application/blog/main/actions/web/.htaccess -text
application/blog/main/actions/web/class_WebBlogLoginWelcomeAction.php -text
application/blog/main/class_ -text
+application/blog/main/commands/.htaccess -text
+application/blog/main/commands/web/.htaccess -text
+application/blog/main/commands/web/class_WebBlogGuestLoginCommand.php -text
+application/blog/main/commands/web/class_WebBlogUserLoginCommand.php -text
+application/blog/main/login/.htaccess -text
+application/blog/main/login/class_BlogGuestLogin.php -text
+application/blog/main/login/class_BlogUserLogin.php -text
+application/blog/main/login/helper/.htaccess -text
+application/blog/main/login/helper/class_BlogLoginHelper.php -text
application/blog/starter.php -text
application/blog/templates/.htaccess -text
application/blog/templates/de/.htaccess -text
--- /dev/null
+Deny from all
--- /dev/null
+Deny from all
--- /dev/null
+<?php
+/**
+ * A command for guest logins
+ *
+ * @author Roland Haeder <webmaster@ship-simu.org>
+ * @version 0.0.0
+ * @copyright Copyright (c) 2007, 2008 Roland Haeder, this is free software
+ * @license GNU GPL 3.0 or any newer version
+ * @link http://www.ship-simu.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+class WebBlogGuestLoginCommand extends BaseCommand implements Commandable {
+ /**
+ * Protected constructor
+ *
+ * @return void
+ */
+ protected function __construct () {
+ // Call parent constructor
+ parent::__construct(__CLASS__);
+
+ // Clean up a little
+ $this->removeNumberFormaters();
+ $this->removeSystemArray();
+ }
+
+ /**
+ * Creates an instance of this command and sets the resolver instance
+ *
+ * @param $resolverInstance An instance of a command resolver
+ * @return $commandInstance The created command instance
+ */
+ public final static function createWebBlogGuestLoginCommand (CommandResolver $resolverInstance) {
+ // Get a new instance
+ $commandInstance = new WebBlogGuestLoginCommand();
+
+ // Set the resolver instance
+ $commandInstance->setResolverInstance($resolverInstance);
+
+ // Return the prepared instance
+ return $commandInstance;
+ }
+
+ /**
+ * Executes the command with given request and response objects
+ *
+ * @param $requestInstance An instance of a class with an Requestable interface
+ * @param $responseInstance An instance of a class with an Responseable interface
+ * @return void
+ */
+ public function execute (Requestable $requestInstance, Responseable $responseInstance) {
+ // First get a GuestLogin instance
+ $loginInstance = ObjectFactory::createObjectByConfiguredName('guest_login_class');
+
+ // First set request and response instance
+ $loginInstance->setRequestInstance($requestInstance);
+
+ // Encrypt the password
+ $loginInstance->encryptPassword('passwd');
+
+ // Do the login here
+ $loginInstance->doLogin($requestInstance, $responseInstance);
+
+ // Was the login fine? Then redirect here
+ if ($loginInstance->ifLoginWasSuccessfull()) {
+ // Try to redirect here
+ try {
+ $responseInstance->redirectToConfiguredUrl('app_login_url');
+ } catch (FrameworkException $e) {
+ // Something went wrong here!
