diff options
| author | François LASSERRE <choiz@me.com> | 2016-07-10 13:00:37 +0200 |
|---|---|---|
| committer | François LASSERRE <choiz@me.com> | 2016-07-10 13:00:37 +0200 |
| commit | e833632b10d178adfc37084638cf0a991eb7d105 (patch) | |
| tree | 706baeea960f1d81bafb9327891866e496b7d86d | |
| parent | 129b5e743abf13d81cfc58092ca5bce8673eab00 (diff) | |
| download | PHPAuth-e833632b10d178adfc37084638cf0a991eb7d105.zip PHPAuth-e833632b10d178adfc37084638cf0a991eb7d105.tar.gz PHPAuth-e833632b10d178adfc37084638cf0a991eb7d105.tar.bz2 | |
Fix coding standard
| -rwxr-xr-x | Auth.php | 382 | ||||
| -rwxr-xr-x | Config.php | 39 |
2 files changed, 236 insertions, 185 deletions
@@ -5,10 +5,10 @@ namespace PHPAuth; use ZxcvbnPhp\Zxcvbn; use PHPMailer\PHPMailer\PHPMailer; -/*** -* Auth class -* Required PHP 5.4 and above. -*/ +/** + * Auth class + * Required PHP 5.4 and above. + */ class Auth { @@ -16,10 +16,9 @@ class Auth public $config; public $lang; - /*** - * Initiates database connection - */ - + /** + * Initiates database connection + */ public function __construct(\PDO $dbh, $config, $language = "en_GB") { $this->dbh = $dbh; @@ -40,28 +39,28 @@ class Auth date_default_timezone_set($this->config->site_timezone); } - /*** - * Logs a user in - * @param string $email - * @param string $password - * @param int $remember - * @param string $captcha = NULL - * @return array $return - */ - + /** + * Logs a user in + * @param string $email + * @param string $password + * @param int $remember + * @param string $captcha = NULL + * @return array $return + */ public function login($email, $password, $remember = 0, $captcha = NULL) { $return['error'] = true; $block_status = $this->isBlocked(); - if($block_status == "verify") - { - if($this->checkCaptcha($captcha) == false) - { + + if ($block_status == "verify") { + if ($this->checkCaptcha($captcha) == false) { $return['message'] = $this->lang["user_verify_failed"]; + return $return; } } + if ($block_status == "block") { $return['message'] = $this->lang["user_blocked"]; return $return; @@ -72,27 +71,27 @@ class Auth if ($validateEmail['error'] == 1) { $this->addAttempt(); - $return['message'] = $this->lang["email_password_invalid"]; + return $return; - } elseif($validatePassword['error'] == 1) { + } elseif ($validatePassword['error'] == 1) { $this->addAttempt(); - $return['message'] = $this->lang["email_password_invalid"]; + return $return; - } elseif($remember != 0 && $remember != 1) { + } elseif ($remember != 0 && $remember != 1) { $this->addAttempt(); - $return['message'] = $this->lang["remember_me_invalid"]; + return $return; } $uid = $this->getUID(strtolower($email)); - if(!$uid) { + if (!$uid) { $this->addAttempt(); - $return['message'] = $this->lang["email_password_incorrect"]; + return $return; } @@ -100,22 +99,23 @@ class Auth if (!password_verify($password, $user['password'])) { $this->addAttempt(); - $return['message'] = $this->lang["email_password_incorrect"]; + return $return; } if ($user['isactive'] != 1) { $this->addAttempt(); - $return['message'] = $this->lang["account_inactive"]; + return $return; } $sessiondata = $this->addSession($user['uid'], $remember); - if($sessiondata == false) { + if ($sessiondata == false) { $return['message'] = $this->lang["system_error"] . " #01"; + return $return; } @@ -142,58 +142,66 @@ class Auth public function register($email, $password, $repeatpassword, $params = Array(), $captcha = NULL, $sendmail = NULL) { $return['error'] = true; - $block_status = $this->isBlocked(); - if($block_status == "verify") - { - if($this->checkCaptcha($captcha) == false) - { + + if ($block_status == "verify") { + if ($this->checkCaptcha($captcha) == false) { $return['message'] = $this->lang["user_verify_failed"]; + return $return; } } + if ($block_status == "block") { $return['message'] = $this->lang["user_blocked"]; + return $return; } if ($password !