code review
This commit is contained in:
parent
4dbdb4390e
commit
daf242ce90
6 changed files with 61 additions and 18 deletions
|
@ -14,7 +14,6 @@ declare(strict_types=1);
|
||||||
|
|
||||||
namespace Dotclear\Plugin\httpPassword;
|
namespace Dotclear\Plugin\httpPassword;
|
||||||
|
|
||||||
use dcAuth;
|
|
||||||
use dcAdmin;
|
use dcAdmin;
|
||||||
use dcCore;
|
use dcCore;
|
||||||
use dcPage;
|
use dcPage;
|
||||||
|
@ -31,10 +30,11 @@ class Backend extends dcNsProcess
|
||||||
|
|
||||||
public static function process(): bool
|
public static function process(): bool
|
||||||
{
|
{
|
||||||
if (!static::$init) {
|
if (!static::$init || is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog) || is_null(dcCore::app()->adminurl)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// add backend sidebar menu icon
|
||||||
dcCore::app()->menu[dcAdmin::MENU_PLUGINS]->addItem(
|
dcCore::app()->menu[dcAdmin::MENU_PLUGINS]->addItem(
|
||||||
My::name(),
|
My::name(),
|
||||||
dcCore::app()->adminurl->get('admin.plugin.' . My::id()),
|
dcCore::app()->adminurl->get('admin.plugin.' . My::id()),
|
||||||
|
|
|
@ -33,7 +33,12 @@ class Frontend extends dcNsProcess
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// check password on frontend
|
||||||
dcCore::app()->addBehavior('publicPrependV2', function (): void {
|
dcCore::app()->addBehavior('publicPrependV2', function (): void {
|
||||||
|
// nullsafe
|
||||||
|
if (is_null(dcCore::app()->blog)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
$PHP_AUTH_USER = $PHP_AUTH_PW = '';
|
$PHP_AUTH_USER = $PHP_AUTH_PW = '';
|
||||||
|
|
||||||
if (isset($_SERVER['PHP_AUTH_USER']) and isset($_SERVER['PHP_AUTH_PW'])) {
|
if (isset($_SERVER['PHP_AUTH_USER']) and isset($_SERVER['PHP_AUTH_PW'])) {
|
||||||
|
|
|
@ -22,14 +22,15 @@ class Install extends dcNsProcess
|
||||||
{
|
{
|
||||||
public static function init(): bool
|
public static function init(): bool
|
||||||
{
|
{
|
||||||
static::$init = defined('DC_CONTEXT_ADMIN') && dcCore::app()->newVersion(My::id(), dcCore::app()->plugins->moduleInfo(My::id(), 'version'));
|
static::$init = defined('DC_CONTEXT_ADMIN')
|
||||||
|
&& dcCore::app()->newVersion(My::id(), dcCore::app()->plugins->moduleInfo(My::id(), 'version'));
|
||||||
|
|
||||||
return static::$init;
|
return static::$init;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function process(): bool
|
public static function process(): bool
|
||||||
{
|
{
|
||||||
if (!static::$init) {
|
if (!static::$init || is_null(dcCore::app()->blog)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -40,18 +40,21 @@ class Manage extends dcNsProcess
|
||||||
{
|
{
|
||||||
public static function init(): bool
|
public static function init(): bool
|
||||||
{
|
{
|
||||||
static::$init = defined('DC_CONTEXT_ADMIN') && dcCore::app()->auth->check(
|
static::$init = defined('DC_CONTEXT_ADMIN')
|
||||||
dcCore::app()->auth->makePermissions([
|
&& !is_null(dcCore::app()->auth) && !is_null(dcCore::app()->blog) // nullsafe
|
||||||
My::PERMISSION,
|
&& dcCore::app()->auth->check(
|
||||||
]), dcCore::app()->blog->id
|
dcCore::app()->auth->makePermissions([
|
||||||
);
|
My::PERMISSION,
|
||||||
|
]),
|
||||||
|
dcCore::app()->blog->id
|
||||||
|
);
|
||||||
|
|
||||||
return static::$init;
|
return static::$init;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function process(): bool
|
public static function process(): bool
|
||||||
{
|
{
|
||||||
if (!static::$init) {
|
if (!static::$init || is_null(dcCore::app()->blog) || is_null(dcCore::app()->adminurl)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -67,6 +70,7 @@ class Manage extends dcNsProcess
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// save settings
|
||||||
if ('savesettings' == $action) {
|
if ('savesettings' == $action) {
|
||||||
$s = dcCore::app()->blog->settings->get(My::id());
|
$s = dcCore::app()->blog->settings->get(My::id());
|
||||||
