fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-08 19:21:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Add phpass and update composer libraries

Browse source
This commit is contained in:
Kijin Sung 2016-03-13 23:52:26 +09:00
parent 9d6284faad
commit 69c5147888
25 changed files with 1039 additions and 161 deletions
Download patch file Download diff file Expand all files Collapse all files

3
composer.json
View file

@ -9,7 +9,7 @@
{ "name": "NAVER", "email": "developers@xpressengine.com" }
],
"require": {
"php": ">=5.3.0",
"php": ">=5.3.3",
"ext-curl": "*",
"ext-gd": "*",
"ext-iconv": "*",
@ -22,6 +22,7 @@
"defuse/php-encryption": "1.2.1",
"ezyang/htmlpurifier": "4.7.*",
"firephp/firephp-core": "0.4.0",
"hautelook/phpass": "0.3.*",
"matthiasmullie/minify": "1.3.*",
"michelf/php-markdown": "1.5.*",
"rmccue/requests": "1.6.*",

67
composer.lock generated
View file

@ -4,8 +4,8 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically"
],
"hash": "a35061b94658a2dbdafe943dddcdc898",
"content-hash": "1a71937e1cbc600f8a237c6445d6a69f",
"hash": "9b062f27815a9b2ef1e700b4664ee864",
"content-hash": "69345a9112733f99c09fa298ba72fa22",
"packages": [
{
"name": "defuse/php-encryption",
@ -133,17 +133,61 @@
"time": "2013-04-23 15:28:20"
},
{
"name": "matthiasmullie/minify",
"version": "1.3.32",
"name": "hautelook/phpass",
"version": "0.3.4",
"source": {
"type": "git",
"url": "https://github.com/matthiasmullie/minify.git",
"reference": "140c714688908afcecde87338c8309233bdc2519"
"url": "https://github.com/hautelook/phpass.git",
"reference": "f0217d804225822f9bdb0d392839029b0fcb0914"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/matthiasmullie/minify/zipball/140c714688908afcecde87338c8309233bdc2519",
"reference": "140c714688908afcecde87338c8309233bdc2519",
"url": "https://api.github.com/repos/hautelook/phpass/zipball/f0217d804225822f9bdb0d392839029b0fcb0914",
"reference": "f0217d804225822f9bdb0d392839029b0fcb0914",
"shasum": ""
},
"require": {
"php": ">=5.3.3"
},
"type": "library",
"autoload": {
"psr-0": {
"Hautelook": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"Public Domain"
],
"authors": [
{
"name": "Solar Designer",
"email": "solar@openwall.com",
"homepage": "http://openwall.com/phpass/"
}
],
"description": "Portable PHP password hashing framework",
"homepage": "http://github.com/hautelook/phpass/",
"keywords": [
"blowfish",
"crypt",
"password",
"security"
],
"time": "2012-08-31 00:00:00"
},
{
"name": "matthiasmullie/minify",
"version": "1.3.34",
"source": {
"type": "git",
"url": "https://github.com/matthiasmullie/minify.git",
"reference": "272e46113404f66ced256659552a0cc074a7810f"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/matthiasmullie/minify/zipball/272e46113404f66ced256659552a0cc074a7810f",
"reference": "272e46113404f66ced256659552a0cc074a7810f",
"shasum": ""
},
"require": {
@ -153,8 +197,7 @@
},
"require-dev": {
"matthiasmullie/scrapbook": "~1.0",
"phpunit/phpunit": "~4.8",
"satooshi/php-coveralls": "~1.0"
"phpunit/phpunit": "~4.8"
},
"bin": [
"bin/minifycss",
@ -187,7 +230,7 @@
"minifier",
"minify"
],
"time": "2016-01-11 02:10:11"
"time": "2016-03-01 08:00:27"
},
{
"name": "matthiasmullie/path-converter",
@ -489,7 +532,7 @@
"prefer-stable": false,
"prefer-lowest": false,
"platform": {
"php": ">=5.3.0",
"php": ">=5.3.3",
"ext-curl": "*",
"ext-gd": "*",
"ext-iconv": "*",

