Commit | Line | Data |
---|---|---|
11ade432 AE |
1 | <?php |
2 | namespace wcf\acp\form; | |
264c6eea | 3 | use wcf\form\AbstractForm; |
11ade432 | 4 | use wcf\system\exception\UserInputException; |
3e0e6b2c | 5 | use wcf\system\request\LinkHandler; |
11ade432 AE |
6 | use wcf\system\WCF; |
7 | use wcf\util\HeaderUtil; | |
4e273b1f | 8 | use wcf\util\PasswordUtil; |
11ade432 AE |
9 | |
10 | /** | |
11 | * Shows the master password form. | |
9f959ced | 12 | * |
11ade432 | 13 | * @author Marcel Werk |
7d739af0 | 14 | * @copyright 2001-2016 WoltLab GmbH |
11ade432 | 15 | * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php> |
e71525e4 | 16 | * @package WoltLabSuite\Core\Acp\Form |
11ade432 | 17 | */ |
264c6eea | 18 | class MasterPasswordForm extends AbstractForm { |
11ade432 AE |
19 | /** |
20 | * master password | |
9f959ced | 21 | * @var string |
11ade432 AE |
22 | */ |
23 | public $masterPassword = ''; | |
24 | ||
25 | /** | |
26 | * forward url | |
9f959ced | 27 | * @var string |
11ade432 AE |
28 | */ |
29 | public $url = ''; | |
30 | ||
31 | /** | |
0fcfe5f6 | 32 | * @inheritDoc |
d726f13d | 33 | */ |
11ade432 AE |
34 | public function readParameters() { |
35 | parent::readParameters(); | |
36 | ||
37 | if (file_exists(WCF_DIR.'acp/masterPassword.inc.php')) { | |
38 | require_once(WCF_DIR.'acp/masterPassword.inc.php'); | |
39 | } | |
191b8391 TD |
40 | else { |
41 | HeaderUtil::redirect(LinkHandler::getInstance()->getLink('MasterPasswordInit')); | |
42 | exit; | |
43 | } | |
11ade432 | 44 | } |
9f959ced | 45 | |
11ade432 | 46 | /** |
0fcfe5f6 | 47 | * @inheritDoc |
11ade432 AE |
48 | */ |
49 | public function readFormParameters() { | |
50 | parent::readFormParameters(); | |
51 | ||
52 | if (isset($_POST['masterPassword'])) $this->masterPassword = $_POST['masterPassword']; | |
53 | if (isset($_POST['url'])) $this->url = $_POST['url']; | |
54 | } | |
55 | ||
56 | /** | |
0fcfe5f6 | 57 | * @inheritDoc |
11ade432 AE |
58 | */ |
59 | public function validate() { | |
60 | parent::validate(); | |
61 | ||
62 | if (empty($this->masterPassword)) { | |
63 | throw new UserInputException('masterPassword'); | |
64 | } | |
65 | ||
66 | // check password | |
191b8391 | 67 | if (!PasswordUtil::secureCompare(MASTER_PASSWORD, PasswordUtil::getDoubleSaltedHash($this->masterPassword, MASTER_PASSWORD))) { |
063bbf46 | 68 | throw new UserInputException('masterPassword', 'invalid'); |
11ade432 AE |
69 | } |
70 | } | |
71 | ||
72 | /** | |
0fcfe5f6 | 73 | * @inheritDoc |
11ade432 AE |
74 | */ |
75 | public function save() { | |
76 | parent::save(); | |
77 | ||
78 | // update session | |
79 | WCF::getSession()->register('masterPassword', 1); | |
80 | WCF::getSession()->update(); | |
81 | WCF::getSession()->disableUpdate(); | |
82 | ||
83 | // forward | |
84 | if (empty($this->url)) { | |
c2865ab9 | 85 | $this->url = LinkHandler::getInstance()->getLink(); |
11ade432 | 86 | } |
49cced42 | 87 | HeaderUtil::redirect($this->url); |
11ade432 AE |
88 | exit; |
89 | } | |
90 | ||
91 | /** | |
0fcfe5f6 | 92 | * @inheritDoc |
11ade432 AE |
93 | */ |
94 | public function readData() { | |
95 | parent::readData(); | |
96 | ||
838e315b | 97 | if (empty($_POST) && mb_strpos(WCF::getSession()->requestURI, 'MasterPassword') === false) { |
11ade432 AE |
98 | $this->url = WCF::getSession()->requestURI; |
99 | } | |
100 | } | |
101 | ||
102 | /** | |
0fcfe5f6 | 103 | * @inheritDoc |
11ade432 AE |
104 | */ |
105 | public function assignVariables() { | |
106 | parent::assignVariables(); | |
107 | ||
058cbd6a | 108 | WCF::getTPL()->assign([ |
11ade432 | 109 | 'masterPassword' => $this->masterPassword, |
f6e546c0 | 110 | 'relativeWcfDir' => RELATIVE_WCF_DIR, |
11ade432 | 111 | 'url' => $this->url |
058cbd6a | 112 | ]); |
11ade432 AE |
113 | } |
114 | } |