1.1.x.x » cake » libs

security.php

Go to the documentation of this file.
00001 <?php
00002 /* SVN FILE: $Id: security_8php-source.html 675 2008-12-26 00:27:14Z gwoo $ */
00003 /**
00004  * Security Class
00005  *
00006  * This class is a singleton class that contains
00007  * functions for hasing and security.
00008  *
00009  * PHP versions 4 and 5
00010  *
00011  * CakePHP(tm) :  Rapid Development Framework <http://www.cakephp.org/>
00012  * Copyright 2005-2008, Cake Software Foundation, Inc.
00013  *                              1785 E. Sahara Avenue, Suite 490-204
00014  *                              Las Vegas, Nevada 89104
00015  *
00016  * Licensed under The MIT License
00017  * Redistributions of files must retain the above copyright notice.
00018  *
00019  * @filesource
00020  * @copyright       Copyright 2005-2008, Cake Software Foundation, Inc.
00021  * @link                http://www.cakefoundation.org/projects/info/cakephp CakePHP(tm) Project
00022  * @package         cake
00023  * @subpackage      cake.cake.libs
00024  * @since           CakePHP(tm) v .0.10.0.1233
00025  * @version         $Revision: 675 $
00026  * @modifiedby      $LastChangedBy: gwoo $
00027  * @lastmodified    $Date: 2008-12-25 16:27:14 -0800 (Thu, 25 Dec 2008) $
00028  * @license         http://www.opensource.org/licenses/mit-license.php The MIT License
00029  */
00030 /**
00031  * Security Class
00032  *
00033  * This class is a singleton class that contains functions for hasing and security.
00034  *
00035  * @package     cake
00036  * @subpackage  cake.cake.libs
00037  */
00038 class Security extends Object {
00039 /**
00040  * Singleton method to retrieve the instance of the Security class
00041  *
00042  * @return object Security
00043  * @access public
00044  */
00045     function &getInstance() {
00046         static $instance = array();
00047         if (!$instance) {
00048             $instance[0] = &new Security;
00049         }
00050         return $instance[0];
00051     }
00052 /**
00053  * Returns inactive minutes constant based on cake the security level
00054  *
00055  * @return integer
00056  * @access public
00057  */
00058     function inactiveMins() {
00059         switch(CAKE_SECURITY) {
00060             case 'high':
00061                 return 10;
00062             break;
00063             case 'medium':
00064                 return 100;
00065             break;
00066             case 'low':
00067             default:
00068                 return 300;
00069             break;
00070         }
00071     }
00072 /**
00073  * Generates a unique authkey
00074  *
00075  * @return mixed
00076  * @access public
00077  */
00078     function generateAuthKey() {
00079         $_this =& Security::getInstance();
00080         return $_this->hash(uniqid(rand(), true));
00081     }
00082 /**
00083  * Validates the authkey
00084  *
00085  * @param mixed $authKey
00086  * @return boolean
00087  * @access public
00088  */
00089     function validateAuthKey($authKey) {
00090         return true;
00091     }
00092 /**
00093  * Generates a hash of a string using a php built in hashing function
00094  *
00095  * @param string $string The string to be hashed
00096  * @param string $type The hashing algorithm
00097  * @return string
00098  * @access public
00099  */
00100     function hash($string, $type = 'sha1') {
00101         $type = strtolower($type);
00102         if ($type == 'sha1') {
00103             if (function_exists('sha1')) {
00104                 $return = sha1($string);
00105                 return $return;
00106             } else {
00107                 $type = 'sha256';
00108             }
00109         }
00110 
00111         if ($type == 'sha256') {
00112             if (function_exists('mhash')) {
00113                 $return = bin2hex(mhash(MHASH_SHA256, $string));
00114                 return $return;
00115             } else {
00116                 $type = 'md5';
00117             }
00118         }
00119 
00120         if ($type == 'md5') {
00121             $return = md5($string);
00122             return $return;
00123         }
00124     }
00125 /**
00126  * Function that ciphers a text using a key
00127  *
00128  * @param string $text
00129  * @param string $key
00130  * @return string
00131  * @access public
00132  */
00133     function cipher($text, $key) {
00134         if (!defined('CIPHER_SEED')) {
00135             //This is temporary will change later
00136             define('CIPHER_SEED', '76859309657453542496749683645');
00137         }
00138         srand (CIPHER_SEED);
00139         $out = '';
00140 
00141         for ($i = 0; $i < strlen($text); $i++) {
00142             for ($j = 0; $j < ord(substr($key, $i % strlen($key), 1)); $j++) {
00143                 $toss = rand(0, 255);
00144             }
00145             $mask = rand(0, 255);
00146             $out .= chr(ord(substr($text, $i, 1)) ^ $mask);
00147         }
00148         return $out;
00149     }
00150 }
00151 ?>