4
vendor/composer/autoload_classmap.php vendored
View file

@ -237,8 +237,12 @@ return array(
'HTMLPurifier_VarParser_Flexible' => $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier/VarParser/Flexible.php',
'HTMLPurifier_VarParser_Native' => $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier/VarParser/Native.php',
'HTMLPurifier_Zipper' => $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier/Zipper.php',
'Hautelook\\Phpass\\PasswordHash' => $vendorDir . '/hautelook/phpass/src/Hautelook/Phpass/PasswordHash.php',
'MatthiasMullie\\Minify\\CSS' => $vendorDir . '/matthiasmullie/minify/src/CSS.php',
'MatthiasMullie\\Minify\\Exception' => $vendorDir . '/matthiasmullie/minify/src/Exception.php',
'MatthiasMullie\\Minify\\Exceptions\\BasicException' => $vendorDir . '/matthiasmullie/minify/src/Exceptions/BasicException.php',
'MatthiasMullie\\Minify\\Exceptions\\FileImportException' => $vendorDir . '/matthiasmullie/minify/src/Exceptions/FileImportException.php',
'MatthiasMullie\\Minify\\Exceptions\\IOException' => $vendorDir . '/matthiasmullie/minify/src/Exceptions/IOException.php',
'MatthiasMullie\\Minify\\JS' => $vendorDir . '/matthiasmullie/minify/src/JS.php',
'MatthiasMullie\\Minify\\Minify' => $vendorDir . '/matthiasmullie/minify/src/Minify.php',
'MatthiasMullie\\PathConverter\\Converter' => $vendorDir . '/matthiasmullie/path-converter/src/Converter.php',

1
vendor/composer/autoload_namespaces.php vendored
View file

@ -9,5 +9,6 @@ return array(
'Sunra\\PhpSimple\\HtmlDomParser' => array($vendorDir . '/sunra/php-simple-html-dom-parser/Src'),
'Requests' => array($vendorDir . '/rmccue/requests/library'),
'Michelf' => array($vendorDir . '/michelf/php-markdown'),
'Hautelook' => array($vendorDir . '/hautelook/phpass/src'),
'HTMLPurifier' => array($vendorDir . '/ezyang/htmlpurifier/library'),
);

163
vendor/composer/installed.json vendored
View file

@ -293,65 +293,6 @@
"relative"
]
},
{
"name": "matthiasmullie/minify",
"version": "1.3.32",
"version_normalized": "1.3.32.0",
"source": {
"type": "git",
"url": "https://github.com/matthiasmullie/minify.git",
"reference": "140c714688908afcecde87338c8309233bdc2519"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/matthiasmullie/minify/zipball/140c714688908afcecde87338c8309233bdc2519",
"reference": "140c714688908afcecde87338c8309233bdc2519",
"shasum": ""
},
"require": {
"ext-pcre": "*",
"matthiasmullie/path-converter": "~1.0",
"php": ">=5.3.0"
},
"require-dev": {
"matthiasmullie/scrapbook": "~1.0",
"phpunit/phpunit": "~4.8",
"satooshi/php-coveralls": "~1.0"
},
"time": "2016-01-11 02:10:11",
"bin": [
"bin/minifycss",
"bin/minifyjs"
],
"type": "library",
"installation-source": "dist",
"autoload": {
"psr-4": {
"MatthiasMullie\\Minify\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Matthias Mullie",
"email": "minify@mullie.eu",
"homepage": "http://www.mullie.eu",
"role": "Developer"
}
],
"description": "CSS & JS minifier",
"homepage": "http://www.minifier.org",
"keywords": [
"JS",
"css",
"javascript",
"minifier",
"minify"
]
},
{
"name": "swiftmailer/swiftmailer",
"version": "v5.4.1",
@ -492,5 +433,109 @@
],
"description": "Traditional FirePHPCore library for sending PHP variables to the browser.",
"homepage": "https://github.com/firephp/firephp-core"
},
{
"name": "matthiasmullie/minify",
"version": "1.3.34",
"version_normalized": "1.3.34.0",
"source": {
"type": "git",
"url": "https://github.com/matthiasmullie/minify.git",
"reference": "272e46113404f66ced256659552a0cc074a7810f"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/matthiasmullie/minify/zipball/272e46113404f66ced256659552a0cc074a7810f",
"reference": "272e46113404f66ced256659552a0cc074a7810f",
"shasum": ""
},
"require": {
"ext-pcre": "*",
"matthiasmullie/path-converter": "~1.0",
"php": ">=5.3.0"
},
"require-dev": {
"matthiasmullie/scrapbook": "~1.0",
"phpunit/phpunit": "~4.8"
},
"time": "2016-03-01 08:00:27",
"bin": [
"bin/minifycss",
"bin/minifyjs"
],
"type": "library",
"installation-source": "dist",
"autoload": {
"psr-4": {
"MatthiasMullie\\Minify\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Matthias Mullie",
"email": "minify@mullie.eu",
"homepage": "http://www.mullie.eu",
"role": "Developer"
}
],
"description": "CSS & JS minifier",
"homepage": "http://www.minifier.org",
"keywords": [
"JS",
"css",
"javascript",
"minifier",
"minify"
]
},
{
"name": "hautelook/phpass",
"version": "0.3.4",
"version_normalized": "0.3.4.0",
"source": {
"type": "git",
"url": "https://github.com/hautelook/phpass.git",
"reference": "f0217d804225822f9bdb0d392839029b0fcb0914"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/hautelook/phpass/zipball/f0217d804225822f9bdb0d392839029b0fcb0914",
"reference": "f0217d804225822f9bdb0d392839029b0fcb0914",
"shasum": ""
},
"require": {
"php": ">=5.3.3"
},
"time": "2012-08-31 00:00:00",
"type": "library",
"installation-source": "dist",
"autoload": {
"psr-0": {
"Hautelook": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"Public Domain"
],
"authors": [
{
"name": "Solar Designer",
"email": "solar@openwall.com",
"homepage": "http://openwall.com/phpass/"
}
],
"description": "Portable PHP password hashing framework",
"homepage": "http://github.com/hautelook/phpass/",
"keywords": [
"blowfish",
"crypt",
"password",
"security"
]
}
]