== $repeatpassword) { $return['message'] = $this->lang["password_nomatch"]; + return $return; } // Validate email $validateEmail = $this->validateEmail($email); + if ($validateEmail['error'] == 1) { $return['message'] = $validateEmail['message']; + return $return; } // Validate password $validatePassword = $this->validatePassword($password); + if ($validatePassword['error'] == 1) { $return['message'] = $validatePassword['message']; + return $return; } $zxcvbn = new Zxcvbn(); - if($zxcvbn->passwordStrength($password)['score'] < intval($this->config->password_min_score)) { + if ($zxcvbn->passwordStrength($password)['score'] < intval($this->config->password_min_score)) { $return['message'] = $this->lang['password_weak']; + return $return; } if ($this->isEmailTaken($email)) { $this->addAttempt(); - $return['message'] = $this->lang["email_taken"]; + return $return; } $addUser = $this->addUser($email, $password, $params, $sendmail); - if($addUser['error'] != 0) { + if ($addUser['error'] != 0) { $return['message'] = $addUser['message']; + return $return; } @@ -212,32 +220,34 @@ class Auth public function activate($key) { $return['error'] = true; - $block_status = $this->isBlocked(); + if ($block_status == "block") { $return['message'] = $this->lang["user_blocked"]; + return $return; } - if(strlen($key) !== 20) { + if (strlen($key) !== 20) { $this->addAttempt(); - $return['message'] = $this->lang["activationkey_invalid"]; + return $return; } $getRequest = $this->getRequest($key, "activation"); - if($getRequest['error'] == 1) { + if ($getRequest['error'] == 1) { $return['message'] = $getRequest['message']; + return $return; } - if($this->getBaseUser($getRequest['uid'])['isactive'] == 1) { + if ($this->getBaseUser($getRequest['uid'])['isactive'] == 1) { $this->addAttempt(); $this->deleteRequest($getRequest['id']); - $return['message'] = $this->lang["system_error"] . " #02"; + return $return; } @@ -262,8 +272,10 @@ class Auth { $return['error'] = true; $block_status = $this->isBlocked(); + if ($block_status == "block") { $return['message'] = $this->lang["user_blocked"]; + return $return; } @@ -271,6 +283,7 @@ class Auth if ($validateEmail['error'] == 1) { $return['message'] = $this->lang["email_invalid"]; + return $return; } @@ -281,14 +294,16 @@ class Auth $this->addAttempt(); $return['message'] = $this->lang["email_incorrect"]; + return $return; } $addRequest = $this->addRequest($query->fetch(\PDO::FETCH_ASSOC)['id'], $email, "reset", $sendmail); + if ($addRequest['error'] == 1) { $this->addAttempt(); - $return['message'] = $addRequest['message']; + return $return; } @@ -337,7 +352,7 @@ class Auth $query = $this->dbh->prepare("SELECT id FROM {$this->config->table_users} WHERE email = ?"); $query->execute(array($email)); - if($query->rowCount() == 0) { + if ($query->rowCount() == 0) { return false; } @@ -356,7 +371,7 @@ class Auth $ip = $this->getIp(); $user = $this->getBaseUser($uid); - if(!$user) { + if (!$user) { return false; } @@ -365,7 +380,7 @@ class Auth $this->deleteExistingSessions($uid); - if($remember == true) { + if ($remember == true) { $data['expire'] = date("Y-m-d H:i:s", strtotime($this->config->cookie_remember)); $data['expiretime'] = strtotime($data['expire']); } else { @@ -377,11 +392,12 @@ class Auth $query = $this->dbh->prepare("INSERT INTO {$this->config->table_sessions} (uid, hash, expiredate, ip, agent, cookie_crc) VALUES (?, ?, ?, ?, ?, ?)"); - if(!$query->execute(array($uid, $data['hash'], $data['expire'], $ip, $agent, $data['cookie_crc']))) { + if (!$query->execute(array($uid, $data['hash'], $data['expire'], $ip, $agent, $data['cookie_crc']))) { return false; } $data['expire'] = strtotime($data['expire']); + return $data; } @@ -422,12 +438,13 @@ class Auth public function checkSession($hash) { $ip = $this->getIp(); - $block_status = $this->isBlocked(); + if ($block_status == "block") { $return['message'] = $this->lang["user_blocked"]; return false; } + if (strlen($hash) != 40) { return false; } @@ -440,7 +457,6 @@ class Auth } $row = $query->fetch(\PDO::FETCH_ASSOC); - $sid = $row['id']; $uid = $row['uid']; $expiredate = strtotime($row['expiredate']); @@ -516,7 +532,7 @@ class Auth $query = $this->dbh->prepare("INSERT INTO {$this->config->table_users} VALUES ()"); - if(!