<?php
/**
 * A concrete filter for validating the password. This filter may intercept
 * the filter chain if no password is given or the password is invalid
 *
 * @author		Roland Haeder <webmaster@ship-simu.org>
 * @version		0.0.0
 * @copyright	Copyright (c) 2007, 2008 Roland Haeder, this is free software
 * @license		GNU GPL 3.0 or any newer version
 * @link		http://www.ship-simu.org
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */
class AccountPasswordVerifierFilter extends BaseFilter implements Filterable {
	/**
	 * Protected constructor
	 *
	 * @return	void
	 */
	protected function __construct () {
		// Call parent constructor
		parent::__construct(__CLASS__);
	}

	/**
	 * Creates an instance of this filter class
	 *
	 * @param	$controllerInstance		An instance of a Controller class
	 * @return	$filterInstance			An instance of this filter class
	 */
	public final static function createAccountPasswordVerifierFilter (Controller $controllerInstance) {
		// Get a new instance
		$filterInstance = new AccountPasswordVerifierFilter();

		// Set the controller
		$filterInstance->setControllerInstance($controllerInstance);

		// Return the instance
		return $filterInstance;
	}

	/**
	 * Executes the filter with given request and response objects
	 *
	 * @param	$requestInstance	An instance of a class with an Requestable interface
	 * @param	$responseInstance	An instance of a class with an Responseable interface
	 * @return	void
	 * @throws	AccountPasswordMismatchException	If the account password does not match
	 * @todo	Rewrite handling of different password fields
	 */
	public function execute (Requestable $requestInstance, Responseable $responseInstance) {
		// Get password
		$password = $requestInstance->getRequestElement('pass_old');

		// Is the password still not set?
		if (is_null($password)) {
			// Get password from alternative location
			$password = $requestInstance->getRequestElement('password');

			// Is the password still not set?
			if (is_null($password)) {
				// Not found in form so stop the filtering process
				$requestInstance->requestIsValid(false);

				// Add a message to the response
				$responseInstance->addFatalMessage('password_unset');

				// Abort here
				return false;
			} // END - if
		} // END - if

		if (empty($password)) {
			// Password is empty
			$requestInstance->requestIsValid(false);

			// Add a message to the response
			$responseInstance->addFatalMessage('password_empty');

			// Abort here
			return false;
		}

		// Get a user instance
		$userInstance = Registry::getRegistry()->getInstance('user');

		// Get current hash
		$currentHash = $userInstance->getField('pass_hash');

		// Get an encryption helper and encrypt the password
		$passHash = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($password, $currentHash);

		// Does it match?
		if ($currentHash != $passHash) {
			// Throw an exception here to stop the proccessing
			throw new AccountPasswordMismatchException($this, BaseUser::EXCEPTION_USER_PASS_MISMATCH);
		} // END - if
	}
}

// [EOF]
?>