2
vendor/hautelook/phpass/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
composer.lock
vendor

13
vendor/hautelook/phpass/.travis.yml vendored Normal file
View file

@ -0,0 +1,13 @@
language: php
php:
- 5.3
- 5.4
- 5.5
- 5.6
- hhvm
before_script:
- composer install
script: cd Tests && phpunit --configuration phpunit.xml --coverage-text

46
vendor/hautelook/phpass/README.md vendored Normal file
View file

@ -0,0 +1,46 @@
Openwall Phpass, modernized
===========================
[![Build Status](https://secure.travis-ci.org/hautelook/phpass.png?branch=master)](http://travis-ci.org/hautelook/phpass)
[![HHVM Status](http://hhvm.h4cc.de/badge/hautelook/phpass.png)](http://hhvm.h4cc.de/package/hautelook/phpass)
This is Openwall's [Phpass](http://openwall.com/phpass/), based on the 0.3 release, but modernized slightly:
- Namespaced
- Composer support (Autoloading)
- PHP 5 style
- Unit Tested
The changes are minimal and only stylistic. The source code is in the public domain. We claim no ownership, but needed it for one of our projects, and wanted to make it available to other people as well.
## Installation ##
Add this requirement to your `composer.json` file and run `composer.phar install`:
{
"require": {
"hautelook/phpass": "dev-master"
}
}
## Usage ##
The following example shows how to hash a password (to then store the hash in the database), and how to check whether a provided password is correct (hashes to the same value):
``` php
<?php
namespace Your\Namespace;
use Hautelook\Phpass\PasswordHash;
require_once(__DIR__ . "/vendor/autoload.php");
$passwordHasher = new PasswordHash(8,false);
$password = $passwordHasher->HashPassword('secret');
var_dump($password);
$passwordMatch = $passwordHasher->CheckPassword('secret', "$2a$08$0RK6Yw6j9kSIXrrEOc3dwuDPQuT78HgR0S3/ghOFDEpOGpOkARoSu");
var_dump($passwordMatch);

52
vendor/hautelook/phpass/Tests/BasicTest.php vendored Normal file
View file

@ -0,0 +1,52 @@
<?php
// namespace Hautelook\Phpass\Tests;
use Hautelook\Phpass\PasswordHash;
/**
*
*/
class BasicTest extends \PHPUnit_Framework_TestCase
{
const PORTABLE_HASH = '$P$9IQRaTwmfeRo7ud9Fh4E2PdI0S3r.L0';
public function testCorrectHash()
{
$hasher = new PasswordHash(8,false);
$correct = 'test12345';
$hash = $hasher->HashPassword($correct);
$this->assertTrue($hasher->CheckPassword($correct, $hash));
}
public function testIncorrectHash()
{
$hasher = new PasswordHash(8,false);
$correct = 'test12345';
$hash = $hasher->HashPassword($correct);
$wrong = 'test12346';
$this->assertFalse($hasher->CheckPassword($wrong, $hash));
}
public function testWeakHashes()
{
$hasher = new PasswordHash(8, true);
$correct = 'test12345';
$hash = $hasher->HashPassword($correct);
$wrong = 'test12346';
$this->assertTrue($hasher->CheckPassword($correct, $hash));
$this->assertFalse($hasher->CheckPassword($wrong, $hash));
}
public function testPortableHashes()
{
$hasher = new PasswordHash(8, true);
$correct = 'test12345';
$wrong = 'test12346';
$this->assertTrue($hasher->CheckPassword($correct, self::PORTABLE_HASH));
$this->assertFalse($hasher->CheckPassword($wrong, self::PORTABLE_HASH));
}
}

14
vendor/hautelook/phpass/Tests/bootstrap.php vendored Normal file
View file

@ -0,0 +1,14 @@
<?php
function includeIfExists($file)
{
if (file_exists($file)) {
return include $file;
}
}
if ((!$loader = includeIfExists(__DIR__.'/../vendor/autoload.php'))) {
die('You must set up the project dependencies, run the following commands:'.PHP_EOL.
'curl -s http://getcomposer.org/installer | php'.PHP_EOL.
'php composer.phar install'.PHP_EOL);
}

32
vendor/hautelook/phpass/Tests/phpunit.xml vendored Normal file
View file

@ -0,0 +1,32 @@
<phpunit bootstrap="./bootstrap.php"
colors="true"
convertErrorsToExceptions="true"
convertNoticesToExceptions="true"
convertWarningsToExceptions="true"
stopOnFailure="false"
syntaxCheck="true" >
<logging>
<!-- <log type="coverage-text" target="php://stdout"/> -->
<!--showUncoveredFiles="true"/>-->
<!--<log type="coverage-html" target="/tmp/report" charset="UTF-8"-->
<!--yui="true" highlight="false"-->
<!--lowUpperBound="35" highLowerBound="70"/>-->
<!--<log type="testdox-html" target="/tmp/testdox.html"/>-->
</logging>
<testsuite name="Phpass Test Suite">
<directory>.</directory>
</testsuite>