$query->execute()) { + if (!$query->execute()) { $return['message'] = $this->lang["system_error"] . " #03"; return $return; } @@ -524,14 +540,14 @@ class Auth $uid = $this->dbh->lastInsertId(); $email = htmlentities(strtolower($email)); - if($sendmail) { + if ($sendmail) { $addRequest = $this->addRequest($uid, $email, "activation", $sendmail); - if($addRequest['error'] == 1) { + if ($addRequest['error'] == 1) { $query = $this->dbh->prepare("DELETE FROM {$this->config->table_users} WHERE id = ?"); $query->execute(array($uid)); - $return['message'] = $addRequest['message']; + return $return; } @@ -558,11 +574,11 @@ class Auth $bindParams = array_values(array_merge(array($email, $password, $isactive), $params, array($uid))); - if(!$query->execute($bindParams)) { + if (!$query->execute($bindParams)) { $query = $this->dbh->prepare("DELETE FROM {$this->config->table_users} WHERE id = ?"); $query->execute(array($uid)); - $return['message'] = $this->lang["system_error"] . " #04"; + return $return; } @@ -592,6 +608,7 @@ class Auth } $data['uid'] = $uid; + return $data; } @@ -618,6 +635,7 @@ class Auth $data['uid'] = $uid; unset($data['password']); + return $data; } @@ -634,55 +652,59 @@ class Auth $return['error'] = true; $block_status = $this->isBlocked(); - if($block_status == "verify") - { - if($this->checkCaptcha($captcha) == false) - { + if ($block_status == "verify") { + if ($this->checkCaptcha($captcha) == false) { $return['message'] = $this->lang["user_verify_failed"]; + return $return; } } + if ($block_status == "block") { $return['message'] = $this->lang["user_blocked"]; + return $return; } $validatePassword = $this->validatePassword($password); - if($validatePassword['error'] == 1) { + if ($validatePassword['error'] == 1) { $this->addAttempt(); - $return['message'] = $validatePassword['message']; + return $return; } $user = $this->getBaseUser($uid); - if(!password_verify($password, $user['password'])) { + if (!password_verify($password, $user['password'])) { $this->addAttempt(); - $return['message'] = $this->lang["password_incorrect"]; + return $return; } $query = $this->dbh->prepare("DELETE FROM {$this->config->table_users} WHERE id = ?"); - if(!$query->execute(array($uid))) { + if (!$query->execute(array($uid))) { $return['message'] = $this->lang["system_error"] . " #05"; + return $return; } $query = $this->dbh->prepare("DELETE FROM {$this->config->table_sessions} WHERE uid = ?"); - if(!$query->execute(array($uid))) { + if (!$query->execute(array($uid))) { $return['message'] = $this->lang["system_error"] . " #06"; + return $return; } $query = $this->dbh->prepare("DELETE FROM {$this->config->table_requests} WHERE uid = ?"); - if(!$query->execute(array($uid))) { + if (!$query->execute(array($uid))) { $return['message'] = $this->lang["system_error"] . " #07"; + return $return; } @@ -705,23 +727,26 @@ class Auth { $return['error'] = true; - if($type != "activation" && $type != "reset") { + if ($type != "activation" && $type != "reset") { $return['message'] = $this->lang["system_error"] . " #08"; + return $return; } // if not set manually, check config data - if($sendmail === NULL) - { + if ($sendmail === NULL) { $sendmail = true; - if($type == "reset" && $this->config->emailmessage_suppress_reset === true ) { + if ($type == "reset" && $this->config->emailmessage_suppress_reset === true ) { $sendmail = false; $return['error'] = false; + return $return; } + if ($type == "activation" && $this->config->emailmessage_suppress_activation === true ) { $sendmail = false; $return['error'] = false; + return $return; } } @@ -729,7 +754,7 @@ class Auth $query = $this->dbh->prepare("SELECT id, expire FROM {$this->config->table_requests} WHERE uid = ? AND type = ?"); $query->execute(array($uid, $type)); - if($query->rowCount() > 0) { + if ($query->rowCount() > 0) { $row = $query->fetch(\PDO::FETCH_ASSOC); $expiredate = strtotime($row['expire']); @@ -737,14 +762,16 @@ class Auth if ($currentdate < $expiredate) { $return['message'] = $this->lang["reset_exists"]; + return $return; } $this->deleteRequest($row['id']); } - if($type == "activation" && $this->getBaseUser($uid)['isactive'] == 1) { + if ($type == "activation" && $this->getBaseUser($uid)['isactive'] == 1) { $return['message'] = $this->lang["already_activated"]; + return $return; } @@ -753,29 +780,29 @@ class Auth $query = $this->dbh->prepare("INSERT INTO {$this->config->table_requests} (uid, rkey, expire, type) VALUES (?, ?, ?, ?)"); - if(!