CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
_secureStringCompare example
$result = array(
'code' => Zend_Auth_Result::FAILURE,
'identity' => array(
'realm' => $this->_realm,
'username' => $this->_username,
),
'messages' => array()
);
while ($line = trim(fgets($fileHandle))) {
if (substr($line, 0, $idLength) === $id) {
if ($this->_secureStringCompare(substr($line, -32), md5("$this->_username:$this->_realm:$this->_password"))) {
$result['code'] = Zend_Auth_Result::SUCCESS;
} else {
$result['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID;
$result['messages'][] = 'Password incorrect';
}
return new Zend_Auth_Result($result['code'], $result['identity'], $result['messages']);
}
}
$result['code'] = Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND;
$result['messages'][] = "Username '$this->_username' and realm '$this->_realm' combination not found";
'code' => Zend_Auth_Result::FAILURE,
'identity' => array(
'realm' => $this->_realm,
'username' => $this->_username,
),
'messages' => array()
);
while ($line = trim(fgets($fileHandle))) {
if (substr($line, 0, $idLength) === $id) {
if ($this->_secureStringCompare(substr($line, -32), md5("$this->_username:$this->_realm:$this->_password"))) {
$result['code'] = Zend_Auth_Result::SUCCESS;
} else {
$result['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID;
$result['messages'][] = 'Password incorrect';
}
return new Zend_Auth_Result($result['code'], $result['identity'], $result['messages']);
}
}
$result['code'] = Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND;
$result['messages'][] = "Username '$this->_username' and realm '$this->_realm' combination not found";
// re-challenge the client.
if (!ctype_print($auth)) {
return $this->_challengeClient();
}
// Fix for ZF-1515: Now re-challenges on empty username or password $creds = array_filter(explode(':', $auth));
if (count($creds) != 2) {
return $this->_challengeClient();
}
$password = $this->_basicResolver->resolve($creds[0], $this->_realm);
if ($password && $this->_secureStringCompare($password, $creds[1])) {
$identity = array('username'=>$creds[0], 'realm'=>$this->_realm);
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $identity);
} else {
return $this->_challengeClient();
}
}
/** * Digest Authentication * * @param string $header Client's Authorization header * @throws Zend_Auth_Adapter_Exception * @return Zend_Auth_Result Valid auth result only on successful auth */
return $this->_challengeClient();
}
// Fix for ZF-1515: Now re-challenges on empty username or password $creds = array_filter(explode(':', $auth));
if (count($creds) != 2) {
return $this->_challengeClient();
}
$password = $this->_basicResolver->resolve($creds[0], $this->_realm);
if ($password && $this->_secureStringCompare($password, $creds[1])) {
$identity = array('username'=>$creds[0], 'realm'=>$this->_realm);
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $identity);
} else {
return $this->_challengeClient();
}
}
/** * Digest Authentication * * @param string $header Client's Authorization header * @throws Zend_Auth_Adapter_Exception * @return Zend_Auth_Result Valid auth result only on successful auth */