当前位置: 首页>>代码示例>>PHP>>正文


PHP ESAPI::getHttpUtilities方法代码示例

本文整理汇总了PHP中ESAPI::getHttpUtilities方法的典型用法代码示例。如果您正苦于以下问题:PHP ESAPI::getHttpUtilities方法的具体用法?PHP ESAPI::getHttpUtilities怎么用?PHP ESAPI::getHttpUtilities使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在ESAPI的用法示例。


在下文中一共展示了ESAPI::getHttpUtilities方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: _log

 /**
  * Helper function.
  *
  * If the supplied logging level is at or above the current logging
  * threshold then log the message after optionally encoding any special
  * characters that might be dangerous when viewed by an HTML based log
  * viewer. Also encode any carriage returns and line feeds to prevent log
  * injection attacks. This logs all the supplied parameters: level, event
  * type, whether the event represents success or failure and the log
  * message. In addition, the application name, logger name/category, local
  * IP address and port, the identity of the user and their source IP
  * address, a logging specific user session ID, and the current date/time
  * are also logged.
  * If the supplied logging level is below the current logging threshold then
  * the message will be discarded.
  *
  * @param int       $level     the priority level of the event - an Logger Level
  *                             constant.
  * @param int       $type      the type of the event - an Logger Event constant.
  * @param bool      $success   TRUE indicates this was a successful
  *                             event, FALSE indicates this was a failed event
  *                             (the typical value).
  * @param string    $message   the message to be logged.
  * @param Exception $throwable The throwable Exception.
  *
  * @return does not return a value.
  */
 private function _log($level, $type, $success, $message, $throwable)
 {
     // If this log level is below the threshold we can quit now.
     $logLevel = self::_convertESAPILeveltoLoggerLevel($level);
     if (!$this->_log4php->isEnabledFor($logLevel)) {
         return;
     }
     $encoder = ESAPI::getEncoder();
     $secConfig = ESAPI::getSecurityConfiguration();
     // Add some context to log the message.
     $context = '';
     // The output of log level is handled here instead of providing a
     // LayoutPattern to Log4PHP.  This allows us to print TRACE instead of
     // ALL and WARNING instead of WARN.
     $levelStr = $logLevel->toString();
     if ($levelStr == 'ALL') {
         $levelStr = 'TRACE';
     } elseif ($levelStr == 'WARN') {
         $levelStr = 'WARNING';
     }
     $context .= $levelStr;
     // Application name.
     // $this->appName is set only if it is to be logged.
     if ($this->_appName !== null) {
         $context .= ' ' . $this->_appName;
     }
     // Logger name (Category in Log4PHP parlance)
     $context .= ' ' . $this->_log4phpName;
     // Event Type
     if (!is_string($type)) {
         $type = 'EVENT_UNKNOWN';
     }
     $context .= ' ' . $type;
     // Success or Failure of Event
     if ($success === true) {
         $context .= '-SUCCESS';
     } else {
         $context .= '-FAILURE';
     }
     $request = ESAPI::getHttpUtilities()->getCurrentRequest();
     if ($request === null) {
         $request = new SafeRequest();
         ESAPI::getHttpUtilities()->setCurrentHTTP($request);
     }
     $laddr = $request->getServerName();
     if ($laddr === '') {
         $laddr = 'UnknownLocalHost';
     }
     $lport = $request->getServerPort();
     $ruser = $request->getRemoteUser();
     if ($ruser === '') {
         $ruser = 'AnonymousUser';
     }
     $raddr = $request->getRemoteAddr();
     if ($raddr === '') {
         $raddr = 'UnknownRemoteHost';
     }
     $context .= " {$laddr}:{$lport} {$ruser}@{$raddr}";
     // create a random session number for the user to represent the
     // user's session, if it doesn't exist already
     $userSessionIDforLogging = 'SessionUnknown';
     if (isset($_SESSION)) {
         if (isset($_SESSION['DefaultAuditor']) && isset($_SESSION['DefaultAuditor']['SessionIDForLogging'])) {
             $userSessionIDforLogging = $_SESSION['DefaultAuditor']['SessionIDForLogging'];
         } else {
             try {
                 $userSessionIDforLogging = (string) ESAPI::getRandomizer()->getRandomInteger(0, 1000000);
                 $_SESSION['DefaultAuditor']['SessionIDForLogging'] = $userSessionIDforLogging;
             } catch (Exception $e) {
                 // continue
             }
         }
     }
//.........这里部分代码省略.........
开发者ID:najamelan,项目名称:PHP-ESAPI,代码行数:101,代码来源:DefaultAuditor.php

示例2: loginWithPassword

 /**
  * {@inheritDoc}
  */
 public function loginWithPassword($password)
 {
     //FIXME: time() might not be the correct format to be used?
     if (is_null($password) || $password == "") {
         $this->setLastFailedLoginTime(time());
         $this->incrementFailedLoginCount();
         throw new AuthenticationLoginException("Login failed", "Missing password: " . $this->getAccountName());
     }
     // don't let disabled users log in
     if (!$this->isEnabled()) {
         $this->setLastFailedLoginTime(time());
         $this->incrementFailedLoginCount();
         throw new AuthenticationLoginException("Login failed", "Disabled user attempt to login: " . $this->getAccountName());
     }
     // don't let locked users log in
     if ($this->isLocked()) {
         $this->setLastFailedLoginTime(time());
         $this->incrementFailedLoginCount();
         throw new AuthenticationLoginException("Login failed", "Locked user attempt to login: " . $this->getAccountName());
     }
     // don't let expired users log in
     if ($this->isExpired()) {
         $this->setLastFailedLoginTime(time());
         $this->incrementFailedLoginCount();
         throw new AuthenticationLoginException("Login failed", "Expired user attempt to login: " . $this->getAccountName());
     }
     $this->logout();
     if ($this->verifyPassword($password)) {
         $this->_loggedIn = true;
         ESAPI::getHttpUtilities()->changeSessionIdentifier(ESAPI::currentRequest());
         ESAPI::getAuthenticator()->setCurrentUser($this);
         $this->setLastLoginTime(time());
         $this->setLastHostAddress(ESAPI::getHttpUtilities()->getCurrentRequest()->getRemoteHost());
         ESAPI::getLogger("DefaultUser")->trace(ESAPILogger::SECURITY, "User logged in: " . $this->_accountName);
     } else {
         $this->_loggedIn = false;
         $this->setLastFailedLoginTime(time());
         $this->incrementFailedLoginCount();
         throw new AuthenticationLoginException("Login failed", "Incorrect password provided for " . $this->getAccountName());
     }
 }
开发者ID:najamelan,项目名称:PHP-ESAPI,代码行数:44,代码来源:DefaultUser.php


注:本文中的ESAPI::getHttpUtilities方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。