onokazu
onoka****@users*****
2005年 6月 1日 (水) 19:17:22 JST
Index: xoops2jp/html/class/token.php
diff -u xoops2jp/html/class/token.php:1.1.2.7 xoops2jp/html/class/token.php:1.1.2.8
--- xoops2jp/html/class/token.php:1.1.2.7 Fri May 27 21:24:50 2005
+++ xoops2jp/html/class/token.php Wed Jun 1 19:17:22 2005
@@ -1,5 +1,5 @@
<?php
-// $Id: token.php,v 1.1.2.7 2005/05/27 12:24:50 minahito Exp $
+// $Id: token.php,v 1.1.2.8 2005/06/01 10:17:22 onokazu Exp $
define ( 'XOOPS_TOKEN_TIMEOUT', 0 );
define ( 'XOOPS_TOKEN_PREFIX', "XOOPS_TOKEN_" );
@@ -10,11 +10,13 @@
define ( 'XOOPS_TOKEN_SESSION_STRING', "X2_TOKEN");
define ( 'XOOPS_TOKEN_MULTI_SESSION_STRING', "X2_MULTI_TOKEN");
+define('XOOPS_TOKEN_DEFAULT', 'XOOPS_TOKEN_DEFAULT');
+
/**
- * This class express token. this has name, token's string for inquiry,
+ * This class express token. this has name, token's string for inquiry,
* lifetime, serial number. this does not have direct validation method,
* therefore this does not depend on $_Session and $_Request.
- *
+ *
* You can refer to a handler class for this token. this token class
* means ticket, and handler class means ticket agent. there is a strict
* ticket agent type(XoopsSingleTokenHandler), and flexible ticket agent
@@ -22,41 +24,41 @@
*/
class XoopsToken
{
- /**
- * token's name. this is used for identification.
- * @access protected
- */
+ /**
+ * token's name. this is used for identification.
+ * @access protected
+ */
var $_name_;
-
- /**
- * token's string for inquiry. this should be a random code for security.
- * @access private
- */
+
+ /**
+ * token's string for inquiry. this should be a random code for security.
+ * @access private
+ */
var $_token_;
-
- /**
- * the unixtime when this token is effective.
- *
- * @access protected
- */
+
+ /**
+ * the unixtime when this token is effective.
+ *
+ * @access protected
+ */
var $_lifetime_;
-
- /**
- * unlimited flag. if this is true, this token is not limited in lifetime.
- */
+
+ /**
+ * unlimited flag. if this is true, this token is not limited in lifetime.
+ */
var $_unlimited_;
- /**
- * serial number. this used for identification of tokens of same name tokens.
- *
- * @access private
- */
+ /**
+ * serial number. this used for identification of tokens of same name tokens.
+ *
+ * @access private
+ */
var $_number_=0;
- /**
- * @param $name this token's name string.
- * @param $timeout effective time(if $timeout equal 0, this token will become unlimited)
- */
+ /**
+ * @param $name this token's name string.
+ * @param $timeout effective time(if $timeout equal 0, this token will become unlimited)
+ */
function XoopsToken($name, $timeout = XOOPS_TOKEN_TIMEOUT)
{
$this->_name_ = $name;
@@ -74,12 +76,12 @@
}
- /**
- * Returns random string for token's string.
- *
- * @access protected
- * @return string
- */
+ /**
+ * Returns random string for token's string.
+ *
+ * @access protected
+ * @return string
+ */
function _generateToken()
{
srand(microtime()*100000);
@@ -88,7 +90,7 @@
/**
* Returns this token's name.
- *
+ *
* @access public
* @return string
*/
@@ -99,32 +101,32 @@
/**
* Returns this token's string.
- *
+ *
* @access public
- * @return string
+ * @return string
*/
function getTokenValue()
{
return $this->_token_;
}
- /**
- * Set this token's serial number.
- *
+ /**
+ * Set this token's serial number.
+ *
* @access public
- * @param $serial_number serial number
- */
+ * @param $serial_number serial number
+ */
function setSerialNumber($serial_number)
{
$this->_number_ = $serial_number;
}
- /**
- * Returns this token's serial number.
