$root$username/" . $GLOBALS["USER_HASH_PATH"];
      if (is_file($path))
      {
         return trim(file_get_contents($path));
      }
      return null;
   }
   public static function find_user_directory($username)
   {
      $root = $GLOBALS["USERS_PATH"];
      foreach (scandir($root) as $file_name)
      {
         $path = "$root/$file_name";
         if (is_dir($path) && !strcasecmp($file_name, $username))
         {
            return $file_name;
         }
      }
   }
   private function validate_cookie()
   {
      $hash = $this->cookie->get_hash();
      $stored = self::get_stored_hash($this->username);
      if ($hash == $stored)
      {
         if ($this->addresses->find_current_address())
         {
            $this->cookie->set($this->username, $hash);
            return true;
         }
      }
      return false;
   }
   public static function show_success($message)
   {
      echo new html\Div(null, "success", $message);
   }
   public static function remove_key()
   {
      $key = self::get_post_parameter("key");
      $hashes = new Key_Hashes();
      $hash = self::find_hash($hashes, $key);
      $hashes->remove($hash);
      $hashes->write();
   }
   public function change_password()
   {
      return $this->registrar->change_password();
   }
   public function reset_password()
   {
      return $this->registrar->reset_password();
   }
}
3.215.182.36
3.215.182.36
3.215.182.36
 
June 5, 2016