[GitHub/WoltLab/WCF.git] / wcfsetup / install / files / lib / acp / form / MasterPasswordForm.class.php

<?php
namespace wcf\acp\form;
use wcf\form\AbstractForm;
use wcf\system\exception\UserInputException;
use wcf\system\request\LinkHandler;
use wcf\system\WCF;
use wcf\util\HeaderUtil;
use wcf\util\PasswordUtil;

/**
 * Shows the master password form.
 * 
 * @author	Marcel Werk
 * @copyright	2001-2016 WoltLab GmbH
 * @license	GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
 * @package	WoltLabSuite\Core\Acp\Form
 */
class MasterPasswordForm extends AbstractForm {
	/**
	 * master password
	 * @var	string
	 */
	public $masterPassword = '';
	
	/**
	 * forward url
	 * @var	string
	 */
	public $url = '';
	
	/**
	 * @inheritDoc
	 */
	public function readParameters() {
		parent::readParameters();
		
		if (file_exists(WCF_DIR.'acp/masterPassword.inc.php')) {
			require_once(WCF_DIR.'acp/masterPassword.inc.php');
		}
		else {
			HeaderUtil::redirect(LinkHandler::getInstance()->getLink('MasterPasswordInit'));
			exit;
		}
	}
	
	/**
	 * @inheritDoc
	 */
	public function readFormParameters() {
		parent::readFormParameters();
		
		if (isset($_POST['masterPassword'])) $this->masterPassword = $_POST['masterPassword'];
		if (isset($_POST['url'])) $this->url = $_POST['url'];
	}
	
	/**
	 * @inheritDoc
	 */
	public function validate() {
		parent::validate();
		
		if (empty($this->masterPassword)) {
			throw new UserInputException('masterPassword');
		}
		
		// check password
		if (!PasswordUtil::secureCompare(MASTER_PASSWORD, PasswordUtil::getDoubleSaltedHash($this->masterPassword, MASTER_PASSWORD))) {
			throw new UserInputException('masterPassword', 'invalid');
		}
	}
	
	/**
	 * @inheritDoc
	 */
	public function save() {
		parent::save();
		
		// update session
		WCF::getSession()->register('masterPassword', 1);
		WCF::getSession()->update();
		WCF::getSession()->disableUpdate();
		
		// forward
		if (empty($this->url)) {
			$this->url = LinkHandler::getInstance()->getLink();
		}
		HeaderUtil::redirect($this->url);
		exit;
	}
	
	/**
	 * @inheritDoc
	 */
	public function readData() {
		parent::readData();
		
		if (empty($_POST) && mb_strpos(WCF::getSession()->requestURI, 'MasterPassword') === false) {
			$this->url = WCF::getSession()->requestURI;
		}
	}
	
	/**
	 * @inheritDoc
	 */
	public function assignVariables() {
		parent::assignVariables();
		
		WCF::getTPL()->assign([
			'masterPassword' => $this->masterPassword,
			'relativeWcfDir' => RELATIVE_WCF_DIR,
			'url' => $this->url
		]);
	}
}
Commit	Line	Data
11ade432 AE	1	<?php
11ade432 AE	2	namespace wcf\acp\form;
264c6eea	3	use wcf\form\AbstractForm;
11ade432	4	use wcf\system\exception\UserInputException;
3e0e6b2c	5	use wcf\system\request\LinkHandler;
11ade432 AE	6	use wcf\system\WCF;
11ade432 AE	7	use wcf\util\HeaderUtil;
4e273b1f	8	use wcf\util\PasswordUtil;
11ade432 AE	9
	10	/**
	11	* Shows the master password form.
9f959ced	12	*
11ade432	13	* @author Marcel Werk
7d739af0	14	* @copyright 2001-2016 WoltLab GmbH
11ade432	15	* @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
e71525e4	16	* @package WoltLabSuite\Core\Acp\Form
11ade432	17	*/
264c6eea	18	class MasterPasswordForm extends AbstractForm {
11ade432 AE	19	/**
11ade432 AE	20	* master password
9f959ced	21	* @var string
11ade432 AE	22	*/
	23	public $masterPassword = '';
	24
	25	/**
	26	* forward url
9f959ced	27	* @var string
11ade432 AE	28	*/
	29	public $url = '';
	30
	31	/**
0fcfe5f6	32	* @inheritDoc
d726f13d	33	*/
11ade432 AE	34	public function readParameters() {
	35	parent::readParameters();
	36
	37	if (file_exists(WCF_DIR.'acp/masterPassword.inc.php')) {
	38	require_once(WCF_DIR.'acp/masterPassword.inc.php');
	39	}
191b8391 TD	40	else {
	41	HeaderUtil::redirect(LinkHandler::getInstance()->getLink('MasterPasswordInit'));
	42	exit;
	43	}
11ade432	44	}
9f959ced	45
11ade432	46	/**
0fcfe5f6	47	* @inheritDoc
11ade432 AE	48	*/
	49	public function readFormParameters() {
	50	parent::readFormParameters();
	51
	52	if (isset($_POST['masterPassword'])) $this->masterPassword = $_POST['masterPassword'];
	53	if (isset($_POST['url'])) $this->url = $_POST['url'];
	54	}
	55
	56	/**
0fcfe5f6	57	* @inheritDoc
11ade432 AE	58	*/
	59	public function validate() {
	60	parent::validate();
	61
	62	if (empty($this->masterPassword)) {
	63	throw new UserInputException('masterPassword');
	64	}
	65
	66	// check password
191b8391	67	if (!PasswordUtil::secureCompare(MASTER_PASSWORD, PasswordUtil::getDoubleSaltedHash($this->masterPassword, MASTER_PASSWORD))) {
063bbf46	68	throw new UserInputException('masterPassword', 'invalid');
11ade432 AE	69	}
	70	}
	71
	72	/**
0fcfe5f6	73	* @inheritDoc
11ade432 AE	74	*/
	75	public function save() {
	76	parent::save();
	77
	78	// update session
	79	WCF::getSession()->register('masterPassword', 1);
	80	WCF::getSession()->update();
	81	WCF::getSession()->disableUpdate();
	82
	83	// forward
	84	if (empty($this->url)) {
c2865ab9	85	$this->url = LinkHandler::getInstance()->getLink();
11ade432	86	}
49cced42	87	HeaderUtil::redirect($this->url);
11ade432 AE	88	exit;
	89	}
	90
	91	/**
0fcfe5f6	92	* @inheritDoc
11ade432 AE	93	*/
	94	public function readData() {
	95	parent::readData();
	96
838e315b	97	if (empty($_POST) && mb_strpos(WCF::getSession()->requestURI, 'MasterPassword') === false) {
11ade432 AE	98	$this->url = WCF::getSession()->requestURI;
	99	}
	100	}
	101
	102	/**
0fcfe5f6	103	* @inheritDoc
11ade432 AE	104	*/
	105	public function assignVariables() {
	106	parent::assignVariables();
	107
058cbd6a	108	WCF::getTPL()->assign([
11ade432	109	'masterPassword' => $this->masterPassword,
f6e546c0	110	'relativeWcfDir' => RELATIVE_WCF_DIR,
11ade432	111	'url' => $this->url
058cbd6a	112	]);
11ade432 AE	113	}
11ade432 AE	114	}