- *
+ /**
+ * Returns this token's serial number.
+ *
* @access public
- * @return int
- */
+ * @return int
+ */
function getSerialNumber()
{
return $this->_number_;
@@ -133,9 +135,9 @@
/**
* Returns hidden tag string that includes this token. you can use it
* for <form> tag's member.
- *
+ *
* @access public
- * @return string
+ * @return string
*/
function getHtml()
{
@@ -145,8 +147,8 @@
/**
* Returns url string that includes this token. you can use it for
* hyper link.
- *
- * @return string
+ *
+ * @return string
*/
function getUrl()
{
@@ -155,8 +157,8 @@
/**
* If $token equals this token's string, true is returened.
- *
- * @return bool
+ *
+ * @return bool
*/
function validate($token=null)
{
@@ -166,27 +168,27 @@
/**
* This class express ticket agent and ticket collector. this publishes
- * token, keeps a token to server to check it later(next request).
- *
+ * token, keeps a token to server to check it later(next request).
+ *
* You can create various agents by extending the derivative class. see
* default(sample) classes.
*/
class XoopsTokenHandler
{
- /**
- * @access private
- */
+ /**
+ * @access private
+ */
var $_prefix ="";
- /**
- * Create XoopsToken instance, regist(keep to server), and returns it.
- *
- * @access public
- * @param $name this token's name string.
- * @param $timeout effective time(if $timeout equal 0, this token will become unlimited)
- */
- function &create($name,$timeout = XOOPS_TOKEN_TIMEOUT)
+ /**
+ * Create XoopsToken instance, regist(keep to server), and returns it.
+ *
+ * @access public
+ * @param $name this token's name string.
+ * @param $timeout effective time(if $timeout equal 0, this token will become unlimited)
+ */
+ function &create($name,$timeout = XOOPS_TOKEN_TIMEOUT)
{
$token = new XoopsToken($name,$timeout);
$this->register($token);
@@ -197,7 +199,7 @@
* Fetches from server side, and returns it.
*
* @access public
- * @param $name token's name string.
+ * @param $name token's name string.
* @return XoopsToken
*/
function &fetch($name)
@@ -210,44 +212,44 @@
}
}
- /**
- * Register token to session.
- */
+ /**
+ * Register token to session.
+ */
function register(&$token)
{
$_SESSION[XOOPS_TOKEN_SESSION_STRING][$this->_prefix.$token->_name_] = $token;
}
- /**
- * Unregister token to session.
- */
+ /**
+ * Unregister token to session.
+ */
function unregister(&$token)
{
unset($_SESSION[XOOPS_TOKEN_SESSION_STRING][$this->_prefix.$token->_name_]);
}
- /**
- * If a token of the name that equal $name is registered on session,
- * this method will return true.
- *
- * @access public
- * @param $name token's name string.
- * @return bool
- */
+ /**
+ * If a token of the name that equal $name is registered on session,
+ * this method will return true.
+ *
+ * @access public
+ * @param $name token's name string.
+ * @return bool
+ */
function isRegistered($name)
{
return isset($_SESSION[XOOPS_TOKEN_SESSION_STRING][$this->_prefix.$name]);
}
- /**
- * This method takes out token's string from Request, and validate
- * token with it. if it passed validation, this method will return true.
- *
- * @access public
- * @param $token XoopsToken
- * @param $clearIfValid If token passed validation, $token will be unregistered.
- * @return bool
- */
+ /**
+ * This method takes out token's string from Request, and validate
+ * token with it. if it passed validation, this method will return true.
+ *
+ * @access public
+ * @param $token XoopsToken
+ * @param $clearIfValid If token passed validation, $token will be unregistered.
+ * @return bool
+ */
function validate(&$token,$clearIfValid)
{
$req_token = isset($_REQUEST[ $token->getTokenName() ]) ?
@@ -274,7 +276,7 @@
return false;
}
- /**
+ /**
* static method.
* This method was created for quick protection of default modules.
* this method will be deleted in the near future.
@@ -379,7 +381,7 @@
/**
* @param $name string
- * @return int
+ * @return int
*/
function getRequestNumber($name)
{