class_AccountPasswordVerifierFilter.php

Go to the documentation of this file.
00001 <?php
00025 class AccountPasswordVerifierFilter extends BaseFilter implements Filterable {
00031         protected function __construct () {
00032                 // Call parent constructor
00033                 parent::__construct(__CLASS__);
00034         }
00035 
00041         public final static function createAccountPasswordVerifierFilter () {
00042                 // Get a new instance
00043                 $filterInstance = new AccountPasswordVerifierFilter();
00044 
00045                 // Return the instance
00046                 return $filterInstance;
00047         }
00048 
00058         public function execute (Requestable $requestInstance, Responseable $responseInstance) {
00059                 // Get password
00060                 $password = $requestInstance->getRequestElement('pass_old');
00061 
00062                 // Is the password still not set?
00063                 if (is_null($password)) {
00064                         // Get password from alternative location
00065                         $password = $requestInstance->getRequestElement('password');
00066 
00067                         // Is the password still not set?
00068                         if (is_null($password)) {
00069                                 // Not found in form so stop the filtering process
00070                                 $requestInstance->requestIsValid(false);
00071 
00072                                 // Add a message to the response
00073                                 $responseInstance->addFatalMessage('password_unset');
00074 
00075                                 // Abort here
00076                                 return false;
00077                         } // END - if
00078                 } // END - if
00079 
00080                 if (empty($password)) {
00081                         // Password is empty
00082                         $requestInstance->requestIsValid(false);
00083 
00084                         // Add a message to the response
00085                         $responseInstance->addFatalMessage('password_empty');
00086 
00087                         // Abort here
00088                         return false;
00089                 }
00090 
00091                 // Get a user instance
00092                 $userInstance = Registry::getRegistry()->getInstance('user');
00093 
00094                 // Get current hash
00095                 $currentHash = $userInstance->getField('pass_hash');
00096 
00097                 // Get an encryption helper and encrypt the password
00098                 $passHash = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($password, $currentHash);
00099 
00100                 // Does it match?
00101                 if ($currentHash != $passHash) {
00102                         // Throw an exception here to stop the proccessing
00103                         throw new AccountPasswordMismatchException($this, BaseUser::EXCEPTION_USER_PASS_MISMATCH);
00104                 } // END - if
00105         }
00106 }
00107 
00108 // [EOF]
00109 ?>
Generated on Mon Dec 8 01:06:45 2008 for Ship-Simulator by  doxygen 1.5.6