<filter>
<blacklist>
<directory suffix=".php">../</directory>
</blacklist>
<whitelist>
<directory suffix=".php">../src/Hautelook</directory>
<exclude>
<directory suffix=".phtml">../</directory>
<file>./bootstrap.php</file>
</exclude>
</whitelist>
</filter>
</phpunit>

22
vendor/hautelook/phpass/composer.json vendored Normal file
View file

@ -0,0 +1,22 @@
{
"name": "hautelook/phpass",
"type": "library",
"time" : "2012-08-31",
"license" : "Public Domain",
"description": "Portable PHP password hashing framework",
"keywords": ["Blowfish", "crypt", "password", "security"],
"homepage": "http://github.com/hautelook/phpass/",
"authors": [
{
"name" : "Solar Designer",
"email": "solar@openwall.com",
"homepage": "http://openwall.com/phpass/"
}
],
"require": {
"php": ">=5.3.3"
},
"autoload": {
"psr-0": {"Hautelook": "src/"}
}
}

21
vendor/hautelook/phpass/lib/Makefile vendored Normal file
View file

@ -0,0 +1,21 @@
#
# Written by Solar Designer and placed in the public domain.
# See crypt_private.c for more information.
#
CC = gcc
LD = $(CC)
RM = rm -f
CFLAGS = -Wall -O2 -fomit-frame-pointer -funroll-loops
LDFLAGS = -s
LIBS = -lcrypto
all: crypt_private-test
crypt_private-test: crypt_private-test.o
$(LD) $(LDFLAGS) $(LIBS) crypt_private-test.o -o $@
crypt_private-test.o: crypt_private.c
$(CC) -c $(CFLAGS) crypt_private.c -DTEST -o $@
clean:
$(RM) crypt_private-test*

106
vendor/hautelook/phpass/lib/crypt_private.c vendored Normal file
View file

@ -0,0 +1,106 @@
/*
* This code exists for the sole purpose to serve as another implementation
* of the "private" password hashing method implemened in PasswordHash.php
* and thus to confirm that these password hashes are indeed calculated as
* intended.
*
* Other uses of this code are discouraged. There are much better password
* hashing algorithms available to C programmers; one of those is bcrypt:
*
* http://www.openwall.com/crypt/
*
* Written by Solar Designer <solar at openwall.com> in 2005 and placed in
* the public domain.
*
* There's absolutely no warranty.
*/
#include <string.h>
#include <openssl/md5.h>
#ifdef TEST
#include <stdio.h>
#endif
static char *itoa64 =
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
static void encode64(char *dst, char *src, int count)
{
int i, value;
i = 0;
do {
value = (unsigned char)src[i++];
*dst++ = itoa64[value & 0x3f];
if (i < count)
value |= (unsigned char)src[i] << 8;
*dst++ = itoa64[(value >> 6) & 0x3f];
if (i++ >= count)
break;
if (i < count)
value |= (unsigned char)src[i] << 16;
*dst++ = itoa64[(value >> 12) & 0x3f];
if (i++ >= count)
break;
*dst++ = itoa64[(value >> 18) & 0x3f];
} while (i < count);
}
char *crypt_private(char *password, char *setting)
{
static char output[35];
MD5_CTX ctx;
char hash[MD5_DIGEST_LENGTH];
char *p, *salt;
int count_log2, length, count;
strcpy(output, "*0");
if (!strncmp(setting, output, 2))
output[1] = '1';
if (strncmp(setting, "$P$", 3))
return output;
p = strchr(itoa64, setting[3]);
if (!p)
return output;
count_log2 = p - itoa64;
if (count_log2 < 7 || count_log2 > 30)
return output;
salt = setting + 4;
if (strlen(salt) < 8)
return output;
length = strlen(password);
MD5_Init(&ctx);
MD5_Update(&ctx, salt, 8);
MD5_Update(&ctx, password, length);
MD5_Final(hash, &ctx);
count = 1 << count_log2;
do {
MD5_Init(&ctx);
MD5_Update(&ctx, hash, MD5_DIGEST_LENGTH);
MD5_Update(&ctx, password, length);
MD5_Final(hash, &ctx);
} while (--count);
memcpy(output, setting, 12);
encode64(&output[12], hash, MD5_DIGEST_LENGTH);
return output;
}
#ifdef TEST
int main(int argc, char **argv)
{
if (argc != 3) return 1;
puts(crypt_private(argv[1], argv[2]));
return 0;
}
#endif

314
vendor/hautelook/phpass/src/Hautelook/Phpass/PasswordHash.php vendored Normal file
View file

@ -0,0 +1,314 @@
<?php
namespace Hautelook\Phpass;
/**
*
* Portable PHP password hashing framework.
*
* Version 0.3 / genuine.
*
* Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
*
* There's absolutely no warranty.
*
* The homepage URL for this framework is:
*
* http://www.openwall.com/phpass/
*
* Please be sure to update the Version line if you edit this file in any way.
* It is suggested that you leave the main version number intact, but indicate
* your project name (after the slash) and add your own revision information.
