PHP Класс PMA\libraries\plugins\auth\AuthenticationCookie

Наследование: extends PMA\libraries\plugins\AuthenticationPlugin

Показать файл Открыть проект Примеры использования класса

Открытые методы

Метод	Описание
auth ( ) : boolean \| void	Displays authentication form
authCheck ( ) : boolean	Gets advanced authentication settings
authFails ( ) : void	User is not allowed to login to MySQL -> authentication failed
authSetUser ( ) : boolean	Set the user and password after last checkings if required
cookieDecrypt ( string $encdata, string $secret ) : string \| boolean	Decryption using openssl's AES or phpseclib's AES (phpseclib uses mcrypt when it is available)
cookieEncrypt ( string $data, string $secret ) : string	Encryption using openssl's AES or phpseclib's AES (phpseclib uses mcrypt when it is available)
createIV ( ) : void	Initialization Store the initialization vector because it will be needed for further decryption. I don't think necessary to have one iv per server so I don't put the server number in the cookie name.
enlargeSecret ( string $secret ) : string	Concatenates secret in order to make it 16 bytes log
getAESSecret ( string $secret ) : string	Derives AES secret from encryption secret.
getIVSize ( ) : integer	Returns size of IV for encryption.
getMACSecret ( string $secret ) : string	Derives MAC secret from encryption secret.
handlePasswordChange ( string $password ) : void	Callback when user changes password.
logOut ( ) : void	Perform logout
setIV ( string $vector ) : void	Sets encryption IV to use
storePasswordCookie ( string $password ) : void	Stores password in a cookie.
storeUserCredentials ( ) : void \| boolean	Stores user credentials after successful login.
storeUsernameCookie ( string $username ) : void	Stores username in a cookie.
useOpenSSL ( ) : boolean	Checks whether we should use openssl for encryption.

Приватные методы

Метод	Описание
_getEncryptionSecret ( ) : string	Returns blowfish secret or generates one if needed.
_getSessionEncryptionSecret ( ) : string	Returns blowfish secret or generates one if needed.

Описание методов

auth() публичный Метод

this function MUST exit/quit the application

public auth ( ) : boolean \| void
Результат	boolean \| void

authCheck() публичный Метод

this function DOES NOT check authentication - it just checks/provides authentication credentials required to connect to the MySQL server usually with $GLOBALS['dbi']->connect() it returns false if something is missing - which usually leads to auth() which displays login form it returns true if all seems ok which usually leads to auth_set_user() it directly switches to authFails() if user inactivity timeout is reached

public authCheck ( ) : boolean
Результат	boolean	whether we get authentication settings or not

authFails() публичный Метод

prepares error message and switches to auth() which display the error and the login form this function MUST exit/quit the application, currently done by call to auth()

public authFails ( ) : void
Результат	void

authSetUser() публичный Метод

Set the user and password after last checkings if required

public authSetUser ( ) : boolean
Результат	boolean	always true

cookieDecrypt() публичный Метод

Decryption using openssl's AES or phpseclib's AES (phpseclib uses mcrypt when it is available)

public cookieDecrypt ( string $encdata, string $secret ) : string \| boolean
$encdata	string	encrypted data
$secret	string	the secret
Результат	string \| boolean	original data, false on error

cookieEncrypt() публичный Метод

Encryption using openssl's AES or phpseclib's AES (phpseclib uses mcrypt when it is available)

public cookieEncrypt ( string $data, string $secret ) : string
$data	string	original data
$secret	string	the secret
Результат	string	the encrypted result

createIV() публичный Метод

Initialization Store the initialization vector because it will be needed for further decryption. I don't think necessary to have one iv per server so I don't put the server number in the cookie name.

public createIV ( ) : void
Результат	void

enlargeSecret() публичный Метод

This doesn't add any security, just ensures the secret is long enough by copying it.

public enlargeSecret ( string $secret ) : string
$secret	string	Original secret
Результат	string

getAESSecret() публичный Метод

Derives AES secret from encryption secret.

public getAESSecret ( string $secret ) : string
$secret	string	the secret
Результат	string	the AES secret

getIVSize() публичный Метод

Returns size of IV for encryption.

public getIVSize ( ) : integer
Результат	integer

getMACSecret() публичный Метод

Derives MAC secret from encryption secret.

public getMACSecret ( string $secret ) : string
$secret	string	the secret
Результат	string	the MAC secret

handlePasswordChange() публичный Метод

Callback when user changes password.

public handlePasswordChange ( string $password ) : void
$password	string	New password to set
Результат	void

logOut() публичный Метод

Perform logout

public logOut ( ) : void
Результат	void

setIV() публичный Метод

This is for testing only!

public setIV ( string $vector ) : void
$vector	string	The IV
Результат	void

storePasswordCookie() публичный Метод

Stores password in a cookie.

public storePasswordCookie ( string $password ) : void
$password	string	Password
Результат	void

storeUserCredentials() публичный Метод

Stores user credentials after successful login.

public storeUserCredentials ( ) : void \| boolean
Результат	void \| boolean

storeUsernameCookie() публичный Метод

Stores username in a cookie.

public storeUsernameCookie ( string $username ) : void
$username	string	User name
Результат	void

useOpenSSL() публичный статический Метод

Checks whether we should use openssl for encryption.

public static useOpenSSL ( ) : boolean
Результат	boolean