/** * Generate a >22-length pseudo random string to be used as salt for passwords * * @return string */ PHP_METHOD(Phalcon_Security, getSaltBytes){ zval *number_bytes, *random_bytes = NULL, *base64bytes = NULL; zval *safe_bytes = NULL, *bytes_length = NULL; PHALCON_MM_GROW(); if (phalcon_function_exists_ex(SS("openssl_random_pseudo_bytes") TSRMLS_CC) == FAILURE) { PHALCON_THROW_EXCEPTION_STR(phalcon_security_exception_ce, "Openssl extension must be loaded"); return; } PHALCON_OBS_VAR(number_bytes); phalcon_read_property_this(&number_bytes, this_ptr, SL("_numberBytes"), PH_NOISY_CC); while (1) { PHALCON_INIT_NVAR(random_bytes); phalcon_call_func_p1(random_bytes, "openssl_random_pseudo_bytes", number_bytes); PHALCON_INIT_NVAR(base64bytes); phalcon_base64_encode(base64bytes, random_bytes); PHALCON_INIT_NVAR(safe_bytes); phalcon_filter_alphanum(safe_bytes, base64bytes); if (!zend_is_true(safe_bytes)) { continue; } PHALCON_INIT_NVAR(bytes_length); phalcon_fast_strlen(bytes_length, safe_bytes); if (PHALCON_LT_LONG(bytes_length, 22)) { continue; } break; } RETURN_CTOR(safe_bytes); }
/** * Executes the validation * * @param Phalcon\Validation $validator * @param string $attribute * @return boolean */ PHP_METHOD(Phalcon_Validation_Validator_StringLength, validate){ zval *validator, *attribute, *option = NULL, *is_set_min; zval *is_set_max, *value, *length = NULL, *invalid_maximum = NULL; zval *invalid_minimum = NULL, *maximum, *message_str = NULL; zval *type = NULL, *message = NULL, *minimum; PHALCON_MM_GROW(); phalcon_fetch_params(1, 2, 0, &validator, &attribute); /** * At least one of 'min' or 'max' must be set */ PHALCON_INIT_VAR(option); ZVAL_STRING(option, "min", 1); PHALCON_INIT_VAR(is_set_min); phalcon_call_method_p1(is_set_min, this_ptr, "issetoption", option); PHALCON_INIT_NVAR(option); ZVAL_STRING(option, "max", 1); PHALCON_INIT_VAR(is_set_max); phalcon_call_method_p1(is_set_max, this_ptr, "issetoption", option); if (!zend_is_true(is_set_min)) { if (!zend_is_true(is_set_max)) { PHALCON_THROW_EXCEPTION_STR(phalcon_mvc_model_exception_ce, "A minimum or maximum must be set"); return; } } PHALCON_INIT_VAR(value); phalcon_call_method_p1(value, validator, "getvalue", attribute); /** * Check if mbstring is available to calculate the correct length */ if (phalcon_function_exists_ex(SS("mb_strlen") TSRMLS_CC) == SUCCESS) { PHALCON_INIT_VAR(length); phalcon_call_func_p1(length, "mb_strlen", value); } else { PHALCON_INIT_NVAR(length); phalcon_fast_strlen(length, value); } PHALCON_INIT_VAR(invalid_maximum); ZVAL_BOOL(invalid_maximum, 0); PHALCON_INIT_VAR(invalid_minimum); ZVAL_BOOL(invalid_minimum, 0); /** * Maximum length */ if (zend_is_true(is_set_max)) { PHALCON_INIT_NVAR(option); ZVAL_STRING(option, "max", 1); PHALCON_INIT_VAR(maximum); phalcon_call_method_p1(maximum, this_ptr, "getoption", option); is_smaller_function(invalid_maximum, maximum, length TSRMLS_CC); if (PHALCON_IS_TRUE(invalid_maximum)) { /** * Check if the developer has defined a custom message */ PHALCON_INIT_NVAR(option); ZVAL_STRING(option, "messageMaximum", 1); PHALCON_INIT_VAR(message_str); phalcon_call_method_p1(message_str, this_ptr, "getoption", option); if (!zend_is_true(message_str)) { PHALCON_INIT_NVAR(message_str); PHALCON_CONCAT_SVSVS(message_str, "Value of field '", attribute, "' exceeds the maximum ", maximum, " characters"); } PHALCON_INIT_VAR(type); ZVAL_STRING(type, "TooLong", 1); PHALCON_INIT_VAR(message); object_init_ex(message, phalcon_validation_message_ce); phalcon_call_method_p3_noret(message, "__construct", message_str, attribute, type); phalcon_call_method_p1_noret(validator, "appendmessage", message); RETURN_MM_FALSE; } } /** * Minimum length */ if (zend_is_true(is_set_min)) { PHALCON_INIT_NVAR(option); ZVAL_STRING(option, "min", 1); PHALCON_INIT_VAR(minimum); phalcon_call_method_p1(minimum, this_ptr, "getoption", option); is_smaller_function(invalid_minimum, length, minimum TSRMLS_CC); if (PHALCON_IS_TRUE(invalid_minimum)) { /** * Check if the developer has defined a custom message */ PHALCON_INIT_NVAR(option); ZVAL_STRING(option, "messageMinimum", 1); PHALCON_INIT_NVAR(message_str); phalcon_call_method_p1(message_str, this_ptr, "getoption", option); if (!zend_is_true(message_str)) { PHALCON_INIT_NVAR(message_str); PHALCON_CONCAT_SVSVS(message_str, "Value of field '", attribute, "' is less than the minimum ", minimum, " characters"); } PHALCON_INIT_NVAR(type); ZVAL_STRING(type, "TooShort", 1); PHALCON_INIT_NVAR(message); object_init_ex(message, phalcon_validation_message_ce); phalcon_call_method_p3_noret(message, "__construct", message_str, attribute, type); phalcon_call_method_p1_noret(validator, "appendmessage", message); RETURN_MM_FALSE; } } RETURN_MM_TRUE; }
/** * Decrypts an encrypted text * *<code> * echo $crypt->decrypt($encrypted, "decrypt password"); *</code> * * @param string $text * @param string $key * @return string */ PHP_METHOD(Phalcon_Crypt, decrypt){ zval *text, *key = NULL, *decrypt_key = NULL, *cipher, *mode, *iv_size = NULL; zval *key_size, *text_size, *iv, *text_to_decipher, *decrypted = NULL; zval *padding_type, *block_size = NULL; zval *handler, *arguments = NULL, *value = NULL; PHALCON_MM_GROW(); phalcon_fetch_params(1, 1, 1, &text, &key); if (phalcon_function_exists_ex(SS("mcrypt_get_iv_size") TSRMLS_CC) == FAILURE) { PHALCON_THROW_EXCEPTION_STR(phalcon_crypt_exception_ce, "mcrypt extension is required"); return; } PHALCON_OBS_VAR(handler); phalcon_read_property_this(&handler, this_ptr, SL("_beforeDecrypt"), PH_NOISY TSRMLS_CC); if (phalcon_is_callable(handler TSRMLS_CC)) { PHALCON_SEPARATE_PARAM(text); PHALCON_INIT_NVAR(arguments); array_init_size(arguments, 1); phalcon_array_append(&arguments, text, 0); PHALCON_INIT_NVAR(value); PHALCON_CALL_USER_FUNC_ARRAY(value, handler, arguments); PHALCON_CPY_WRT(text, value); } if (!key || Z_TYPE_P(key) == IS_NULL) { decrypt_key = phalcon_fetch_nproperty_this(this_ptr, SL("_key"), PH_NOISY TSRMLS_CC); } else { decrypt_key = key; } if (PHALCON_IS_EMPTY(decrypt_key)) { PHALCON_THROW_EXCEPTION_STR(phalcon_crypt_exception_ce, "Decryption key cannot be empty"); return; } cipher = phalcon_fetch_nproperty_this(this_ptr, SL("_cipher"), PH_NOISY TSRMLS_CC); mode = phalcon_fetch_nproperty_this(this_ptr, SL("_mode"), PH_NOISY TSRMLS_CC); PHALCON_CALL_FUNCTION(&iv_size, "mcrypt_get_iv_size", cipher, mode); if (unlikely(Z_TYPE_P(iv_size) != IS_LONG)) { convert_to_long(iv_size); } PHALCON_INIT_VAR(key_size); phalcon_fast_strlen(key_size, decrypt_key); if (PHALCON_GT(key_size, iv_size)) { PHALCON_THROW_EXCEPTION_STR(phalcon_crypt_exception_ce, "Size of key is too large for this algorithm"); return; } PHALCON_INIT_VAR(text_size); phalcon_fast_strlen(text_size, text); if (PHALCON_GT(key_size, text_size)) { PHALCON_THROW_EXCEPTION_STR(phalcon_crypt_exception_ce, "Size of IV is larger than text to decrypt"); return; } PHALCON_INIT_VAR(iv); phalcon_substr(iv, text, 0, Z_LVAL_P(iv_size)); PHALCON_INIT_VAR(text_to_decipher); phalcon_substr(text_to_decipher, text, Z_LVAL_P(iv_size), 0); PHALCON_CALL_FUNCTION(&decrypted, "mcrypt_decrypt", cipher, decrypt_key, text_to_decipher, mode, iv); if (unlikely(Z_TYPE_P(decrypted) != IS_STRING)) { convert_to_string(decrypted); } PHALCON_CALL_FUNCTION(&block_size, "mcrypt_get_block_size", cipher, mode); if (unlikely(Z_TYPE_P(block_size) != IS_LONG)) { convert_to_long(block_size); } padding_type = phalcon_fetch_nproperty_this(this_ptr, SL("_padding"), PH_NOISY TSRMLS_CC); assert(Z_TYPE_P(padding_type) == IS_LONG); assert(Z_TYPE_P(block_size) == IS_LONG); assert(Z_TYPE_P(mode) == IS_STRING); assert(Z_TYPE_P(decrypted) == IS_STRING); phalcon_crypt_unpad_text(return_value, decrypted, mode, Z_LVAL_P(block_size), Z_LVAL_P(padding_type) TSRMLS_CC); PHALCON_OBS_NVAR(handler); phalcon_read_property_this(&handler, this_ptr, SL("_afterDecrypt"), PH_NOISY TSRMLS_CC); if (phalcon_is_callable(handler TSRMLS_CC)) { PHALCON_INIT_NVAR(arguments); array_init_size(arguments, 1); phalcon_array_append(&arguments, return_value, 0); PHALCON_INIT_NVAR(value); PHALCON_CALL_USER_FUNC_ARRAY(value, handler, arguments); RETURN_CTOR(value); } RETURN_MM(); }