*
* Please do not change the "private" password hashing method implemented in
* here, thereby making your hashes incompatible. However, if you must, please
* change the hash type identifier (the "$P$") to something different.
*
* Obviously, since this code is in the public domain, the above are not
* requirements (there can be none), but merely suggestions.
*
* @author Solar Designer <solar@openwall.com>
*/
class PasswordHash
{
private $itoa64;
private $iteration_count_log2;
private $portable_hashes;
private $random_state;
/**
* Constructor
*
* @param int $iteration_count_log2
* @param boolean $portable_hashes
*/
public function __construct($iteration_count_log2, $portable_hashes)
{
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31) {
$iteration_count_log2 = 8;
}
$this->iteration_count_log2 = $iteration_count_log2;
$this->portable_hashes = $portable_hashes;
$this->random_state = microtime();
if (function_exists('getmypid')) {
$this->random_state .= getmypid();
}
}
/**
* @param int $count
* @return String
*/
public function get_random_bytes($count)
{
$output = '';
if (@is_readable('/dev/urandom') &&
($fh = @fopen('/dev/urandom', 'rb'))) {
$output = fread($fh, $count);
fclose($fh);
}
if (strlen($output) < $count) {
$output = '';
for ($i = 0; $i < $count; $i += 16) {
$this->random_state =
md5(microtime() . $this->random_state);
$output .=
pack('H*', md5($this->random_state));
}
$output = substr($output, 0, $count);
}
return $output;
}
/**
* @param String $input
* @param int $count
* @return String
*/
public function encode64($input, $count)
{
$output = '';
$i = 0;
do {
$value = ord($input[$i++]);
$output .= $this->itoa64[$value & 0x3f];
if ($i < $count) {
$value |= ord($input[$i]) << 8;
}
$output .= $this->itoa64[($value >> 6) & 0x3f];
if ($i++ >= $count) {
break;
}
if ($i < $count) {
$value |= ord($input[$i]) << 16;
}
$output .= $this->itoa64[($value >> 12) & 0x3f];
if ($i++ >= $count) {
break;
}
$output .= $this->itoa64[($value >> 18) & 0x3f];
} while ($i < $count);
return $output;
}
/**
* @param String $input
* @return String
*/
public function gensalt_private($input)
{
$output = '$P$';
$output .= $this->itoa64[min($this->iteration_count_log2 +
((PHP_VERSION >= '5') ? 5 : 3), 30)];
$output .= $this->encode64($input, 6);
return $output;
}
/**
* @param String $password
* @param String $setting
* @return String
*/
public function crypt_private($password, $setting)
{
$output = '*0';
if (substr($setting, 0, 2) == $output) {
$output = '*1';
}
$id = substr($setting, 0, 3);
# We use "$P$", phpBB3 uses "$H$" for the same thing
if ($id != '$P$' && $id != '$H$') {
return $output;
}
$count_log2 = strpos($this->itoa64, $setting[3]);
if ($count_log2 < 7 || $count_log2 > 30) {
return $output;
}
$count = 1 << $count_log2;
$salt = substr($setting, 4, 8);
if (strlen($salt) != 8) {
return $output;
}
// We're kind of forced to use MD5 here since it's the only
// cryptographic primitive available in all versions of PHP
// currently in use. To implement our own low-level crypto
// in PHP would result in much worse performance and
// consequently in lower iteration counts and hashes that are
// quicker to crack (by non-PHP code).
if (PHP_VERSION >= '5') {
$hash = md5($salt . $password, TRUE);
do {
$hash = md5($hash . $password, TRUE);
} while (--$count);
} else {
$hash = pack('H*', md5($salt . $password));
do {
$hash = pack('H*', md5($hash . $password));
} while (--$count);
}
$output = substr($setting, 0, 12);
$output .= $this->encode64($hash, 16);
return $output;
}
/**
* @param String $input
* @return String
*/
public function gensalt_extended($input)
{
$count_log2 = min($this->iteration_count_log2 + 8, 24);
// This should be odd to not reveal weak DES keys, and the
// maximum valid value is (2**24 - 1) which is odd anyway.
$count = (1 << $count_log2) - 1;
$output = '_';
$output .= $this->itoa64[$count & 0x3f];
$output .= $this->itoa64[($count >> 6) & 0x3f];
$output .= $this->itoa64[($count >> 12) & 0x3f];
$output .= $this->itoa64[($count >> 18) & 0x3f];
$output .= $this->encode64($input, 3);
return $output;
}
/**
* @param String $input
* @return String
*/
public function gensalt_blowfish($input)
{
// This one needs to use a different order of characters and a