+ $responseInstance->addFatalMessage($e->getMessage());
+ }
+ } else {
+ // Attach error message to the response
+ $responseInstance->addFatalMessage('failed_user_login');
+ }
+ }
+
+ /**
+ * Adds extra filters to the given controller instance
+ *
+ * @param $controllerInstance A controller instance
+ * @param $requestInstance An instance of a class with an Requestable interface
+ * @return void
+ * @todo Add more filters
+ */
+ public function addExtraFilters (Controller $controllerInstance, Requestable $requestInstance) {
+ // Add username verifier filter
+ $controllerInstance->addPreFilter(ObjectFactory::createObjectByConfiguredName('user_guest_verifier_filter'));
+
+ // Add password verifier filter
+ $controllerInstance->addPreFilter(ObjectFactory::createObjectByConfiguredName('passwd_guest_verifier_filter'));
+
+ // Add CAPTCHA verifier code
+ $controllerInstance->addPreFilter(ObjectFactory::createObjectByConfiguredName('captcha_guest_verifier_filter'));
+ }
+}
+
+// [EOF]
+?>
--- /dev/null
+<?php
+/**
+ * A command for user login
+ *
+ * @author Roland Haeder <webmaster@ship-simu.org>
+ * @version 0.0.0
+ * @copyright Copyright (c) 2007, 2008 Roland Haeder, this is free software
+ * @license GNU GPL 3.0 or any newer version
+ * @link http://www.ship-simu.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+class WebBlogUserLoginCommand extends BaseCommand implements Commandable {
+ /**
+ * Protected constructor
+ *
+ * @return void
+ */
+ protected function __construct () {
+ // Call parent constructor
+ parent::__construct(__CLASS__);
+
+ // Clean up a little
+ $this->removeNumberFormaters();
+ $this->removeSystemArray();
+ }
+
+ /**
+ * Creates an instance of this command and sets the resolver instance
+ *
+ * @param $resolverInstance An instance of a command resolver
+ * @return $commandInstance The created command instance
+ */
+ public final static function createWebBlogUserLoginCommand (CommandResolver $resolverInstance) {
+ // Get a new instance
+ $commandInstance = new WebBlogUserLoginCommand();
+
+ // Set the resolver instance
+ $commandInstance->setResolverInstance($resolverInstance);
+
+ // Return the prepared instance
+ return $commandInstance;
+ }
+
+ /**
+ * Executes the command with given request and response objects
+ *
+ * @param $requestInstance An instance of a class with an Requestable interface
+ * @param $responseInstance An instance of a class with an Responseable interface
+ * @return void
+ */
+ public function execute (Requestable $requestInstance, Responseable $responseInstance) {
+ // First get a UserLogin instance
+ $loginInstance = ObjectFactory::createObjectByConfiguredName('user_login_class');
+
+ // First set request and response instance
+ $loginInstance->setRequestInstance($requestInstance);
+
+ // Encrypt the password
+ $loginInstance->encryptPassword('pass');
+
+ // Do the login here
+ $loginInstance->doLogin($requestInstance, $responseInstance);
+
+ // Was the login fine? Then redirect here
+ if ($loginInstance->ifLoginWasSuccessfull()) {
+ // Try to redirect here
+ try {
+ $responseInstance->redirectToConfiguredUrl('app_login_url');
+ } catch (FrameworkException $e) {
+ // Something went wrong here!
+ $responseInstance->addFatalMessage($e->getMessage());
+ }
+ } else {
+ // Attach error message to the response
+ $responseInstance->addFatalMessage('failed_user_login');
+ }
+ }
+
+ /**
+ * Adds extra filters to the given controller instance
+ *
+ * @param $controllerInstance A controller instance
+ * @param $requestInstance An instance of a class with an Requestable interface
+ * @return void
+ * @todo Add more filters
+ */
+ public function addExtraFilters (Controller $controllerInstance, Requestable $requestInstance) {
+ // Which login type do we have?
+ switch ($this->getConfigInstance()->readConfig('login_type')) {
+ case "username": // Login via username
+ $controllerInstance->addPreFilter(ObjectFactory::createObjectByConfiguredName('username_verifier_filter'));
+ break;
+
+ case "email": // Login via email
+ $controllerInstance->addPreFilter(ObjectFactory::createObjectByConfiguredName('email_verifier_filter'));
+ break;
+
+ default: // Wether username or email is set
+ $controllerInstance->addPreFilter(ObjectFactory::createObjectByConfiguredName('username_email_verifier_filter'));
+ break;
+ }
+
+ // Password verifier filter
+ $controllerInstance->addPreFilter(ObjectFactory::createObjectByConfiguredName('password_verifier_filter'));
+
+ // Add filter for CAPTCHA
+ $controllerInstance->addPreFilter(ObjectFactory::createObjectByConfiguredName('captcha_user_verifier_filter'));
+ }
+}
+
+// [EOF]
+?>
--- /dev/null
+Deny from all
--- /dev/null
+<?php
+/**
+ * A special guest login class for the blog
+ *
+ * @author Roland Haeder <webmaster@ship-simu.org>
+ * @version 0.0.0
+ * @copyright Copyright (c) 2007, 2008 Roland Haeder, this is free software
+ * @license GNU GPL 3.0 or any newer version
+ * @link http://www.ship-simu.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+class BlogGuestLogin extends BaseFrameworkSystem implements LoginableUser {
+ /**
+ * The hashed password
+ */
+ private $hashedPassword = "";
+
+ /**
+ * Protected constructor
+ *
+ * @return void
+ */
+ protected function __construct () {
+ // Call parent constructor
+ parent::__construct(__CLASS__);
+
+ // Clean up a little
+ $this->removeNumberFormaters();
+ $this->removeSystemArray();
+ }
+
+ /**
+ * Creates an instance of this login class
+ *
+ * @return $loginInstance An instance of this login class
+ */
+ public final static function createBlogGuestLogin () {
+ // Get a new instance
+ $loginInstance = new BlogGuestLogin();
+
+ // Return the instance
+ return $loginInstance;
+ }
+
+ /**
+ * Logins the user with the given request containing the credential. The
+ * result of the login can be thrown by exception or, if prefered stored
+ * in a boolean attribute which is then readable by a matching getter.
