Use SensitiveParameter

2022-12-10 16:53:16 +07:00 · 2022-12-10 16:53:16 +07:00 · bb6d788ce5
commit bb6d788ce5
parent 43ec62727e
7 changed files with 49 additions and 14 deletions
--- a/app/Core/Csrf.php
+++ b/app/Core/Csrf.php
@ -11,6 +11,7 @@ declare(strict_types=1);
 namespace ForkBB\Core;

 use ForkBB\Core\Secury;
+use SensitiveParameter;

 class Csrf
 {
@ -36,8 +37,11 @@ class Csrf
     */
    protected $hashExpiration = 3600;

-    public function __construct(Secury $secury, string $key)
-    {
+    public function __construct(
+        Secury $secury,
+        #[SensitiveParameter]
+        string $key
+    ) {
        $this->secury = $secury;
        $this->key    = \sha1($key);
    }
--- a/app/Core/DB.php
+++ b/app/Core/DB.php
@ -14,6 +14,7 @@ use ForkBB\Core\DB\DBStatement;
 use PDO;
 use PDOStatement;
 use PDOException;
+use SensitiveParameter;

 class DB
 {
@ -104,8 +105,14 @@ class DB
        'sqliteCreateFunction'  => true,
    ];

-    public function __construct(string $dsn, string $username = null, string $password = null, array $options = [], string $prefix = '')
-    {
+    public function __construct(
+        string $dsn,
+        string $username = null,
+        #[SensitiveParameter]
+        string $password = null,
+        array $options = [],
+        string $prefix = ''
+    ) {
        $dsn = $this->initialConfig($dsn);

        if (\preg_match('%[^\w]%', $prefix)) {
--- a/app/Core/Mail.php
+++ b/app/Core/Mail.php
@ -13,6 +13,7 @@ namespace ForkBB\Core;
 use ForkBB\Core\Container;
 use ForkBB\Core\Exceptions\MailException;
 use ForkBB\Core\Exceptions\SmtpException;
+use SensitiveParameter;
 use function \ForkBB\e;

 class Mail
@ -91,8 +92,15 @@ class Mail
     */
    protected $response;

-    public function __construct(/* string */ $host, /* string */ $user, /* string */ $pass, /* bool */ $ssl, /* string */ $eol, Container $c)
-    {
+    public function __construct(
+        /* string */ $host,
+        /* string */ $user,
+        #[SensitiveParameter]
+        /* string */ $pass,
+        /* bool */ $ssl,
+        /* string */ $eol,
+        Container $c
+    ) {
        $this->c = $c;

        if (
--- a/app/Core/Secury.php
+++ b/app/Core/Secury.php
@ -11,6 +11,7 @@ declare(strict_types=1);
 namespace ForkBB\Core;

 use Normalizer;
+use SensitiveParameter;
 use RuntimeException;
 use UnexpectedValueException;
 use InvalidArgumentException;
@ -50,8 +51,11 @@ class Secury
    /**
     * Обертка для hash_hmac
     */
-    public function hmac(string $data, string $key): string
-    {
+    public function hmac(
+        string $data,
+        #[SensitiveParameter]
+        string $key
+    ): string {
        if (empty($key)) {
            throw new InvalidArgumentException('Key can not be empty');
        }
--- a/app/Models/Pages/Admin/Users/Action.php
+++ b/app/Models/Pages/Admin/Users/Action.php
@ -13,6 +13,7 @@ namespace ForkBB\Models\Pages\Admin\Users;
 use ForkBB\Core\Validator;
 use ForkBB\Models\Page;
 use ForkBB\Models\Pages\Admin\Users;
+use SensitiveParameter;
 use RuntimeException;
 use function \ForkBB\__;

@ -305,8 +306,11 @@ class Action extends Users
    /**
     * Проверяет пароль на совпадение с текущим пользователем
     */
-    public function vCheckPassword(Validator $v, string $password): string
-    {
+    public function vCheckPassword(
+        Validator $v,
+        #[SensitiveParameter]
+        string $password
+    ): string {
        if (! \password_verify($password, $this->user->password)) {
            $v->addError('Invalid passphrase');
        }
--- a/app/Models/Pages/Auth.php
+++ b/app/Models/Pages/Auth.php
@ -14,6 +14,7 @@ use ForkBB\Core\Validator;
 use ForkBB\Core\Exceptions\MailException;
 use ForkBB\Models\Page;
 use ForkBB\Models\User\User;
+use SensitiveParameter;
 use function \ForkBB\__;

 class Auth extends Page
@ -179,8 +180,11 @@ class Auth extends Page
    /**
     * Проверка пользователя по базе
     */
-    public function vLoginCheck(Validator $v, string $password): string
-    {
+    public function vLoginCheck(
+        Validator $v,
+        #[SensitiveParameter]
+        string $password
+    ): string {
        if (empty($v->getErrors())) {
            $this->userAfterLogin = $this->c->users->loadByName($v->username);

--- a/app/Models/Pages/Profile.php
+++ b/app/Models/Pages/Profile.php
@ -13,6 +13,7 @@ namespace ForkBB\Models\Pages;
 use ForkBB\Core\Validator;
 use ForkBB\Models\Page;
 use ForkBB\Models\User\User;
+use SensitiveParameter;
 use function \ForkBB\__;

 abstract class Profile extends Page
@ -50,8 +51,11 @@ abstract class Profile extends Page
    /**
     * Проверяет пароль на совпадение с текущим пользователем
     */
-    public function vCheckPassword(Validator $v, string $password): string
-    {
+    public function vCheckPassword(
+        Validator $v,
+        #[SensitiveParameter]
+        string $password
+    ): string {
        if (! \password_verify($password, $this->user->password)) {
            $v->addError('Invalid passphrase');
        }