/**
* Generate a >22-length pseudo random string to be used as salt for passwords
*
* @return string
*/
PHP_METHOD(Phalcon_Security, getSaltBytes){
zval *number_bytes, *random_bytes = NULL, *base64bytes = NULL;
zval *safe_bytes = NULL, *bytes_length = NULL;
PHALCON_MM_GROW();
if (phalcon_function_exists_ex(SS("openssl_random_pseudo_bytes") TSRMLS_CC) == FAILURE) {
PHALCON_THROW_EXCEPTION_STR(phalcon_security_exception_ce, "Openssl extension must be loaded");
return;
}
PHALCON_OBS_VAR(number_bytes);
phalcon_read_property_this(&number_bytes, this_ptr, SL("_numberBytes"), PH_NOISY_CC);
while (1) {
PHALCON_INIT_NVAR(random_bytes);
phalcon_call_func_p1(random_bytes, "openssl_random_pseudo_bytes", number_bytes);
PHALCON_INIT_NVAR(base64bytes);
phalcon_base64_encode(base64bytes, random_bytes);
PHALCON_INIT_NVAR(safe_bytes);
phalcon_filter_alphanum(safe_bytes, base64bytes);
if (!zend_is_true(safe_bytes)) {
continue;
}
PHALCON_INIT_NVAR(bytes_length);
phalcon_fast_strlen(bytes_length, safe_bytes);
if (PHALCON_LT_LONG(bytes_length, 22)) {
continue;
}
break;
}
RETURN_CTOR(safe_bytes);
}
/**
* Executes the validation
*
* @param Phalcon\Validation $validator
* @param string $attribute
* @return boolean
*/
PHP_METHOD(Phalcon_Validation_Validator_StringLength, validate){
zval *validator, *attribute, *option = NULL, *is_set_min;
zval *is_set_max, *value, *length = NULL, *invalid_maximum = NULL;
zval *invalid_minimum = NULL, *maximum, *message_str = NULL;
zval *type = NULL, *message = NULL, *minimum;
PHALCON_MM_GROW();
phalcon_fetch_params(1, 2, 0, &validator, &attribute);
/**
* At least one of 'min' or 'max' must be set
*/
PHALCON_INIT_VAR(option);
ZVAL_STRING(option, "min", 1);
PHALCON_INIT_VAR(is_set_min);
phalcon_call_method_p1(is_set_min, this_ptr, "issetoption", option);
PHALCON_INIT_NVAR(option);
ZVAL_STRING(option, "max", 1);
PHALCON_INIT_VAR(is_set_max);
phalcon_call_method_p1(is_set_max, this_ptr, "issetoption", option);
if (!zend_is_true(is_set_min)) {
if (!zend_is_true(is_set_max)) {
PHALCON_THROW_EXCEPTION_STR(phalcon_mvc_model_exception_ce, "A minimum or maximum must be set");
return;
}
}
PHALCON_INIT_VAR(value);
phalcon_call_method_p1(value, validator, "getvalue", attribute);
/**
* Check if mbstring is available to calculate the correct length
*/
if (phalcon_function_exists_ex(SS("mb_strlen") TSRMLS_CC) == SUCCESS) {
PHALCON_INIT_VAR(length);
phalcon_call_func_p1(length, "mb_strlen", value);
} else {
PHALCON_INIT_NVAR(length);
phalcon_fast_strlen(length, value);
}
PHALCON_INIT_VAR(invalid_maximum);
ZVAL_BOOL(invalid_maximum, 0);
PHALCON_INIT_VAR(invalid_minimum);
ZVAL_BOOL(invalid_minimum, 0);
/**
* Maximum length
*/
if (zend_is_true(is_set_max)) {
PHALCON_INIT_NVAR(option);
ZVAL_STRING(option, "max", 1);
PHALCON_INIT_VAR(maximum);
phalcon_call_method_p1(maximum, this_ptr, "getoption", option);
is_smaller_function(invalid_maximum, maximum, length TSRMLS_CC);
if (PHALCON_IS_TRUE(invalid_maximum)) {
/**
* Check if the developer has defined a custom message
*/
PHALCON_INIT_NVAR(option);
ZVAL_STRING(option, "messageMaximum", 1);
PHALCON_INIT_VAR(message_str);
phalcon_call_method_p1(message_str, this_ptr, "getoption", option);
if (!zend_is_true(message_str)) {
PHALCON_INIT_NVAR(message_str);
PHALCON_CONCAT_SVSVS(message_str, "Value of field '", attribute, "' exceeds the maximum ", maximum, " characters");
}
PHALCON_INIT_VAR(type);
ZVAL_STRING(type, "TooLong", 1);
PHALCON_INIT_VAR(message);
object_init_ex(message, phalcon_validation_message_ce);
phalcon_call_method_p3_noret(message, "__construct", message_str, attribute, type);
phalcon_call_method_p1_noret(validator, "appendmessage", message);
RETURN_MM_FALSE;
}
}
/**
* Minimum length
*/
if (zend_is_true(is_set_min)) {
PHALCON_INIT_NVAR(option);
ZVAL_STRING(option, "min", 1);
PHALCON_INIT_VAR(minimum);
phalcon_call_method_p1(minimum, this_ptr, "getoption", option);
is_smaller_function(invalid_minimum, length, minimum TSRMLS_CC);
if (PHALCON_IS_TRUE(invalid_minimum)) {
/**
* Check if the developer has defined a custom message
*/
PHALCON_INIT_NVAR(option);
