commit bb23115d57e63d621d964cb88cc1d1ecc03dd8bf
parent 18051f7ab8eb163821b3dfde1f5825631606389e
Author: Jan Dankert <develop@jandankert.de>
Date: Sun, 25 Oct 2020 02:51:56 +0200
Using the object-based configuration.
Diffstat:
5 files changed, 40 insertions(+), 33 deletions(-)
diff --git a/modules/cms/Dispatcher.class.php b/modules/cms/Dispatcher.class.php
@@ -161,7 +161,9 @@ class Dispatcher
private function checkPostToken()
{
- if (Configuration::config('security', 'use_post_token') && $this->request->isAction && $this->request->getToken() != Session::token()) {
+ if ( Configuration::subset('security')->is('use_post_token',true) &&
+ $this->request->isAction &&
+ $this->request->getToken() != Session::token() ) {
Logger::error('Token mismatch: Needed ' . Session::token() . ' but got ' . Logger::sanitizeInput($this->request->getToken()) . '. Maybe an attacker?');
throw new SecurityException("Token mismatch");
}
@@ -173,21 +175,21 @@ class Dispatcher
private function initializeLogger()
{
- $logConfig = Configuration::config('log');
+ $logConfig = Configuration::subset('log');
- $logFile = $logConfig['file'];
+ $logFile = $logConfig->get('file','');
// Wenn Logfile relativ angegeben wurde, dann muss dies relativ zum Root der Anwendung sein.
- if ( !empty($logFile) && $logFile[0] != '/' )
+ if ( $logFile && $logFile[0] != '/' )
$logFile = __DIR__ . '/../../' . $logFile;
- Logger::$messageFormat = $logConfig['format'];
+ Logger::$messageFormat = $logConfig->get('format',['time','level','host','text']);
Logger::$filename = $logFile;
- Logger::$dateFormat = $logConfig['date_format'];
- Logger::$nsLookup = $logConfig['ns_lookup'];
+ Logger::$dateFormat = $logConfig->get('date_format','r');
+ Logger::$nsLookup = $logConfig->is('ns_lookup',false);
- Logger::$outputType = (int) @constant('\\logger\\Logger::OUTPUT_' . strtoupper($logConfig['output']));
- Logger::$level = (int) @constant('\\logger\\Logger::LEVEL_' . strtoupper($logConfig['level' ]));
+ Logger::$outputType = (int) @constant('\\logger\\Logger::OUTPUT_' . strtoupper($logConfig->get('output','PLAIN')));
+ Logger::$level = (int) @constant('\\logger\\Logger::LEVEL_' . strtoupper($logConfig->get('level' ,'WARN' )));
Logger::$messageCallback = function ( $key ) {
@@ -357,7 +359,7 @@ class Dispatcher
$dbids = array_keys( $databases );
- $defaultDbId = Configuration::config('database-default','default-id');
+ $defaultDbId = Configuration::subset('database-default')->get('default-id' );
if ( $defaultDbId && in_array($defaultDbId,$dbids) )
// Default-Datenbankverbindung ist konfiguriert und vorhanden.
diff --git a/modules/cms/action/UserAction.class.php b/modules/cms/action/UserAction.class.php
@@ -2,6 +2,7 @@
namespace cms\action;
+use cms\base\Configuration;
use cms\model\Acl;
use cms\model\User;
use cms\model\Project;
@@ -160,31 +161,30 @@ class UserAction extends BaseAction
/**
- * Aendern des Kennwortes
+ * Change password for user.
*/
public function pwPost()
{
- $conf = \cms\base\Configuration::rawConfig();
-
$password = $this->getRequestVar('password');
if ( !$password )
$password = $this->getRequestVar('password_proposal');
- if ( strlen($password) < intval($conf['security']['password']['min_length']) )
- throw new ValidationException('password' );
+ if ( strlen($password) < Configuration::subset(['security','password'])->get('min_length',8) )
+ throw new ValidationException('password',Messages::PASSWORD_MINLENGTH );
- // Kennwoerter identisch und lang genug
$this->user->setPassword($password,!$this->hasRequestVar('timeout') ); // Kennwort setzen
// E-Mail mit dem neuen Kennwort an Benutzer senden
- if ( $this->hasRequestVar('email') && !empty($this->user->mail) && $conf['mail']['enabled'] )
- {
- $this->mailPw( $newPassword );
- $this->addNotice('user', 0, $this->user->name, 'MAIL_SENT', 'ok');
+ if ( $this->hasRequestVar('email') &&
+ $this->user->mail && // user has an e-mail.
+ Configuration::subset('mail')->is('enabled',true)
+ ) {
+ $this->mailPw( $password );
+ $this->addNoticeFor( $this->user, Messages::MAIL_SENT);
}
- $this->addNotice('user', 0, $this->user->name, 'SAVED', 'ok');
+ $this->addNoticeFor($this->user, Messages::SAVED);
}
diff --git a/modules/cms/auth/InternalAuth.class.php b/modules/cms/auth/InternalAuth.class.php
@@ -2,6 +2,7 @@
namespace cms\auth;
+use cms\base\Configuration;
use cms\base\DB as Db;
use cms\model\User;
use LogicException;
@@ -48,7 +49,7 @@ SQL
// Behandeln von Klartext-Kennwoertern (Igittigitt).
if ($row_user['password_algo'] == Password::ALGO_PLAIN) {
- if (\cms\base\Configuration::config('security', 'password', 'force_change_if_cleartext'))
+ if (Configuration::subset(['security', 'password'] )->is('force_change_if_cleartext',true))
// Kennwort steht in der Datenbank im Klartext.
// Das Kennwort muss geaendert werden
return Auth::STATUS_PW_EXPIRED;
@@ -62,7 +63,7 @@ SQL
// Wenn das kennwort abgelaufen ist, kann es eine bestimmte Dauer noch benutzt und geändert werden.
// Nach Ablauf dieser Dauer wird das Login abgelehnt.
- if ($row_user['password_expires'] + (\cms\base\Configuration::config('security', 'deny_after_expiration_duration') * 60 * 60) < time())
+ if ($row_user['password_expires'] + (Configuration::config('security', 'deny_after_expiration_duration') * 60 * 60) < time())
return false; // Abgelaufenes Kennwort wird nicht mehr akzeptiert.
else
return Auth::STATUS_PW_EXPIRED; // Kennwort ist abgelaufen, kann aber noch geändert werden.
@@ -90,5 +91,3 @@ SQL
return null;
}
}
-
-?>-
\ No newline at end of file
diff --git a/modules/cms/base/Configuration.class.php b/modules/cms/base/Configuration.class.php
@@ -57,7 +57,7 @@ class Configuration {
/**
* Gives the subset with this key.
- * @param $key string subset key
+ * @param $key string|array subset key
* @return Config
*/
public static function subset( $key ) {
diff --git a/modules/configuration/Config.class.php b/modules/configuration/Config.class.php
@@ -47,15 +47,22 @@ class Config
/**
* Giving the child configuration with a fluent interface.
*
- * @param $name string
+ * @param $names string|array
* @return Config
*/
- public function subset($name)
+ public function subset($names)
{
- if (isset($this->config[$name]) && is_array($this->config[$name]))
- return new Config($this->config[$name]);
- else
- return new Config(array());
+ if ( !is_array($names) )
+ $names = [$names];
+
+ $config = $this->config;
+ foreach($names as $key )
+ if (isset($this->config[$key]) && is_array($this->config[$key]))
+ $config = $config[$key];
+ else
+ return new Config( [] );
+
+ return new Config( $config );
}