// different encoding scheme from the one in encode64() above.
// We care because the last character in our encoded string will
// only represent 2 bits. While two known implementations of
// bcrypt will happily accept and correct a salt string which
// has the 4 unused bits set to non-zero, we do not want to take
// chances and we also do not want to waste an additional byte
// of entropy.
$itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
$output = '$2a$';
$output .= chr(ord('0') + $this->iteration_count_log2 / 10);
$output .= chr(ord('0') + $this->iteration_count_log2 % 10);
$output .= '$';
$i = 0;
do {
$c1 = ord($input[$i++]);
$output .= $itoa64[$c1 >> 2];
$c1 = ($c1 & 0x03) << 4;
if ($i >= 16) {
$output .= $itoa64[$c1];
break;
}
$c2 = ord($input[$i++]);
$c1 |= $c2 >> 4;
$output .= $itoa64[$c1];
$c1 = ($c2 & 0x0f) << 2;
$c2 = ord($input[$i++]);
$c1 |= $c2 >> 6;
$output .= $itoa64[$c1];
$output .= $itoa64[$c2 & 0x3f];
} while (1);
return $output;
}
/**
* @param String $password
*/
public function HashPassword($password)
{
$random = '';
if (CRYPT_BLOWFISH == 1 && !$this->portable_hashes) {
$random = $this->get_random_bytes(16);
$hash =
crypt($password, $this->gensalt_blowfish($random));
if (strlen($hash) == 60) {
return $hash;
}
}
if (CRYPT_EXT_DES == 1 && !$this->portable_hashes) {
if (strlen($random) < 3) {
$random = $this->get_random_bytes(3);
}
$hash =
crypt($password, $this->gensalt_extended($random));
if (strlen($hash) == 20) {
return $hash;
}
}
if (strlen($random) < 6) {
$random = $this->get_random_bytes(6);
}
$hash =
$this->crypt_private($password,
$this->gensalt_private($random));
if (strlen($hash) == 34) {
return $hash;
}
// Returning '*' on error is safe here, but would _not_ be safe
// in a crypt(3)-like function used _both_ for generating new
// hashes and for validating passwords against existing hashes.
return '*';
}
/**
* @param String $password
* @param String $stored_hash
* @return boolean
*/
public function CheckPassword($password, $stored_hash)
{
$hash = $this->crypt_private($password, $stored_hash);
if ($hash[0] == '*') {
$hash = crypt($password, $stored_hash);
}
return $hash === $stored_hash;
}
}

3
vendor/matthiasmullie/minify/.coveralls.yml vendored
View file

@ -1,3 +0,0 @@
src_dir: src
coverage_clover: build/logs/clover.xml
json_path: build/logs/coveralls-upload.json

59
vendor/matthiasmullie/minify/CONTRIBUTING.md vendored Normal file
View file

@ -0,0 +1,59 @@
# How to contribute
## Issues
When [filing bugs](https://github.com/matthiasmullie/minify/issues/new),
try to be as thorough as possible:
* What version did you use?
* What did you try to do? ***Please post the relevant parts of your code.***
* What went wrong? ***Please include error messages, if any.***
* What was the expected result?
## Pull requests
Bug fixes and general improvements to the existing codebase are always welcome.
New features are also welcome, but will be judged on an individual basis. If
you'd rather not risk wasting your time implementing a new feature only to see
it turned down, please start the discussion by
[opening an issue](https://github.com/matthiasmullie/minify/issues/new).
Don't forget to add your changes to the [changelog](CHANGELOG.md).
### Testing
Please include tests for every change or addition to the code.
To run the complete test suite:
```sh
vendor/bin/phpunit
```
When submitting a new pull request, please make sure that that the test suite
passes (Travis CI will run it & report back on your pull request.)
To run the tests on Windows, run `tests/convert_symlinks_to_windows_style.sh`
from the command line in order to convert Linux-style test symlinks to
Windows-style.
### Coding standards
All code must follow [PSR-2](http://www.php-fig.org/psr/psr-2/). Just make sure
to run php-cs-fixer before submitting the code, it'll take care of the
formatting for you:
```sh
vendor/bin/php-cs-fixer fix src
vendor/bin/php-cs-fixer fix tests
```
Document the code thoroughly!
## License
Note that minify is MIT-licensed, which basically allows anyone to do
anything they like with it, without restriction.

3
vendor/matthiasmullie/minify/composer.json vendored
View file

@ -20,8 +20,7 @@
},
"require-dev": {
"matthiasmullie/scrapbook": "~1.0",
"phpunit/phpunit": "~4.8",