+ *
+ * @param $requestInstance An instance of a Requestable class
+ * @param $responseInstance An instance of a Responseable class
+ * @return void
+ * @throws UserAuthMethodException If wether username nor email login
+ * was detected
+ * @throws MissingMethodException If a method was not found in the
+ * User class
+ * @throws UserPasswordMismatchException If the supplied password did not
+ * match with the stored password
+ */
+ public function doLogin (Requestable $requestInstance, Responseable $responseInstance) {
+ // By default no method is selected
+ $method = null;
+ $data = "";
+
+ // Detect login method (username or email) and try to get a userinstance
+ if (!is_null($requestInstance->getRequestElement('user'))) {
+ // Username found!
+ $method = 'createGuestByUsername';
+ $data = $requestInstance->getRequestElement('user');
+ } // END - if
+
+ // Is a method detected?
+ if (is_null($method)) {
+ // Then abort here
+ throw new UserAuthMethodException($this, self::EXCEPTION_MISSING_METHOD);
+ } elseif (!method_exists($this->getConfigInstance()->readConfig('guest_class'), $method)) {
+ // The method is invalid!
+ throw new MissingMethodException(array($this, $method), self::EXCEPTION_MISSING_METHOD);
+ }
+
+ // Get a instance of the registry
+ $userInstance = Registry::getRegistry()->getInstance('user');
+
+ // Is there an instance?
+ if (is_null($userInstance)) {
+ // Get a user instance
+ $userInstance = call_user_func_array(array($this->getConfigInstance()->readConfig('guest_class'), $method), array($data));
+
+ // Remember this new instance in registry
+ Registry::getRegistry()->addInstance($userInstance);
+ } // END - if
+
+ // Is the password correct?
+ if ($userInstance->ifPasswordHashMatches($requestInstance) === false) {
+ // Mismatching password
+ throw new UserPasswordMismatchException(array($this, $userInstance), BaseUser::EXCEPTION_USER_PASS_MISMATCH);
+ } // END - if
+
+ // Now do the real login. This can be cookie- or session-based login
+ // which depends on the admins setting then on the user's taste.
+ // 1) Get a login helper instance
+ $helperInstance = ObjectFactory::createObjectByConfiguredName('login_helper_class', array($requestInstance));
+
+ // 2) Execute the login. This will now login...
+ $helperInstance->executeLogin($responseInstance);
+ }
+
+ /**
+ * Determines wether the login was fine. This is done by checking if 'login' instance is in registry
+ *
+ * @return $loginDone Wether the login was fine or not
+ */
+ public function ifLoginWasSuccessfull () {
+ // Is the registry key there?
