CakePHP
  • Documentation
    • Book
    • API
    • Videos
    • Reporting Security Issues
    • Privacy Policy
    • Logos & Trademarks
  • Business Solutions
  • Swag
  • Road Trip
  • Team
  • Community
    • Community
    • Get Involved
    • Issues (GitHub)
    • Bakery
    • Featured Resources
    • Training
    • Meetups
    • My CakePHP
    • CakeFest
    • Newsletter
    • Linkedin
    • YouTube
    • Facebook
    • Twitter
    • Mastodon
    • Help & Support
    • Forum
    • Stack Overflow
    • Slack
    • Paid Support
CakePHP

C CakePHP 1.3 API

  • Overview
  • Tree
  • Deprecated
  • Version:
    • 1.3
      • 4.2
      • 4.1
      • 4.0
      • 3.9
      • 3.8
      • 3.7
      • 3.6
      • 3.5
      • 3.4
      • 3.3
      • 3.2
      • 3.1
      • 3.0
      • 2.10
      • 2.9
      • 2.8
      • 2.7
      • 2.6
      • 2.5
      • 2.4
      • 2.3
      • 2.2
      • 2.1
      • 2.0
      • 1.3
      • 1.2

Classes

  • AclBase
  • AclBehavior
  • AclComponent
  • AclNode
  • AclShell
  • Aco
  • AcoAction
  • AjaxHelper
  • ApcEngine
  • ApiShell
  • App
  • AppController
  • AppHelper
  • AppModel
  • Aro
  • AuthComponent
  • BakeShell
  • BakeTask
  • BehaviorCollection
  • Cache
  • CacheEngine
  • CacheHelper
  • CakeErrorController
  • CakeLog
  • CakeRoute
  • CakeSchema
  • CakeSession
  • CakeSocket
  • ClassRegistry
  • Component
  • Configure
  • ConnectionManager
  • ConsoleShell
  • ContainableBehavior
  • Controller
  • ControllerTask
  • CookieComponent
  • DataSource
  • DbAcl
  • DbConfigTask
  • DboMssql
  • DboMysql
  • DboMysqlBase
  • DboMysqli
  • DboOracle
  • DboPostgres
  • DboSource
  • DboSqlite
  • Debugger
  • EmailComponent
  • ErrorHandler
  • ExtractTask
  • File
  • FileEngine
  • FileLog
  • FixtureTask
  • Folder
  • FormHelper
  • Helper
  • HtmlHelper
  • HttpSocket
  • I18n
  • I18nModel
  • I18nShell
  • Inflector
  • IniAcl
  • JavascriptHelper
  • JqueryEngineHelper
  • JsBaseEngineHelper
  • JsHelper
  • L10n
  • MagicDb
  • MagicFileResource
  • MediaView
  • MemcacheEngine
  • Model
  • ModelBehavior
  • ModelTask
  • MootoolsEngineHelper
  • Multibyte
  • NumberHelper
  • Object
  • Overloadable
  • Overloadable2
  • PagesController
  • PaginatorHelper
  • Permission
  • PluginShortRoute
  • PluginTask
  • ProjectTask
  • PrototypeEngineHelper
  • RequestHandlerComponent
  • Router
  • RssHelper
  • Sanitize
  • Scaffold
  • ScaffoldView
  • SchemaShell
  • Security
  • SecurityComponent
  • SessionComponent
  • SessionHelper
  • Set
  • Shell
  • String
  • TemplateTask
  • TestSuiteShell
  • TestTask
  • TextHelper
  • ThemeView
  • TimeHelper
  • TranslateBehavior
  • TreeBehavior
  • Validation
  • View
  • ViewTask
  • XcacheEngine
  • Xml
  • XmlElement
  • XmlHelper
  • XmlManager
  • XmlNode
  • XmlTextNode