"satooshi/php-coveralls": "~1.0"
"phpunit/phpunit": "~4.8"
},
"autoload": {
"psr-4": {

60
vendor/matthiasmullie/minify/src/CSS.php vendored
View file

@ -2,6 +2,7 @@
namespace MatthiasMullie\Minify;
use MatthiasMullie\Minify\Exceptions\FileImportException;
use MatthiasMullie\PathConverter\Converter;
/**
@ -68,7 +69,7 @@ class CSS extends Minify
/**
* Move any import statements to the top.
*
* @param $content string Nearly finished CSS content
* @param string $content Nearly finished CSS content
*
* @return string
*/
@ -96,10 +97,13 @@ class CSS extends Minify
*
* @param string $source The file to combine imports for.
* @param string $content The CSS content to combine imports for.
* @param string[] $parents Parent paths, for circular reference checks.
*
* @return string
*
* @throws FileImportException
*/
protected function combineImports($source, $content)
protected function combineImports($source, $content, $parents)
{
$importRegexes = array(
// @import url(xxx)
@ -208,14 +212,20 @@ class CSS extends Minify
// only replace the import with the content if we can grab the
// content of the file
if (strlen($importPath) < PHP_MAXPATHLEN && file_exists($importPath) && is_file($importPath)) {
if ($this->canImportFile($importPath)) {
// check if current file was not imported previously in the same
// import chain.
if (in_array($importPath, $parents)) {
throw new FileImportException('Failed to import file "'.$importPath.'": circular reference detected.');
}
// grab referenced file & minify it (which may include importing
// yet other @import statements recursively)
$minifier = new static($importPath);
$importContent = $minifier->execute($source);
$importContent = $minifier->execute($source, $parents);
// check if this is only valid for certain media
if ($match['media']) {
if (!empty($match['media'])) {
$importContent = '@media '.$match['media'].'{'.$importContent.'}';
}
@ -259,13 +269,7 @@ class CSS extends Minify
// only replace the import with the content if we're able to get
// the content of the file, and it's relatively small
$import = file_exists($path);
$import = $import && is_file($path);
$import = $import && filesize($path) <= $this->maxImportSize * 1024;
if (!$import) {
continue;
}
if ($this->canImportFile($path) && $this->canImportBySize($path)) {
// grab content && base64-ize
$importContent = $this->load($path);
$importContent = base64_encode($importContent);
@ -274,6 +278,7 @@ class CSS extends Minify
$search[] = $match[0];
$replace[] = 'url('.$this->importExtensions[$extension].';base64,'.$importContent.')';
}
}
// replace the import statements
$content = str_replace($search, $replace, $content);
@ -287,14 +292,15 @@ class CSS extends Minify
* Perform CSS optimizations.
*
* @param string[optional] $path Path to write the data to.
* @param string[] $parents Parent paths, for circular reference checks.
*
* @return string The minified data.
*/
public function execute($path = null)
public function execute($path = null, $parents = array())
{
$content = '';
// loop files
// loop css data (raw data and files)
foreach ($this->data as $source => $css) {
/*
* Let's first take out strings & comments, since we can't just remove
@ -314,8 +320,9 @@ class CSS extends Minify
// restore the string we've extracted earlier
$css = $this->restoreExtractedData($css);
$source = $source ?: '';
$css = $this->combineImports($source, $css);
$source = is_int($source) ? '' : $source;
$parents = $source ? array_merge($parents, array($source)) : $parents;
$css = $this->combineImports($source, $css, $parents);
$css = $this->importFiles($source, $css);
/*
@ -443,8 +450,15 @@ class CSS extends Minify
// determine if it's a url() or an @import match
$type = (strpos($match[0], '@import') === 0 ? 'import' : 'url');
// attempting to interpret GET-params makes no sense, so let's discard them for awhile
$params = strrchr($match['path'], '?');
$url = $params ? substr($match['path'], 0, -strlen($params)) : $match['path'];
// fix relative url
$url = $converter->convert($match['path']);
$url = $converter->convert($url);
// now that the path has been converted, re-apply GET-params
$url .= $params;
// build replacement
$search[] = $match[0];
@ -569,4 +583,16 @@ class CSS extends Minify
return trim($content);
}
