yohan/SemanticScuttle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Final changes to privateweb

Browse Source
This commit is contained in:
Mark Pemberton 2011-04-06 14:33:15 -04:00
parent 331f7e9687
commit 828b8fdf32
9 changed files with 86 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
data/templates/editprofile.tpl.php
View File

@ -32,7 +32,11 @@ $this->includeTemplate($GLOBALS['top_include']);
</tr>
<tr>
<th align="left"><?php echo T_('Private RSS Feed'); ?></th>
<td><input type="checkbox" id="pEnablePrivateKey" name="pEnablePrivateKey" value="1" <?php if (strlen($privateKey)==32) echo 'checked="checked"'; ?>><?php echo T_('Enable'); ?>&nbsp;&nbsp;&nbsp;<input type="text" id="pPrivateKey" name="pPrivateKey" size="40" value="<?php echo substr($privateKey, -32);?>" readonly /><input type="submit" name="submittedPK" value="<?php echo T_('Generate New Key'); ?>" /></td>
<td><input type="checkbox" id="pEnablePrivateKey" name="pEnablePrivateKey" value="true" <?php echo $privateKeyIsEnabled;?> />
<label for="pEnablePrivateKey"><?php echo T_('Enable'); ?></label>&nbsp;&nbsp;&nbsp;
<input type="text" id="pPrivateKey" name="pPrivateKey" size="40" value="<?php echo $privateKey;?>" readonly="readonly" />
<input type="submit" name="submittedPK" value="<?php echo T_('Generate New Key'); ?>" />
</td>
</tr>
</table>

4
data/templates/top.inc.php
View File

@ -5,12 +5,12 @@
<title><?php echo filter($GLOBALS['sitename'] .(isset($pagetitle) ? ' » ' . $pagetitle : '')); ?></title>
<link rel="icon" type="image/png" href="<?php echo ROOT ?>icon.png" />
<link rel="stylesheet" type="text/css" href="<?php echo ROOT ?>scuttle.css" />
<link rel="search" type="application/opensearchdescription+xml" href="<?php echo ROOT ?>api/opensearch.php" title="<?php echo $GLOBALS['sitename'] ?>"/>
<link rel="search" type="application/opensearchdescription+xml" href="<?php echo ROOT ?>api/opensearch.php" title="<?php echo htmlspecialchars($GLOBALS['sitename']) ?>"/>
<?php
if (isset($rsschannels)) {
$size = count($rsschannels);
for ($i = 0; $i < $size; $i++) {
echo ' <link rel="alternate" type="application/rss+xml" title="' . htmlspecialchars($rsschannels[$i][0]) . '"'
echo ' <link rel="alternate" type="application/rss+xml" title="' . $rsschannels[$i][0] . '"'
. ' href="'. $rsschannels[$i][1] .'" />'."\n";
}
}

11
src/SemanticScuttle/Model/User.php
View File

@ -72,9 +72,12 @@ class SemanticScuttle_Model_User
/**
* Returns private key
*
* @param boolean return sanitized value which basically drops
* leading dash if exists
*
* @return string private key
*/
public function getPrivateKey()
public function getPrivateKey($sanitized = false)
{
// Look for value only if not already set
if (!isset($this->privateKey)) {
@ -82,7 +85,11 @@ class SemanticScuttle_Model_User
$user = $us->getUser($this->id);
$this->privateKey = $user['privateKey'];
}
return $this->privateKey;
if ($sanitized == true) {
return substr($this->privateKey, -32);
} else {
return $this->privateKey;
}
}
/**

50
src/SemanticScuttle/Service/User.php
View File

@ -337,6 +337,22 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
return ($this->getCurrentUserId() !== false);
}
/**
* Tells you if the private key is enabled and valid
*
* @param string $privateKey Private Key
*
* @return boolean True if enabled and valid
*/
public function isPrivateKeyValid($privateKey)
{
// check length of private key
if (strlen($privateKey) == 32) {
return true;
}
return false;
}
/**
* Returns the current user object
*
@ -577,10 +593,8 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
*/
public function loginPrivateKey($username, $privatekey)
{
/* Check for size, only 32 char keys will work */
/* Failsafe to hopefully lessen hackability and */
/* deactivated keys (preceded by dash) */
if (strlen($privatekey) != 32) {
/* Check if private key valid and enabled */
if (!$this->isPrivateKeyValid($privatekey)) {
return false;
}
@ -839,37 +853,37 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
/**
* Update User Record
*
* @param string $uId User ID
* @param string $password User Password
* @param string $name User Name
* @param string $email Email Address
* @param string $homepage Homepage URL
* @param string $uContent Content
* @param string $privateKey RSS Private Key
* @param string $enablePrivateRSS RSS Private Key
* @param string $uId User ID
* @param string $password User Password
* @param string $name User Name
* @param string $email Email Address
* @param string $homepage Homepage URL
* @param string $uContent Content
* @param string $privateKey RSS Private Key
* @param boolean $enablePrivateKey RSS Private Key Flag
*
* @return boolean true if it successful, false if not
*/
function updateUser(
$uId, $password, $name, $email, $homepage, $uContent,
$privateKey=null, $enablePrivateRSS=0
$privateKey=null, $enablePrivateKey=false
) {
if (!is_numeric($uId)) {
return false;
}
// prepend - to privateKey if disabled
if ($privateKey!=null and strlen($privateKey)==32 and $enablePrivateRSS==0) {
if ($privateKey!=null and strlen($privateKey)==32 and $enablePrivateKey==false) {
$privateKey = "-".$privateKey;
}
// remove - from privateKey if enabling
if ($privateKey!=null and strlen($privateKey)==33 and $enablePrivateRSS==1) {
if ($privateKey!=null and strlen($privateKey)==33 and $enablePrivateKey==true) {
$privateKey = substr($privateKey, 1, 32);
}
// if new user is enabling Private RSS, create new key
if ($privateKey==null and $enablePrivateRSS==1) {
// if new user is enabling Private Key, create new key
if ($privateKey==null and $enablePrivateKey==true) {
$privateKey = $this->getNewPrivateKey();
}
@ -911,7 +925,7 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
*
* @return array List of Users
*/
function getAllUsers ()
function getAllUsers()
{
$query = 'SELECT * FROM '. $this->getTableName();