Functions

  • mb_encode_mimeheader
  • mb_stripos
  • mb_stristr
  • mb_strlen
  • mb_strpos
  • mb_strrchr
  • mb_strrichr
  • mb_strripos
  • mb_strrpos
  • mb_strstr
  • mb_strtolower
  • mb_strtoupper
  • mb_substr
  • mb_substr_count
  1: <?php
  2: /**
  3:  * Core Security
  4:  *
  5:  * PHP versions 4 and 5
  6:  *
  7:  * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
  8:  * Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
  9:  *
 10:  * Licensed under The MIT License
 11:  * Redistributions of files must retain the above copyright notice.
 12:  *
 13:  * @copyright     Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
 14:  * @link          http://cakephp.org CakePHP(tm) Project
 15:  * @package       cake
 16:  * @subpackage    cake.cake.libs
 17:  * @since         CakePHP(tm) v .0.10.0.1233
 18:  * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 19:  */
 20: 
 21: /**
 22:  * Security Library contains utility methods related to security
 23:  *
 24:  * @package       cake
 25:  * @subpackage    cake.cake.libs
 26:  */
 27: class Security extends Object {
 28: 
 29: /**
 30:  * Default hash method
 31:  *
 32:  * @var string
 33:  * @access public
 34:  */
 35:     var $hashType = null;
 36: 
 37: /**
 38:  * Singleton implementation to get object instance.
 39:  *
 40:  * @return object
 41:  * @access public
 42:  * @static
 43:  */
 44:     function &getInstance() {
 45:         static $instance = array();
 46:         if (!$instance) {
 47:             $instance[0] =& new Security;
 48:         }
 49:         return $instance[0];
 50:     }
 51: 
 52: /**
 53:  * Get allowed minutes of inactivity based on security level.
 54:  *
 55:  * @return integer Allowed inactivity in minutes
 56:  * @access public
 57:  * @static
 58:  */
 59:     function inactiveMins() {
 60:         switch (Configure::read('Security.level')) {
 61:             case 'high':
 62:                 return 10;
 63:             break;
 64:             case 'medium':
 65:                 return 100;
 66:             break;
 67:             case 'low':
 68:             default:
 69:                 return 300;
 70:                 break;
 71:         }
 72:     }
 73: 
 74: /**
 75:  * Generate authorization hash.
 76:  *
 77:  * @return string Hash
 78:  * @access public
 79:  * @static
 80:  */
 81:     function generateAuthKey() {
 82:         if (!class_exists('String')) {
 83:             App::import('Core', 'String');
 84:         }
 85:         return Security::hash(String::uuid());
 86:     }
 87: 
 88: /**
 89:  * Validate authorization hash.
 90:  *
 91:  * @param string $authKey Authorization hash
 92:  * @return boolean Success
 93:  * @access public
 94:  * @static
 95:  * @todo Complete implementation
 96:  */
 97:     function validateAuthKey($authKey) {
 98:         return true;
 99:     }
100: 
101: /**
102:  * Create a hash from string using given method.
103:  * Fallback on next available method.
104:  *
105:  * @param string $string String to hash
106:  * @param string $type Method to use (sha1/sha256/md5)
107:  * @param boolean $salt If true, automatically appends the application's salt
108:  *     value to $string (Security.salt)
109:  * @return string Hash
110:  * @access public
111:  * @static
112:  */
113:     function hash($string, $type = null, $salt = false) {
114:         $_this =& Security::getInstance();
115: 
116:         if ($salt) {
117:             if (is_string($salt)) {
118:                 $string = $salt . $string;
119:             } else {
120:                 $string = Configure::read('Security.salt') . $string;
121:             }
122:         }
123: 
124:         if (empty($type)) {
125:             $type = $_this->hashType;
126:         }
127:         $type = strtolower($type);
128: 
129:         if ($type == 'sha1' || $type == null) {
130:             if (function_exists('sha1')) {
131:                 $return = sha1($string);
132:                 return $return;
133:             }
134:             $type = 'sha256';
135:         }
136: 
137:         if ($type == 'sha256' && function_exists('mhash')) {
138:             return bin2hex(mhash(MHASH_SHA256, $string));
139:         }
140: 
141:         if (function_exists('hash')) {
142:             return hash($type, $string);
143:         }
144:         return md5($string);
145:     }
146: 
147: /**
148:  * Sets the default hash method for the Security object.  This affects all objects using
149:  * Security::hash().
150:  *
151:  * @param string $hash Method to use (sha1/sha256/md5)
152:  * @access public
153:  * @return void
154:  * @static
155:  * @see Security::hash()
156:  */
157:     function setHash($hash) {
158:         $_this =& Security::getInstance();
159:         $_this->hashType = $hash;
160:     }
161: 
162: /**
163:  * Encrypts/Decrypts a text using the given key.
164:  *
165:  * @param string $text Encrypted string to decrypt, normal string to encrypt
166:  * @param string $key Key to use
167:  * @return string Encrypted/Decrypted string
168:  * @access public
169:  * @static
170:  */
171:     function cipher($text, $key) {
172:         if (empty($key)) {
173:             trigger_error(__('You cannot use an empty key for Security::cipher()', true), E_USER_WARNING);
174:             return '';
175:         }
176: 
177:         srand(Configure::read('Security.cipherSeed'));
178:         $out = '';
179:         $keyLength = strlen($key);
180:         for ($i = 0, $textLength = strlen($text); $i < $textLength; $i++) {
181:             $j = ord(substr($key, $i % $keyLength, 1));
182:             while ($j--) {
183:                 rand(0, 255);
184:             }
185:             $mask = rand(0, 255);
186:             $out .= chr(ord(substr($text, $i, 1)) ^ $mask);
187:         }
188:         srand();
189:         return $out;
190:     }
191: }
192: 
OpenHub
Rackspace
Rackspace
  • Business Solutions
  • Showcase
  • Documentation
  • Book
  • API
  • Videos
  • Reporting Security Issues
  • Privacy Policy
  • Logos & Trademarks
  • Community
  • Get Involved
  • Issues (GitHub)
  • Bakery
  • Featured Resources
  • Training
  • Meetups
  • My CakePHP
  • CakeFest
  • Newsletter
  • Linkedin
  • YouTube
  • Facebook
  • Twitter
  • Mastodon
  • Help & Support
  • Forum
  • Stack Overflow
  • Slack
  • Paid Support

Generated using CakePHP API Docs