X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=CRM%2FUtils%2FSigner.php;h=1116cfbad181bd03478da873723d00dc4bc86ce3;hb=3bdca10067500e4f437a90b96e902bc040c211e0;hp=05987a6b0b4cce254642203932541edaaa3b6803;hpb=192e8d1a947814993aa699e47ac1669ac17b1045;p=civicrm-core.git diff --git a/CRM/Utils/Signer.php b/CRM/Utils/Signer.php index 05987a6b0b..1116cfbad1 100644 --- a/CRM/Utils/Signer.php +++ b/CRM/Utils/Signer.php @@ -1,7 +1,7 @@ secret = $secret; $this->paramNames = $paramNames; @@ -74,18 +76,21 @@ class CRM_Utils_Signer { /** * Generate a signature for a set of key-value pairs * - * @param $params array, key-value pairs - * @param $salt string, the salt (if known) or NULL (for auto-generated) + * @param array $params + * Array, key-value pairs. + * @param string $salt + * the salt (if known) or NULL (for auto-generated). * @return string, the full public token representing the signature */ - function sign($params, $salt = NULL) { + public function sign($params, $salt = NULL) { $message = array(); $message['secret'] = $this->secret; $message['payload'] = array(); if (empty($salt)) { $message['salt'] = $this->createSalt(); - } else { - $message['salt'] = $salt; + } + else { + $message['salt'] = $salt; } // recall: paramNames is pre-sorted for stability foreach ($this->paramNames as $paramName) { @@ -93,11 +98,12 @@ class CRM_Utils_Signer { if (is_numeric($params[$paramName])) { $params[$paramName] = (string) $params[$paramName]; } - } else { // $paramName is not included or ===NULL - $params[$paramName] = ''; } - $message['payload'][$paramName] = $params[$paramName]; + else {// $paramName is not included or ===NULL + $params[$paramName] = ''; } + $message['payload'][$paramName] = $params[$paramName]; + } $token = $message['salt'] . $this->signDelim . md5(serialize($message)); return $token; } @@ -105,13 +111,15 @@ class CRM_Utils_Signer { /** * Determine whether a token represents a proper signature for $params * - * @param $token string, the full public token representing the signature - * @param $params array, key-value pairs + * @param string $token + * the full public token representing the signature. + * @param array $params + * Array, key-value pairs. * * @throws Exception * @return bool, TRUE iff all $paramNames for the submitted validate($params) and the original sign($params) */ - function validate($token, $params) { + public function validate($token, $params) { list ($salt, $signature) = explode($this->signDelim, $token); if (strlen($salt) != self::SALT_LEN) { throw new Exception("Invalid salt [$token]=[$salt][$signature]"); @@ -123,7 +131,7 @@ class CRM_Utils_Signer { /** * @return string */ - function createSalt() { + public function createSalt() { // It would be more secure to generate a new value but liable to run this // many times on certain admin pages; so instead we'll re-use the hash. return $this->defaultSalt;