ZVAL_STRING(option, "messageMinimum", 1);
PHALCON_INIT_NVAR(message_str);
phalcon_call_method_p1(message_str, this_ptr, "getoption", option);
if (!zend_is_true(message_str)) {
PHALCON_INIT_NVAR(message_str);
PHALCON_CONCAT_SVSVS(message_str, "Value of field '", attribute, "' is less than the minimum ", minimum, " characters");
}
PHALCON_INIT_NVAR(type);
ZVAL_STRING(type, "TooShort", 1);
PHALCON_INIT_NVAR(message);
object_init_ex(message, phalcon_validation_message_ce);
phalcon_call_method_p3_noret(message, "__construct", message_str, attribute, type);
phalcon_call_method_p1_noret(validator, "appendmessage", message);
RETURN_MM_FALSE;
}
}
RETURN_MM_TRUE;
}
/**
* Decrypts an encrypted text
*
*<code>
* echo $crypt->decrypt($encrypted, "decrypt password");
*</code>
*
* @param string $text
* @param string $key
* @return string
*/
PHP_METHOD(Phalcon_Crypt, decrypt){
zval *text, *key = NULL, *decrypt_key = NULL, *cipher, *mode, *iv_size = NULL;
zval *key_size, *text_size, *iv, *text_to_decipher, *decrypted = NULL;
zval *padding_type, *block_size = NULL;
zval *handler, *arguments = NULL, *value = NULL;
PHALCON_MM_GROW();
phalcon_fetch_params(1, 1, 1, &text, &key);
if (phalcon_function_exists_ex(SS("mcrypt_get_iv_size") TSRMLS_CC) == FAILURE) {
PHALCON_THROW_EXCEPTION_STR(phalcon_crypt_exception_ce, "mcrypt extension is required");
return;
}
PHALCON_OBS_VAR(handler);
phalcon_read_property_this(&handler, this_ptr, SL("_beforeDecrypt"), PH_NOISY TSRMLS_CC);
if (phalcon_is_callable(handler TSRMLS_CC)) {
PHALCON_SEPARATE_PARAM(text);
PHALCON_INIT_NVAR(arguments);
array_init_size(arguments, 1);
phalcon_array_append(&arguments, text, 0);
PHALCON_INIT_NVAR(value);
PHALCON_CALL_USER_FUNC_ARRAY(value, handler, arguments);
PHALCON_CPY_WRT(text, value);
}
if (!key || Z_TYPE_P(key) == IS_NULL) {
decrypt_key = phalcon_fetch_nproperty_this(this_ptr, SL("_key"), PH_NOISY TSRMLS_CC);
} else {
decrypt_key = key;
}
if (PHALCON_IS_EMPTY(decrypt_key)) {
PHALCON_THROW_EXCEPTION_STR(phalcon_crypt_exception_ce, "Decryption key cannot be empty");
return;
}
cipher = phalcon_fetch_nproperty_this(this_ptr, SL("_cipher"), PH_NOISY TSRMLS_CC);
mode = phalcon_fetch_nproperty_this(this_ptr, SL("_mode"), PH_NOISY TSRMLS_CC);
PHALCON_CALL_FUNCTION(&iv_size, "mcrypt_get_iv_size", cipher, mode);
if (unlikely(Z_TYPE_P(iv_size) != IS_LONG)) {
convert_to_long(iv_size);
}
PHALCON_INIT_VAR(key_size);
phalcon_fast_strlen(key_size, decrypt_key);
if (PHALCON_GT(key_size, iv_size)) {
PHALCON_THROW_EXCEPTION_STR(phalcon_crypt_exception_ce, "Size of key is too large for this algorithm");
return;
}
PHALCON_INIT_VAR(text_size);
phalcon_fast_strlen(text_size, text);
if (PHALCON_GT(key_size, text_size)) {
PHALCON_THROW_EXCEPTION_STR(phalcon_crypt_exception_ce, "Size of IV is larger than text to decrypt");
return;
}
PHALCON_INIT_VAR(iv);
phalcon_substr(iv, text, 0, Z_LVAL_P(iv_size));
PHALCON_INIT_VAR(text_to_decipher);
phalcon_substr(text_to_decipher, text, Z_LVAL_P(iv_size), 0);
PHALCON_CALL_FUNCTION(&decrypted, "mcrypt_decrypt", cipher, decrypt_key, text_to_decipher, mode, iv);
if (unlikely(Z_TYPE_P(decrypted) != IS_STRING)) {
convert_to_string(decrypted);
}
PHALCON_CALL_FUNCTION(&block_size, "mcrypt_get_block_size", cipher, mode);
if (unlikely(Z_TYPE_P(block_size) != IS_LONG)) {
convert_to_long(block_size);
}
padding_type = phalcon_fetch_nproperty_this(this_ptr, SL("_padding"), PH_NOISY TSRMLS_CC);
assert(Z_TYPE_P(padding_type) == IS_LONG);
assert(Z_TYPE_P(block_size) == IS_LONG);
assert(Z_TYPE_P(mode) == IS_STRING);
assert(Z_TYPE_P(decrypted) == IS_STRING);
phalcon_crypt_unpad_text(return_value, decrypted, mode, Z_LVAL_P(block_size), Z_LVAL_P(padding_type) TSRMLS_CC);
PHALCON_OBS_NVAR(handler);
phalcon_read_property_this(&handler, this_ptr, SL("_afterDecrypt"), PH_NOISY TSRMLS_CC);
if (phalcon_is_callable(handler TSRMLS_CC)) {
PHALCON_INIT_NVAR(arguments);
array_init_size(arguments, 1);
phalcon_array_append(&arguments, return_value, 0);
PHALCON_INIT_NVAR(value);
PHALCON_CALL_USER_FUNC_ARRAY(value, handler, arguments);
RETURN_CTOR(value);
}
RETURN_MM();
}