+ $loginDone = (Registry::getRegistry()->getInstance('login') instanceof Registerable);
+
+ // Return the result
+ return $loginDone;
+ }
+
+ /**
+ * Encrypt given request key or throw an exception if key was not found in
+ * request
+ *
+ * @param $requestKey Key in request class
+ * @return void
+ */
+ public function encryptPassword ($requestKey) {
+ // Check if password is found in request
+ if ($this->getRequestInstance()->isRequestElementSet($requestKey)) {
+ // So encrypt the password and store it for later usage in
+ // the request:
+
+ // Get the plain password
+ $plainPassword = $this->getRequestInstance()->getRequestElement($requestKey);
+
+ // Get user instance
+ $userInstance = Registry::getRegistry()->getInstance('user');
+
+ // Get a crypto helper and hash the password
+ $this->hashedPassword = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($plainPassword, $userInstance->getPasswordHash());
+
+ // Store the hash back in request
+ $this->getRequestInstance()->setRequestElement('pass_hash', $this->hashedPassword);
+ } // END - if
+ }
+}
+
+// [EOF]
+?>
--- /dev/null
+<?php
+/**
+ * A special login class for the blog
+ *
+ * @author Roland Haeder <webmaster@ship-simu.org>
+ * @version 0.0.0
+ * @copyright Copyright (c) 2007, 2008 Roland Haeder, this is free software
+ * @license GNU GPL 3.0 or any newer version
+ * @link http://www.ship-simu.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+class BlogUserLogin extends BaseFrameworkSystem implements LoginableUser {
+ /**
+ * The hashed password
+ */
+ private $hashedPassword = "";
+
+ /**
+ * Protected constructor
+ *
+ * @return void
+ */
+ protected function __construct () {
+ // Call parent constructor
+ parent::__construct(__CLASS__);
+
+ // Clean up a little
+ $this->removeNumberFormaters();
+ $this->removeSystemArray();
+ }
+
+ /**
+ * Creates an instance of this login class
+ *
+ * @return $loginInstance An instance of this login class
+ */
+ public final static function createBlogUserLogin () {
+ // Get a new instance
+ $loginInstance = new BlogUserLogin();
+
+ // Return the instance
+ return $loginInstance;
+ }
+
+ /**
+ * Logins the user with the given request containing the credential. The
+ * result of the login can be thrown by exception or, if prefered stored
+ * in a boolean attribute which is then readable by a matching getter.
+ *
+ * @param $requestInstance An instance of a Requestable class
+ * @param $responseInstance An instance of a Responseable class
+ * @return void
+ * @throws UserPasswordMismatchException If the supplied password did not
+ * match with the stored password
+ * @todo We need to add something here which will make more than one
+ * @todo guest logins, users who are online but based on the same
+ * @todo user account.
+ */
+ public function doLogin (Requestable $requestInstance, Responseable $responseInstance) {
+ // By default no method is selected
+ $method = null;
+ $data = "";
+
+ // Get a instance of the registry
+ $userInstance = Registry::getRegistry()->getInstance('user');
+
+ // Is there an instance?
+ if (is_null($userInstance)) {
+ // Get member class
+ $userClass = $this->getConfigInstance()->readConfig('user_class');
+
+ // Get a user instance
+ $userInstance = call_user_func_array(array($userClass, 'createMemberByRequest'), array($requestInstance));
+
+ // Remember this new instance in registry
+ Registry::getRegistry()->addInstance($userInstance);
+ } // END - if
+
+ // Is the password correct?
+ if ($userInstance->ifPasswordHashMatches($requestInstance) === false) {
+ // Mismatching password
+ throw new UserPasswordMismatchException(array($this, $userInstance), BaseUser::EXCEPTION_USER_PASS_MISMATCH);
+ } // END - if
+
+ // ToDo place
+
+ // Now do the real login. This can be cookie- or session-based login
+ // which depends on the admins setting then on the user's taste.
+ // 1) Get a login helper instance
+ $helperInstance = ObjectFactory::createObjectByConfiguredName('login_helper_class', array($requestInstance));
+
+ // 2) Execute the login. This will now login...
+ $helperInstance->executeLogin($responseInstance);
+ }
+
+ /**
+ * Determines wether the login was fine. This is done by checking if 'login' instance is in registry
+ *
+ * @return $loginDone Wether the login was fine or not
+ */
+ public function ifLoginWasSuccessfull () {
+ // Is the registry key there?