$query->execute(array($uid, $key, $expire, $type))) { + if (!$query->execute(array($uid, $key, $expire, $type))) { $return['message'] = $this->lang["system_error"] . " #09"; + return $return; } $request_id = $this->dbh->lastInsertId(); - if($sendmail === true) - { + if ($sendmail === true) { // Check configuration for SMTP parameters - $mail = new PHPMailer; - if($this->config->smtp) { - $mail->isSMTP(); - $mail->Host = $this->config->smtp_host; - $mail->SMTPAuth = $this->config->smtp_auth; - if(!is_null($this->config->smtp_auth)) { - $mail->Username = $this->config->smtp_username; - $mail->Password = $this->config->smtp_password; - } - $mail->Port = $this->config->smtp_port; - - if(!is_null($this->config->smtp_security)) { - $mail->SMTPSecure = $this->config->smtp_security; + $mail = new PHPMailer; + if ($this->config->smtp) { + $mail->isSMTP(); + $mail->Host = $this->config->smtp_host; + $mail->SMTPAuth = $this->config->smtp_auth; + if (!is_null($this->config->smtp_auth)) { + $mail->Username = $this->config->smtp_username; + $mail->Password = $this->config->smtp_password; + } + $mail->Port = $this->config->smtp_port; + + if (!is_null($this->config->smtp_security)) { + $mail->SMTPSecure = $this->config->smtp_security; } } @@ -784,27 +811,27 @@ class Auth $mail->addAddress($email); $mail->isHTML(true); - if($type == "activation") { - + if ($type == "activation") { $mail->Subject = sprintf($this->lang['email_activation_subject'], $this->config->site_name); $mail->Body = sprintf($this->lang['email_activation_body'], $this->config->site_url, $this->config->site_activation_page, $key); $mail->AltBody = sprintf($this->lang['email_activation_altbody'], $this->config->site_url, $this->config->site_activation_page, $key); - } - else { + } else { $mail->Subject = sprintf($this->lang['email_reset_subject'], $this->config->site_name); $mail->Body = sprintf($this->lang['email_reset_body'], $this->config->site_url, $this->config->site_password_reset_page, $key); $mail->AltBody = sprintf($this->lang['email_reset_altbody'], $this->config->site_url, $this->config->site_password_reset_page, $key); } - if(!$mail->send()) { + if (!$mail->send()) { $this->deleteRequest($request_id); - $return['message'] = $this->lang["system_error"] . " #10"; + return $return; } + } $return['error'] = false; + return $return; } @@ -824,8 +851,8 @@ class Auth if ($query->rowCount() === 0) { $this->addAttempt(); - $return['message'] = $this->lang[$type."key_incorrect"]; + return $return; } @@ -836,10 +863,9 @@ class Auth if ($currentdate > $expiredate) { $this->addAttempt(); - $this->deleteRequest($row['id']); - $return['message'] = $this->lang[$type."key_expired"]; + return $return; } @@ -859,6 +885,7 @@ class Auth protected function deleteRequest($id) { $query = $this->dbh->prepare("DELETE FROM {$this->config->table_requests} WHERE id = ?"); + return $query->execute(array($id)); } @@ -873,10 +900,12 @@ class Auth if (strlen($password) < (int)$this->config->verify_password_min_length ) { $return['message'] = $this->lang["password_short"]; + return $return; } $return['error'] = false; + return $return; } @@ -891,12 +920,15 @@ class Auth if (strlen($email) < (int)$this->config->verify_email_min_length ) { $return['message'] = $this->lang["email_short"]; + return $return; } elseif (strlen($email) > (int)$this->config->verify_email_max_length ) { $return['message'] = $this->lang["email_long"]; + return $return; } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $return['message'] = $this->lang["email_invalid"]; + return $return; } @@ -905,11 +937,13 @@ class Auth if (in_array(strtolower(explode('@', $email)[1]), $bannedEmails)) { $return['message'] = $this->lang["email_banned"]; + return $return; } } $return['error'] = false; + return $return; } @@ -926,75 +960,78 @@ class Auth public function resetPass($key, $password, $repeatpassword, $captcha = NULL) { $return['error'] = true; - $block_status = $this->isBlocked(); - if($block_status == "verify") - { - if($this->checkCaptcha($captcha) == false) - { + + if ($block_status == "verify") { + if ($this->checkCaptcha($captcha) == false) { $return['message'] = $this->lang["user_verify_failed"]; + return $return; } } + if ($block_status == "block") { $return['message'] = $this->lang["user_blocked"]; + return $return; } - if(strlen($key) != 20) { + if (strlen($key) != 20) { $return['message'] = $this->lang["resetkey_invalid"]; + return $return; } $validatePassword = $this->validatePassword($password); - if($validatePassword['error'] == 1) { + if ($validatePassword['error'] == 1) { $return['message'] = $validatePassword['message']; return $return; } - if($password !== $repeatpassword) { + if ($password !== $repeatpassword) { // Passwords don't match $return['message'] = $this->lang["newpassword_nomatch"]; + return $return; } $data = $this->getRequest($key, "reset"); - if($data['error'] == 1) { + if ($data['error'] == 1) { $return['message'] = $data['message']; + return $return; } $user = $this->getBaseUser($data['uid']); - if(!$user) { + if (!$user) { $this->addAttempt(); $this->deleteRequest($data['id']); - $return['message'] = $this->lang["system_error"] . " #11"; + return $return; } - if(password_verify($password, $user['password'])) { + if (password_verify($password, $user['password'])) { $this->addAttempt(); - $return['message'] = $this->lang["newpassword_match"]; + return $return; } $password = $this->getHash($password); - $query = $this->dbh->prepare("UPDATE {$this->config->table_users} SET password = ? WHERE id = ?"); $query->execute(array($password, $data['uid'])); if ($query->rowCount() == 0) { $return['message'] = $this->lang["system_error"] . " #12"; + return $return; } $this->deleteRequest($data['id']); - $return['error'] = false; $return['message'] = $this->lang["password_reset"]; @@ -1011,30 +1048,34 @@ class Auth { $return['error'] = true; $block_status = $this->isBlocked(); + if ($block_status == "block") { $return['message'] = $this->lang["user_blocked"]; + return $return; } - if($sendmail == NULL) { + if ($sendmail == NULL) { $return['message'] = $this->lang['function_disabled']; + return $return; } $validateEmail = $this->validateEmail($email); - if($validateEmail['error'] == 1) { + if ($validateEmail['error'] == 1) { $return['message'] = $validateEmail['message']; + return $return; } $query = $this->dbh->prepare("SELECT id FROM {$this->config->table_users} WHERE email = ?"); $query->execute(array($email)); - if($query->rowCount() == 0) { + if ($query->rowCount() == 0) { $this->addAttempt(); - $return['message'] = $this->lang["email_incorrect"]; + return $return; } @@ -1042,8 +1083,8 @@ class Auth if ($this->getBaseUser($row['id'])['isactive'] == 1) { $this->addAttempt(); - $return['message'] = $this->lang["already_activated"]; + return $return; } @@ -1051,8 +1092,8 @@ class Auth if ($addRequest['error'] == 1) { $this->addAttempt(); - $return['message'] = $addRequest['message']; + return $return; } @@ -1073,60 +1114,63 @@ class Auth public function changePassword($uid, $currpass, $newpass, $repeatnewpass, $captcha = NULL) { $return['error'] = true; - $block_status = $this->isBlocked(); - if($block_status == "verify") - { - if($this->checkCaptcha($captcha) == false) - { + + if ($block_status == "verify") { + if ($this->checkCaptcha($captcha) == false) { $return['message'] = $this->lang["user_verify_failed"]; return $return; } } + if ($block_status == "block") { $return['message'] = $this->lang["user_blocked"]; + return $return; } $validatePassword = $this->validatePassword($currpass); - if($validatePassword['error'] == 1) { + if ($validatePassword['error'] == 1) { $this->addAttempt(); - $return['message'] = $validatePassword['message']; + return $return; } $validatePassword = $this->validatePassword($newpass); - if($validatePassword['error'] == 1) { + if ($validatePassword['error'] == 1) { $return['message'] = $validatePassword['message']; + return $return; - } elseif($newpass !