17
tests/UserTest.php
View File

@ -222,7 +222,24 @@ class UserTest extends TestBase
$this->assertTrue($this->us->privateKeyExists($randKey));
}
/**
* Test loginPrivateKey() function returns righ
*
* @return void
*/
public function testIfPrivateKeyValid()
{
/* null value for user who never setup privatekey */
$this->assertFalse($this->us->isPrivateKeyValid(null));
/* normal user with enabled privatekey */
$randKey = $this->us->getNewPrivateKey();
$this->assertTrue($this->us->isPrivateKeyValid($randKey));
/* user that has disabled privatekey */
$randKey2 = '-'.$this->us->getNewPrivateKey();
$this->assertFalse($this->us->isPrivateKeyValid($randKey2));
}
/**
* Test loginPrivateKey() function returns righ

4
www/bookmarks.php
View File

@ -259,12 +259,12 @@ if ($templatename == 'editbookmark.tpl') {
)
);
if ($userservice->isLoggedOn()) {
if (strlen($currentUser->getPrivateKey()) == 32) {
if ($userservice->isPrivateKeyValid($currentUser->getPrivateKey())) {
array_push(
$tplVars['rsschannels'],
array(
filter($sitename . sprintf(T_(': (private) ')) . $pagetitle),
createURL('rss', filter($user, 'url') . $rssCat.'?sort='.getSortOrder().'&privatekey='.$currentUser->getPrivateKey())
createURL('rss', filter($user, 'url') . $rssCat.'?sort='.getSortOrder().'&amp;privatekey='.$currentUser->getPrivateKey())
)
);
}

6
www/index.php
View File

@ -40,15 +40,15 @@ if (GET_ACTION == "logout") {
// Header variables
$tplVars['loadjs'] = true;
$tplVars['rsschannels'] = array(
array(sprintf(T_('%s: Recent bookmarks'), $sitename), createURL('rss').'?sort='.getSortOrder())
array(filter(sprintf(T_('%s: Recent bookmarks'), $sitename)), createURL('rss').'?sort='.getSortOrder())
);
if ($userservice->isLoggedOn()) {
$currentUsername = $currentUser->getUsername();
if ($currentUser->getPrivateKey() <> null && strlen($currentUser->getPrivateKey()) == 32) {
if ($userservice->isPrivateKeyValid($currentUser->getPrivateKey())) {
array_push(
$tplVars['rsschannels'],
array(
filter($sitename . sprintf(T_(': (private) ')) . $sitename),
filter($sitename . sprintf(T_(': (private) ')) . $currentUsername),
createURL('rss', filter($currentUsername, 'url') . '?sort='.getSortOrder().'&amp;privatekey='.$currentUser->getPrivateKey())
)
);

16
www/profile.php
View File

@ -63,9 +63,16 @@ if ($user) {
exit();
}
$tplVars['privateKeyIsEnabled'] = '';
if ($userservice->isLoggedOn() && $user == $currentUser->getUsername()) {
$title = T_('My Profile');
$tplVars['privateKey'] = $currentUser->getPrivateKey();
$tplVars['privateKey'] = $currentUser->getPrivateKey(true);
if ($userservice->isPrivateKeyValid($currentUser->getPrivateKey())) {
$tplVars['privateKeyIsEnabled'] = 'checked="checked"';
} else {
$tplVars['privateKeyIsEnabled'] = '';
}
} else {
$title = T_('Profile') .': '. $user;
$tplVars['privateKey'] = '';
@ -120,7 +127,12 @@ if (POST_SUBMITTED!='' && $currentUser->getId() == $userid) {
}
}
$userinfo = $userservice->getObjectUserByUsername($user);
$tplVars['privateKey'] = $userinfo->getPrivateKey();
$tplVars['privateKey'] = $userinfo->getPrivateKey(true);
if ($userservice->isPrivateKeyValid($userinfo->getPrivateKey())) {
$tplVars['privateKeyIsEnabled'] = 'checked="checked"';
} else {
$tplVars['privateKeyIsEnabled'] = '';
}
}
if (!$userservice->isLoggedOn() || $currentUser->getId() != $userid) {

2
www/rss.php
View File

@ -84,6 +84,7 @@ if ($user && $user != 'all') {
$isTempLogin = true;
} else {
$tplVars['error'] = sprintf(T_('Failed to Autenticate User with username %s using private key'), $user);
header('Content-type: text/html; charset=utf-8');
$templateservice->loadTemplate('error.404.tpl', $tplVars);
//throw a 404 error
exit();
@ -92,6 +93,7 @@ if ($user && $user != 'all') {
}
} else {
$tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
header('Content-type: text/html; charset=utf-8');
$templateservice->loadTemplate('error.404.tpl', $tplVars);
//throw a 404 error
exit();