$s->put('active', !empty($_POST['active']));
|
$s->put('active', !empty($_POST['active']));
|
||||||
|
@ -85,6 +89,7 @@ class Manage extends dcNsProcess
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// delete users logins
|
||||||
if ('savelogins' == $action) {
|
if ('savelogins' == $action) {
|
||||||
$logs = dcCore::app()->log->getLogs(['log_table' => My::id()]);
|
$logs = dcCore::app()->log->getLogs(['log_table' => My::id()]);
|
||||||
if (!$logs->isEmpty()) {
|
if (!$logs->isEmpty()) {
|
||||||
|
@ -105,6 +110,7 @@ class Manage extends dcNsProcess
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// save users logins / passwords in frontend passwords file
|
||||||
if ('savepasswords' == $action) {
|
if ('savepasswords' == $action) {
|
||||||
$passwords = self::getPasswords();
|
$passwords = self::getPasswords();
|
||||||
$lines = [];
|
$lines = [];
|
||||||
|
@ -153,7 +159,7 @@ class Manage extends dcNsProcess
|
||||||
|
|
||||||
public static function render(): void
|
public static function render(): void
|
||||||
{
|
{
|
||||||
if (!static::$init) {
|
if (!static::$init || is_null(dcCore::app()->blog) || is_null(dcCore::app()->adminurl)) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -173,7 +179,7 @@ class Manage extends dcNsProcess
|
||||||
]) .
|
]) .
|
||||||
dcPage::notices() .
|
dcPage::notices() .
|
||||||
|
|
||||||
# Filters select menu list
|
// Filters select menu list
|
||||||
(new Form('section_menu'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id()))->method('get')->fields([
|
(new Form('section_menu'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id()))->method('get')->fields([
|
||||||
(new Para())->class('anchor-nav')->items([
|
(new Para())->class('anchor-nav')->items([
|
||||||
(new Label(__('Select section:')))->for('part')->class('classic'),
|
(new Label(__('Select section:')))->for('part')->class('classic'),
|
||||||
|
@ -185,6 +191,7 @@ class Manage extends dcNsProcess
|
||||||
|
|
||||||
'<h3>' . array_search($part, My::sectionCombo()) . '</h3>';
|
'<h3>' . array_search($part, My::sectionCombo()) . '</h3>';
|
||||||
|
|
||||||
|
// settigns form
|
||||||
if ('settings' == $part) {
|
if ('settings' == $part) {
|
||||||
echo
|
echo
|
||||||
(new Form('section_settings'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => 'settings']))->method('post')->fields([
|
(new Form('section_settings'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => 'settings']))->method('post')->fields([
|
||||||
|
@ -214,6 +221,7 @@ class Manage extends dcNsProcess
|
||||||
])->render();
|
])->render();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// delete logins form
|
||||||
if ('logins' == $part) {
|
if ('logins' == $part) {
|
||||||
$logs = dcCore::app()->log->getLogs(['log_table' => My::id()]);
|
$logs = dcCore::app()->log->getLogs(['log_table' => My::id()]);
|
||||||
if ($logs->isEmpty()) {
|
if ($logs->isEmpty()) {
|
||||||
|
@ -250,6 +258,7 @@ class Manage extends dcNsProcess
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// existing logins/passwords form
|
||||||
if ('passwords' == $part) {
|
if ('passwords' == $part) {
|
||||||
$passwords = self::getPasswords();
|
$passwords = self::getPasswords();
|
||||||
|
|
||||||
|
@ -295,6 +304,7 @@ class Manage extends dcNsProcess
|
||||||
])->render();
|
])->render();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// new login form
|
||||||
echo
|
echo
|
||||||
(new Form('section_new'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => $part]))->method('post')->fields([
|
(new Form('section_new'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => $part]))->method('post')->fields([
|
||||||
(new Text('h3', Html::escapeHTML(__('Add a user')))),
|
(new Text('h3', Html::escapeHTML(__('Add a user')))),
|
||||||
|
@ -320,6 +330,11 @@ class Manage extends dcNsProcess
|
||||||
dcPage::closeModule();
|
dcPage::closeModule();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get page section.
