We use cookies to ensure you get the best experience on our website
Home Esplora Aiuto
Registrati Accedi
0ct0pu5
/
forkbb
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Sfoglia il codice sorgente

Use SensitiveParameter

Visman 2 anni fa
parent
43ec62727e
commit
bb6d788ce5
7 ha cambiato i file con 49 aggiunte e 14 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 6 2
      app/Core/Csrf.php
  2. 9 2
      app/Core/DB.php
  3. 10 2
      app/Core/Mail.php
  4. 6 2
      app/Core/Secury.php
  5. 6 2
      app/Models/Pages/Admin/Users/Action.php
  6. 6 2
      app/Models/Pages/Auth.php
  7. 6 2
      app/Models/Pages/Profile.php

+ 6 - 2
app/Core/Csrf.php
Vedi File 

@@ -11,6 +11,7 @@ declare(strict_types=1);
 
 namespace ForkBB\Core;
 
 
 use ForkBB\Core\Secury;
 
+use SensitiveParameter;
 
 
 class Csrf
 
 {
 
@@ -36,8 +37,11 @@ class Csrf
 
      */
 
     protected $hashExpiration = 3600;
 
 
-    public function __construct(Secury $secury, string $key)
 
-    {
 
+    public function __construct(
 
+        Secury $secury,
 
+        #[SensitiveParameter]
 
+        string $key
 
+    ) {
 
         $this->secury = $secury;
 
         $this->key    = \sha1($key);
 
     }

+ 9 - 2
app/Core/DB.php
Vedi File 

@@ -14,6 +14,7 @@ use ForkBB\Core\DB\DBStatement;
 
 use PDO;
 
 use PDOStatement;
 
 use PDOException;
 
+use SensitiveParameter;
 
 
 class DB
 
 {
 
@@ -104,8 +105,14 @@ class DB
 
         'sqliteCreateFunction'  => true,
 
     ];
 
 
-    public function __construct(string $dsn, string $username = null, string $password = null, array $options = [], string $prefix = '')
 
-    {
 
+    public function __construct(
 
+        string $dsn,
 
+        string $username = null,
 
+        #[SensitiveParameter]
 
+        string $password = null,
 
+        array $options = [],
 
+        string $prefix = ''
 
+    ) {
 
         $dsn = $this->initialConfig($dsn);
 
 
         if (\preg_match('%[^\w]%', $prefix)) {

+ 10 - 2
app/Core/Mail.php
Vedi File 

@@ -13,6 +13,7 @@ namespace ForkBB\Core;
 
 use ForkBB\Core\Container;
 
 use ForkBB\Core\Exceptions\MailException;
 
 use ForkBB\Core\Exceptions\SmtpException;
 
+use SensitiveParameter;
 
 use function \ForkBB\e;
 
 
 class Mail
 
@@ -91,8 +92,15 @@ class Mail
 
      */
 
     protected $response;
 
 
-    public function __construct(/* string */ $host, /* string */ $user, /* string */ $pass, /* bool */ $ssl, /* string */ $eol, Container $c)
 
-    {
 
+    public function __construct(
 
+        /* string */ $host,
 
+        /* string */ $user,
 
+        #[SensitiveParameter]
 
+        /* string */ $pass,
 
+        /* bool */ $ssl,
 
+        /* string */ $eol,
 
+        Container $c
 
+    ) {
 
         $this->c = $c;
 
 
         if (

+ 6 - 2
app/Core/Secury.php
Vedi File 

@@ -11,6 +11,7 @@ declare(strict_types=1);
 
 namespace ForkBB\Core;
 
 
 use Normalizer;
 
+use SensitiveParameter;
 
 use RuntimeException;
 
 use UnexpectedValueException;
 
 use InvalidArgumentException;
 
@@ -50,8 +51,11 @@ class Secury
 
     /**
 
      * Обертка для hash_hmac
 
      */
 
-    public function hmac(string $data, string $key): string
 
-    {
 
+    public function hmac(
 
+        string $data,
 
+        #[SensitiveParameter]
 
+        string $key
 
+    ): string {
 
         if (empty($key)) {
 
             throw new InvalidArgumentException('Key can not be empty');
 
         }

+ 6 - 2
app/Models/Pages/Admin/Users/Action.php
Vedi File 

@@ -13,6 +13,7 @@ namespace ForkBB\Models\Pages\Admin\Users;
 
 use ForkBB\Core\Validator;
 
 use ForkBB\Models\Page;
 
 use ForkBB\Models\Pages\Admin\Users;
 
+use SensitiveParameter;
 
 use RuntimeException;
 
 use function \ForkBB\__;
 
 
@@ -305,8 +306,11 @@ class Action extends Users
 
     /**
 
      * Проверяет пароль на совпадение с текущим пользователем
 
      */
 
-    public function vCheckPassword(Validator $v, string $password): string
 
-    {
 
+    public function vCheckPassword(
 
+        Validator $v,
 
+        #[SensitiveParameter]
 
+        string $password
 
+    ): string {
 
         if (! \password_verify($password, $this->user->password)) {
 
             $v->addError('Invalid passphrase');
 
         }

+ 6 - 2
app/Models/Pages/Auth.php
Vedi File 

@@ -14,6 +14,7 @@ use ForkBB\Core\Validator;
 
 use ForkBB\Core\Exceptions\MailException;
 
 use ForkBB\Models\Page;
 
 use ForkBB\Models\User\User;
 
+use SensitiveParameter;
 
 use function \ForkBB\__;
 
 
 class Auth extends Page
 
@@ -179,8 +180,11 @@ class Auth extends Page
 
     /**
 
      * Проверка пользователя по базе
 
      */
 
-    public function vLoginCheck(Validator $v, string $password): string
 
-    {
 
+    public function vLoginCheck(
 
+        Validator $v,
 
+        #[SensitiveParameter]
 
+        string $password
 
+    ): string {
 
         if (empty($v->getErrors())) {
 
             $this->userAfterLogin = $this->c->users->loadByName($v->username);

+ 6 - 2
app/Models/Pages/Profile.php
Vedi File 

@@ -13,6 +13,7 @@ namespace ForkBB\Models\Pages;
 
 use ForkBB\Core\Validator;
 
 use ForkBB\Models\Page;
 
 use ForkBB\Models\User\User;
 
+use SensitiveParameter;
 
 use function \ForkBB\__;
 
 
 abstract class Profile extends Page
 
@@ -50,8 +51,11 @@ abstract class Profile extends Page
 
     /**
 
      * Проверяет пароль на совпадение с текущим пользователем
 
      */
 
-    public function vCheckPassword(Validator $v, string $password): string
 
-    {
 
+    public function vCheckPassword(
 
+        Validator $v,
 
+        #[SensitiveParameter]
 
+        string $password
 
+    ): string {
 
         if (! \password_verify($password, $this->user->password)) {
 
             $v->addError('Invalid passphrase');
 
         }

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5