mirror of
https://github.com/kamilwylegala/cakephp2-php8.git
synced 2024-11-15 03:18:26 +00:00
Replacing constant CIPHER_SEED with Configure class variable 'Security.cipher_seed' and renaming Security class method 'checkSessionKey' to 'checkSecurityKeys'
This commit is contained in:
parent
813a7779e0
commit
2441849fa0
8 changed files with 23 additions and 13 deletions
|
@ -74,7 +74,7 @@
|
|||
* The value of the define determines the names of the routes
|
||||
* and their associated controller actions:
|
||||
*
|
||||
* Set to an array of prefixes you want to use in your application. Use for
|
||||
* Set to an array of prefixes you want to use in your application. Use for
|
||||
* admin or other prefixed routes.
|
||||
*
|
||||
* Routing.prefixes = array('admin', 'manager');
|
||||
|
@ -197,6 +197,11 @@
|
|||
*/
|
||||
Configure::write('Security.salt', 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi');
|
||||
|
||||
/**
|
||||
* A random numeric string (digits only) used to encrypt/decrypt strings.
|
||||
*/
|
||||
Configure::write('Security.cipher_seed', '76859309657453542496749683645');
|
||||
|
||||
/**
|
||||
* Apply timestamps with the last modified time to static assets (js, css, images).
|
||||
* Will append a querystring parameter containing the time the file was modified. This is
|
||||
|
|
|
@ -3,7 +3,7 @@ $output = "<h2>Sweet, \"" . Inflector::humanize($app) . "\" got Baked by CakePHP
|
|||
$output .="
|
||||
<?php
|
||||
if (Configure::read() > 0):
|
||||
Debugger::checkSessionKey();
|
||||
Debugger::checkSecurityKeys();
|
||||
endif;
|
||||
?>
|
||||
<p>
|
||||
|
|
|
@ -85,7 +85,7 @@
|
|||
/**
|
||||
* Uncomment the define below to use CakePHP prefix routes.
|
||||
*
|
||||
* Set to an array of prefixes you want to use in your application. Use for
|
||||
* Set to an array of prefixes you want to use in your application. Use for
|
||||
* admin or other prefixed routes.
|
||||
*
|
||||
* Routing.prefixes = array('admin', 'manager');
|
||||
|
@ -206,6 +206,11 @@
|
|||
*/
|
||||
Configure::write('Security.salt', 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi');
|
||||
|
||||
/**
|
||||
* A random numeric string (digits only) used to encrypt/decrypt strings.
|
||||
*/
|
||||
Configure::write('Security.cipher_seed', '76859309657453542496749683645');
|
||||
|
||||
/**
|
||||
* Compress CSS output by removing comments, whitespace, repeating tags, etc.
|
||||
* This requires a/var/cache directory to be writable by the web server for caching.
|
||||
|
|
|
@ -278,7 +278,7 @@ class AuthComponent extends Object {
|
|||
$this->_set($settings);
|
||||
if (Configure::read() > 0) {
|
||||
App::import('Debugger');
|
||||
Debugger::checkSessionKey();
|
||||
Debugger::checkSecurityKeys();
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -664,15 +664,19 @@ class Debugger extends Object {
|
|||
}
|
||||
|
||||
/**
|
||||
* Verifies that the application's salt value has been changed from the default value.
|
||||
* Verifies that the application's salt and cipher seed value has been changed from the default value.
|
||||
*
|
||||
* @access public
|
||||
* @static
|
||||
*/
|
||||
function checkSessionKey() {
|
||||
function checkSecurityKeys() {
|
||||
if (Configure::read('Security.salt') == 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi') {
|
||||
trigger_error(__('Please change the value of \'Security.salt\' in app/config/core.php to a salt value specific to your application', true), E_USER_NOTICE);
|
||||
}
|
||||
|
||||
if (Configure::read('Security.cipher_seed') == '76859309657453542496749683645') {
|
||||
trigger_error(__('Please change the value of \'Security.cipher_seed\' in app/config/core.php to a numeric (digits only) seed value specific to your application', true), E_USER_NOTICE);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -174,11 +174,7 @@ class Security extends Object {
|
|||
return '';
|
||||
}
|
||||
|
||||
if (!defined('CIPHER_SEED')) {
|
||||
//This is temporary will change later
|
||||
define('CIPHER_SEED', '76859309657453542496749683645');
|
||||
}
|
||||
srand(CIPHER_SEED);
|
||||
srand(Configure::read('Security.cipher_seed'));
|
||||
$out = '';
|
||||
|
||||
for ($i = 0; $i < strlen($text); $i++) {
|
||||
|
|
|
@ -25,7 +25,7 @@ endif;
|
|||
echo $this->Html->link(__('Read the changelog', true), 'http://code.cakephp.org/wiki/changelog/1_3_0-alpha');
|
||||
|
||||
if (Configure::read() > 0):
|
||||
Debugger::checkSessionKey();
|
||||
Debugger::checkSecurityKeys();
|
||||
endif;
|
||||
?>
|
||||
<p>
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
<?php
|
||||
if (Configure::read() > 0):
|
||||
Debugger::checkSessionKey();
|
||||
Debugger::checkSecurityKeys();
|
||||
endif;
|
||||
?>
|
||||
<p>
|
||||
|
|
Loading…
Reference in a new issue