|
||||||
|
*
|
||||||
|
* @return string The section
|
||||||
|
*/
|
||||||
private static function getSection(): string
|
private static function getSection(): string
|
||||||
{
|
{
|
||||||
$part = $_REQUEST['part'] ?? 'settings';
|
$part = $_REQUEST['part'] ?? 'settings';
|
||||||
|
@ -330,6 +345,11 @@ class Manage extends dcNsProcess
|
||||||
return $part;
|
return $part;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get existing passwords from file.
|
||||||
|
*
|
||||||
|
* @return array<string,string> The passwords list
|
||||||
|
*/
|
||||||
private static function getPasswords(): array
|
private static function getPasswords(): array
|
||||||
{
|
{
|
||||||
$passwords = [];
|
$passwords = [];
|
||||||
|
|
|
@ -28,10 +28,11 @@ class Prepend extends dcNsProcess
|
||||||
|
|
||||||
public static function process(): bool
|
public static function process(): bool
|
||||||
{
|
{
|
||||||
if (!static::$init) {
|
if (!static::$init || is_null(dcCore::app()->auth)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// register module permission
|
||||||
dcCore::app()->auth->setPermissionType(
|
dcCore::app()->auth->setPermissionType(
|
||||||
My::PERMISSION,
|
My::PERMISSION,
|
||||||
__('Manage http password blog protection')
|
__('Manage http password blog protection')
|
||||||
|
|
|
@ -20,9 +20,15 @@ class Utils
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* Crypt password
|
* Crypt password
|
||||||
|
*
|
||||||
|
* @param string $secret The secret
|
||||||
|
*
|
||||||
|
* @return string The crypt password (empty on error)
|
||||||
*/
|
*/
|
||||||
public static function crypt(?string $secret): string
|
public static function crypt(?string $secret): string
|
||||||
{
|
{
|
||||||
|
$secret = (string) $secret;
|
||||||
|
|
||||||
switch (self::cryptMethod()) {
|
switch (self::cryptMethod()) {
|
||||||
case 'plaintext':
|
case 'plaintext':
|
||||||
$saltlen = -1;
|
$saltlen = -1;
|
||||||
|
@ -72,43 +78,53 @@ class Utils
|
||||||
$secret = crypt($secret, $salt);
|
$secret = crypt($secret, $salt);
|
||||||
}
|
}
|
||||||
|
|
||||||
return($secret);
|
return $secret;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Setting: active
|
* Setting: active
|
||||||
|
*
|
||||||
|
* @return bool True if module is active
|
||||||
*/
|
*/
|
||||||
public static function isActive(): bool
|
public static function isActive(): bool
|
||||||
{
|
{
|
||||||
return (bool) dcCore::app()->blog->settings->get(My::id())->get('active');
|
return !is_null(dcCore::app()->blog) && (bool) dcCore::app()->blog->settings->get(My::id())->get('active');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Setting: crypt
|
* Setting: crypt
|
||||||
|
*
|
||||||
|
* @return string The crypt method
|
||||||
*/
|
*/
|
||||||
public static function cryptMethod(): string
|
public static function cryptMethod(): string
|
||||||
{
|
{
|
||||||
return (string) dcCore::app()->blog->settings->get(My::id())->get('crypt');
|
return is_null(dcCore::app()->blog) ? '' : (string) dcCore::app()->blog->settings->get(My::id())->get('crypt');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Setting: message
|
* Setting: message
|
||||||
|
*
|
||||||
|
* @return string The frontend message
|
||||||
*/
|
*/
|
||||||
public static function httpMessage(): string
|
public static function httpMessage(): string
|
||||||
{
|
{
|
||||||
return (string) dcCore::app()->blog->settings->get(My::id())->get('message');
|
return is_null(dcCore::app()->blog) ? '' : (string) dcCore::app()->blog->settings->get(My::id())->get('message');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get passwords file path
|
* Get passwords file path
|
||||||
|
*
|
||||||
|
* @return string The passwords file path (empty on error)
|
||||||
*/
|
*/
|
||||||
public static function passwordFile(): string
|
public static function passwordFile(): string
|
||||||
{
|
{
|
||||||
return dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD;
|
return is_null(dcCore::app()->blog) ? '' : dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check passwords file
|
* Check passwords file
|
||||||
|
*
|
||||||
|
* @return bool True if passwords file is writable
|
||||||
*/
|
*/
|
||||||
public static function isWritable(): bool
|
public static function isWritable(): bool
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue