mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-14 13:33:14 +00:00
Add token entities
This commit is contained in:
Romain Neutron
@@ -10,31 +10,9 @@
|
||||
*/
|
||||
|
||||
use Alchemy\Phrasea\Application;
|
||||
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
|
||||
|
||||
class random
|
||||
{
|
||||
/**
|
||||
*
|
||||
*/
|
||||
const NUMBERS = "0123456789";
|
||||
/**
|
||||
*
|
||||
*/
|
||||
const LETTERS = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
|
||||
/**
|
||||
*
|
||||
*/
|
||||
const LETTERS_AND_NUMBERS = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
|
||||
const TYPE_FEED_ENTRY = 'FEED_ENTRY';
|
||||
const TYPE_PASSWORD = 'password';
|
||||
const TYPE_DOWNLOAD = 'download';
|
||||
const TYPE_MAIL_DOWNLOAD = 'mail-download';
|
||||
const TYPE_EMAIL = 'email';
|
||||
const TYPE_VIEW = 'view';
|
||||
const TYPE_VALIDATE = 'validate';
|
||||
const TYPE_RSS = 'rss';
|
||||
|
||||
private $app;
|
||||
|
||||
public function __construct(Application $app)
|
||||
@@ -82,162 +60,4 @@ class random
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @param string $type
|
||||
* @param int $usr
|
||||
* @param DateTime $end_date
|
||||
* @param mixed content $datas
|
||||
*
|
||||
* @return boolean
|
||||
*/
|
||||
public function getUrlToken($type, $usr, DateTime $end_date = null, $datas = '')
|
||||
{
|
||||
$this->cleanTokens();
|
||||
$conn = $this->app['phraseanet.appbox']->get_connection();
|
||||
$token = $test = false;
|
||||
|
||||
switch ($type) {
|
||||
case self::TYPE_DOWNLOAD:
|
||||
case self::TYPE_MAIL_DOWNLOAD:
|
||||
case self::TYPE_EMAIL:
|
||||
case self::TYPE_PASSWORD:
|
||||
case self::TYPE_VALIDATE:
|
||||
case self::TYPE_VIEW:
|
||||
case self::TYPE_RSS:
|
||||
case self::TYPE_FEED_ENTRY:
|
||||
break;
|
||||
default:
|
||||
throw new Exception_InvalidArgument();
|
||||
break;
|
||||
}
|
||||
|
||||
$n = 1;
|
||||
|
||||
$sql = 'SELECT id FROM tokens WHERE value = :test ';
|
||||
$stmt = $conn->prepare($sql);
|
||||
while ($n < 100) {
|
||||
$test = $this->app['random.medium']->generateString(16, self::LETTERS_AND_NUMBERS);
|
||||
$stmt->execute([':test' => $test]);
|
||||
if ($stmt->rowCount() === 0) {
|
||||
$token = $test;
|
||||
break;
|
||||
}
|
||||
$n ++;
|
||||
}
|
||||
$stmt->closeCursor();
|
||||
|
||||
if ($token) {
|
||||
$sql = 'INSERT INTO tokens (id, value, type, usr_id, created_on, expire_on, datas)
|
||||
VALUES (null, :token, :type, :usr, NOW(), :end_date, :datas)';
|
||||
$stmt = $conn->prepare($sql);
|
||||
|
||||
$params = [
|
||||
':token' => $token
|
||||
, ':type' => $type
|
||||
, ':usr' => ($usr ? $usr : '-1')
|
||||
, ':end_date' => ($end_date instanceof DateTime ? $end_date->format(DATE_ISO8601) : null)
|
||||
, ':datas' => ((trim($datas) != '') ? $datas : null)
|
||||
];
|
||||
$stmt->execute($params);
|
||||
$stmt->closeCursor();
|
||||
}
|
||||
|
||||
return $token;
|
||||
}
|
||||
|
||||
public function removeToken($token)
|
||||
{
|
||||
$this->cleanTokens();
|
||||
|
||||
try {
|
||||
$conn = $this->app['phraseanet.appbox']->get_connection();
|
||||
$sql = 'DELETE FROM tokens WHERE value = :token';
|
||||
$stmt = $conn->prepare($sql);
|
||||
$stmt->execute([':token' => $token]);
|
||||
$stmt->closeCursor();
|
||||
|
||||
return true;
|
||||
} catch (\Exception $e) {
|
||||
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public function updateToken($token, $datas)
|
||||
{
|
||||
try {
|
||||
$conn = $this->app['phraseanet.appbox']->get_connection();
|
||||
|
||||
$sql = 'UPDATE tokens SET datas = :datas
|
||||
WHERE value = :token';
|
||||
|
||||
$stmt = $conn->prepare($sql);
|
||||
$stmt->execute([':datas' => $datas, ':token' => $token]);
|
||||
$stmt->closeCursor();
|
||||
|
||||
return true;
|
||||
} catch (\Exception $e) {
|
||||
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public function helloToken($token)
|
||||
{
|
||||
$this->cleanTokens();
|
||||
|
||||
$conn = $this->app['phraseanet.appbox']->get_connection();
|
||||
$sql = 'SELECT * FROM tokens
|
||||
WHERE value = :token
|
||||
AND (expire_on > NOW() OR expire_on IS NULL)';
|
||||
$stmt = $conn->prepare($sql);
|
||||
$stmt->execute([':token' => $token]);
|
||||
$row = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
$stmt->closeCursor();
|
||||
|
||||
if ( ! $row)
|
||||
throw new NotFoundHttpException('Token not found');
|
||||
|
||||
return $row;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the validation token for one user and one validation basket
|
||||
*
|
||||
* @param integer $userId
|
||||
* @param integer $basketId
|
||||
*
|
||||
* @return string The token
|
||||
*
|
||||
* @throws NotFoundHttpException
|
||||
*/
|
||||
public function getValidationToken($userId, $basketId)
|
||||
{
|
||||
$conn = $this->app['phraseanet.appbox']->get_connection();
|
||||
$sql = '
|
||||
SELECT value FROM tokens
|
||||
WHERE type = :type
|
||||
AND usr_id = :usr_id
|
||||
AND datas = :basket_id
|
||||
AND (expire_on > NOW() OR expire_on IS NULL)';
|
||||
|
||||
$stmt = $conn->prepare($sql);
|
||||
$stmt->execute([
|
||||
':type' => self::TYPE_VALIDATE,
|
||||
':usr_id' => (int) $userId,
|
||||
':basket_id' => (int) $basketId,
|
||||
]);
|
||||
$row = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
$stmt->closeCursor();
|
||||
|
||||
if (! $row) {
|
||||
throw new NotFoundHttpException('Token not found');
|
||||
}
|
||||
|
||||
return $row['value'];
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user