+ $loginDone = (Registry::getRegistry()->getInstance('login') instanceof Registerable);
+
+ // Return the result
+ return $loginDone;
+ }
+
+ /**
+ * Encrypt given request key or throw an exception if key was not found in
+ * request
+ *
+ * @param $requestKey Key in request class
+ * @return void
+ */
+ public function encryptPassword ($requestKey) {
+ // Check if password is found in request
+ if ($this->getRequestInstance()->isRequestElementSet($requestKey)) {
+ // So encrypt the password and store it for later usage in
+ // the request:
+
+ // Get the plain password
+ $plainPassword = $this->getRequestInstance()->getRequestElement($requestKey);
+
+ // Get user instance
+ $userInstance = Registry::getRegistry()->getInstance('user');
+
+ // Get a crypto helper and hash the password
+ $this->hashedPassword = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($plainPassword, $userInstance->getPasswordHash());
+
+ // Store the hash back in request
+ $this->getRequestInstance()->setRequestElement('pass_hash', $this->hashedPassword);
+ } // END - if
+ }
+}
+
+// [EOF]
+?>
--- /dev/null
+Deny from all
--- /dev/null
+<?php
+/**
+ * A helper for Blog to login. This login helper first checks what setting
+ * (cookie or session) the admin has choosen then overwrites it with the setting
+ * from current user. The registry instance should hold an instance of this user
+ * class at key 'user' else an exception will be thrown. After this the setting
+ * from a login form will be taken as login method and be stored in database
+ * for later usage.
+ *
+ * The user shall be able to choose "Default login method" or similar to use his
+ * own login method.
+ *
+ * @author Roland Haeder <webmaster@ship-simu.org>
+ * @version 0.0.0
+ * @copyright Copyright (c) 2007, 2008 Roland Haeder, this is free software
+ * @license GNU GPL 3.0 or any newer version
+ * @link http://www.ship-simu.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+class BlogLoginHelper extends BaseLoginHelper implements HelpableLogin {
+ /**
+ * The login method we shall choose
+ */
+ private $authMethod = "";
+
+ // Exception constants
+ const EXCEPTION_INVALID_USER_INSTANCE = 0x190;
+
+ /**
+ * Protected constructor
+ *
+ * @return void
+ */
+ protected function __construct () {
+ // Call parent constructor
+ parent::__construct(__CLASS__);
+ }
+
+ /**
+ * Creates an instance of this class by given request instance
+ *
+ * @param $requestInstance An instance of a Requestable class
+ * @return $helperInstance An instance of this helper class
+ * @throws UserInstanceMissingException If the user instance in registry
+ * is missing or invalid
+ */
+ public final static function createBlogLoginHelper (Requestable $requestInstance) {
+ // Get a new instance first
+ $helperInstance = new BlogLoginHelper();
+
+ // Get a user instance from registry
+ $userInstance = Registry::getRegistry()->getInstance('user');
+
+ // Is this instance valid?
+ if (!$userInstance instanceof ManageableAccount) {
+ // Thrown an exception here
+ throw new UserInstanceMissingException (array($helperInstance, 'user'), self::EXCEPTION_INVALID_USER_INSTANCE);
+ } // END - if
+
+ // Set default login method from config
+ $helperInstance->setDefaultAuthMethod();
+
+ // Set request instance
+ $helperInstance->setRequestInstance($requestInstance);
+
+ // Return the prepared instance
+ return $helperInstance;
+ }
+
+ /**
+ * Setter for default login method from config
+ *
+ * @return void
+ */
+ protected function setDefaultAuthMethod () {
+ $this->authMethod = $this->getConfigInstance()->readConfig('auth_method_class');
+ }
+
+ /**
+ * Execute the login request by given response instance. This instance can
+ * be used for sending cookies or at least the session id out.
+ *
+ * @param $responseInstance An instance of a Responseable class
+ * @return void
+ */
+ public function executeLogin (Responseable $responseInstance) {
+ // Get an instance from the login method
+ $loginInstance = ObjectFactory::createObjectByName($this->authMethod, array($responseInstance));
+
+ // Set user cookie
+ $loginInstance->setUserAuth($this->getRequestInstance()->getRequestElement('username'));
+
+ // Set password cookie
+ $loginInstance->setPasswordAuth($this->getRequestInstance()->getRequestElement('pass_hash'));
+
+ // Remember this login instance for later usage
+ Registry::getRegistry()->addInstance('login', $loginInstance);
+ }
+}
+
+//
+?>