== $repeatnewpass) { + } elseif ($newpass !== $repeatnewpass) { $return['message'] = $this->lang["newpassword_nomatch"]; + return $return; } $zxcvbn = new Zxcvbn(); - if($zxcvbn->passwordStrength($newpass)['score'] < intval($this->config->password_min_score)) { + if ($zxcvbn->passwordStrength($newpass)['score'] < intval($this->config->password_min_score)) { $return['message'] = $this->lang['password_weak']; + return $return; } $user = $this->getBaseUser($uid); - if(!$user) { + if (!$user) { $this->addAttempt(); - $return['message'] = $this->lang["system_error"] . " #13"; + return $return; } - if(!password_verify($currpass, $user['password'])) { + if (!password_verify($currpass, $user['password'])) { $this->addAttempt(); - $return['message'] = $this->lang["password_incorrect"]; + return $return; } @@ -1137,6 +1181,7 @@ class Auth $return['error'] = false; $return['message'] = $this->lang["password_changed"]; + return $return; } @@ -1152,26 +1197,27 @@ class Auth public function changeEmail($uid, $email, $password, $captcha = NULL) { $return['error'] = true; - $block_status = $this->isBlocked(); - if($block_status == "verify") - { - if($this->checkCaptcha($captcha) == false) - { + + if ($block_status == "verify") { + if ($this->checkCaptcha($captcha) == false) { $return['message'] = $this->lang["user_verify_failed"]; + return $return; } } + if ($block_status == "block") { $return['message'] = $this->lang["user_blocked"]; + return $return; } $validateEmail = $this->validateEmail($email); - if($validateEmail['error'] == 1) - { + if ($validateEmail['error'] == 1) { $return['message'] = $validateEmail['message']; + return $return; } @@ -1179,29 +1225,30 @@ class Auth if ($validatePassword['error'] == 1) { $return['message'] = $this->lang["password_notvalid"]; + return $return; } $user = $this->getBaseUser($uid); - if(!$user) { + if (!$user) { $this->addAttempt(); - $return['message'] = $this->lang["system_error"] . " #14"; + return $return; } - if(!password_verify($password, $user['password'])) { + if (!password_verify($password, $user['password'])) { $this->addAttempt(); - $return['message'] = $this->lang["password_incorrect"]; + return $return; } if ($email == $user['email']) { $this->addAttempt(); - $return['message'] = $this->lang["newemail_match"]; + return $return; } @@ -1210,11 +1257,13 @@ class Auth if ($query->rowCount() == 0) { $return['message'] = $this->lang["system_error"] . " #15"; + return $return; } $return['error'] = false; $return['message'] = $this->lang["email_changed"]; + return $return; } @@ -1225,22 +1274,21 @@ class Auth public function isBlocked() { - $ip = $this->getIp(); - $this->deleteAttempts($ip, false); - $query = $this->dbh->prepare("SELECT count(*) FROM {$this->config->table_attempts} WHERE ip = ?"); - $query->execute(array($ip)); - + $ip = $this->getIp(); + $this->deleteAttempts($ip, false); + $query = $this->dbh->prepare("SELECT count(*) FROM {$this->config->table_attempts} WHERE ip = ?"); + $query->execute(array($ip)); $attempts = $query->fetchColumn(); - if($attempts < intval($this->config->attempts_before_verify)) - { + if ($attempts < intval($this->config->attempts_before_verify)) { return "allow"; } - if($attempts < intval($this->config->attempts_before_ban)) - { + + if ($attempts < intval($this->config->attempts_before_ban)) { return "verify"; } - return "block"; + + return "block"; } @@ -1262,12 +1310,10 @@ class Auth protected function addAttempt() { $ip = $this->getIp(); - $attempt_expiredate = date("Y-m-d H:i:s", strtotime($this->config->attack_mitigation_time)); - $query = $this->dbh->prepare("INSERT INTO {$this->config->table_attempts} (ip, expiredate) VALUES (?, ?)"); - return $query->execute(array($ip, $attempt_expiredate)); + return $query->execute(array($ip, $attempt_expiredate)); } /** @@ -1279,12 +1325,11 @@ class Auth protected function deleteAttempts($ip, $all = false) { - if($all==true) - { - $query = $this->dbh->prepare("DELETE FROM {$this->config->table_attempts} WHERE ip = ?"); - return $query->execute(array($ip)); - } + if ($all==true) { + $query = $this->dbh->prepare("DELETE FROM {$this->config->table_attempts} WHERE ip = ?"); + return $query->execute(array($ip)); + } $query = $this->dbh->prepare("SELECT id, expiredate FROM {$this->config->table_attempts} WHERE ip = ?"); $query->execute(array($ip)); @@ -1292,8 +1337,7 @@ class Auth while ($row = $query->fetch(\PDO::FETCH_ASSOC)) { $expiredate = strtotime($row['expiredate']); $currentdate = strtotime(date("Y-m-d H:i:s")); - if($currentdate > $expiredate) - { + if ($currentdate > $expiredate) { $queryDel = $this->dbh->prepare("DELETE FROM {$this->config->table_attempts} WHERE id = ?"); $queryDel->execute(array($row['id'])); } @@ -1321,10 +1365,9 @@ class Auth * Returns IP address * @return string $ip */ - protected function getIp() { - if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR'] != '') { + if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR'] != '') { return $_SERVER['HTTP_X_FORWARDED_FOR']; } else { return $_SERVER['REMOTE_ADDR']; @@ -1335,7 +1378,6 @@ class Auth * Returns is user logged in * @return boolean */ - public function isLogged() { return (isset($_COOKIE[$this->config->cookie_name]) && $this->checkSession($_COOKIE[$this->config->cookie_name])); } @@ -21,8 +21,9 @@ class Config { $this->dbh = $dbh; - if (func_num_args() > 1) + if (func_num_args() > 1) { $this->config_table = $config_table; + } $this->config = array(); @@ -57,10 +58,12 @@ class Config { $query = $this->dbh->prepare("UPDATE {$this->config_table} SET value = ? WHERE setting = ?"); - if($query->execute(array($value, $setting))) { + if ($query->execute(array($value, $setting))) { $this->config[$setting] = $value; + return true; } + return false; } @@ -71,11 +74,11 @@ class Config * @param mixed $value * @return bool */ - public function override($setting, $value){ - + public function override($setting, $value) + { $this->config[$setting] = $value; - return true; + return true; } /** @@ -88,33 +91,39 @@ class Config { // verify* values. - if (! isset($this->config['verify_password_min_length']) ) + if (!isset($this->config['verify_password_min_length'])) { $this->config['verify_password_min_length'] = 3; + } - if (! isset($this->config['verify_password_max_length']) ) + if (!isset($this->config['verify_password_max_length'])) { $this->config['verify_password_max_length'] = 150; + } - if (! isset($this->config['verify_password_strong_requirements']) ) + if (!isset($this->config['verify_password_strong_requirements'])) { $this->config['verify_password_strong_requirements'] = 1; + } - if (! isset($this->config['verify_email_min_length']) ) + if (!isset($this->config['verify_email_min_length'])) { $this->config['verify_email_min_length'] = 5; + } - if (! isset($this->config['verify_email_max_length']) ) + if (!isset($this->config['verify_email_max_length'])) { $this->config['verify_email_max_length'] = 100; + } - if (! isset($this->config['verify_email_use_banlist']) ) + if (!isset($this->config['verify_email_use_banlist'])) { $this->config['verify_email_use_banlist'] = 1; + } // emailmessage* values - if (! isset($this->config['emailmessage_suppress_activation']) ) + if (!isset($this->config['emailmessage_suppress_activation'])) { $this->config['emailmessage_suppress_activation'] = 0; + } - if (! isset($this->config['emailmessage_suppress_reset']) ) + if (!isset($this->config['emailmessage_suppress_reset'])) { $this->config['emailmessage_suppress_reset'] = 0; - + } } - } |