/**
* Check if file is small enough to be imported.
*
* @param string $path The path to the file.
*
* @return bool
*/
protected function canImportBySize($path)
{
return ($size = @filesize($path)) && $size <= $this->maxImportSize * 1024;
}
}

4
vendor/matthiasmullie/minify/src/Exception.php vendored
View file

@ -3,8 +3,10 @@
namespace MatthiasMullie\Minify;
/**
* @deprecated Use Exceptions\BasicException instead
*
* @author Matthias Mullie <minify@mullie.eu>
*/
class Exception extends \Exception
abstract class Exception extends \Exception
{
}

12
vendor/matthiasmullie/minify/src/Exceptions/BasicException.php vendored Normal file
View file

@ -0,0 +1,12 @@
<?php
namespace MatthiasMullie\Minify\Exceptions;
use MatthiasMullie\Minify\Exception;
/**
* @author Matthias Mullie <minify@mullie.eu>
*/
abstract class BasicException extends Exception
{
}

10
vendor/matthiasmullie/minify/src/Exceptions/FileImportException.php vendored Normal file
View file

@ -0,0 +1,10 @@
<?php
namespace MatthiasMullie\Minify\Exceptions;
/**
* @author Matthias Mullie <minify@mullie.eu>
*/
class FileImportException extends BasicException
{
}

10
vendor/matthiasmullie/minify/src/Exceptions/IOException.php vendored Normal file
View file

@ -0,0 +1,10 @@
<?php
namespace MatthiasMullie\Minify\Exceptions;
/**
* @author Matthias Mullie <minify@mullie.eu>
*/
class IOException extends BasicException
{
}

22
vendor/matthiasmullie/minify/src/JS.php vendored
View file

@ -263,12 +263,20 @@ class JS extends Minify
// strip whitespace that ends in (or next line begin with) an operator
// that allows statements to be broken up over multiple lines
unset($before['+'], $before['-'], $after['+'], $after['-']);
$content = preg_replace('/('.implode('|', $before).')\s+/', '\\1', $content);
$content = preg_replace('/\s+('.implode('|', $after).')/', '\\1', $content);
$content = preg_replace(
array(
'/('.implode('|', $before).')\s+/',
'/\s+('.implode('|', $after).')/',
), '\\1', $content
);
// make sure + and - can't be mistaken for, or joined into ++ and --
$content = preg_replace('/(?<![\+\-])\s*([\+\-])(?![\+\-])/', '\\1', $content);
$content = preg_replace('/(?<![\+\-])([\+\-])\s*(?![\+\-])/', '\\1', $content);
$content = preg_replace(
array(
'/(?<![\+\-])\s*([\+\-])(?![\+\-])/',
'/(?<![\+\-])([\+\-])\s*(?![\+\-])/',
), '\\1', $content
);
/*
* We didn't strip whitespace after a couple of operators because they
@ -427,7 +435,7 @@ class JS extends Minify
* we want to use property notation on) - this is to make sure
* standalone ['value'] arrays aren't confused for keys-of-an-array.
* We can (and only have to) check the last character, because PHP's
* regex implementation doesn't allow un-fixed-length lookbehind
* regex implementation doesn't allow unfixed-length look-behind
* assertions.
*/
preg_match('/(\[[^\]]+\])[^\]]*$/', static::REGEX_VARIABLE, $previousChar);
@ -436,8 +444,8 @@ class JS extends Minify
/*
* Make sure word preceding the ['value'] is not a keyword, e.g.
* return['x']. Because -again- PHP's regex implementation doesn't allow
* un-fixed-length lookbehind assertions, I'm just going to do a lot of
* separate lookbehind assertions, one for each keyword.
* unfixed-length look-behind assertions, I'm just going to do a lot of
* separate look-behind assertions, one for each keyword.
*/
$keywords = $this->getKeywordsForRegex($keywords);
$keywords = '(?<!'.implode(')(?<!', $keywords).')';

139
vendor/matthiasmullie/minify/src/Minify.php vendored
View file

@ -2,6 +2,7 @@
namespace MatthiasMullie\Minify;
use MatthiasMullie\Minify\Exceptions\IOException;
use Psr\Cache\CacheItemInterface;
/**
@ -76,52 +77,6 @@ abstract class Minify
}
}
/**
* Load data.
*
* @param string $data Either a path to a file or the content itself.
*
* @return string
*/
protected function load($data)
{
// check if the data is a file
if (strlen($data) < PHP_MAXPATHLEN && file_exists($data) && is_file($data)) {
$data = file_get_contents($data);
// strip BOM, if any
if (substr($data, 0, 3) == "\xef\xbb\xbf") {
$data = substr($data, 3);
}
}
return $data;
}
/**
* Save to file.
*
* @param string $content The minified data.
* @param string $path The path to save the minified data to.
*
* @throws Exception
*/
protected function save($content, $path)
{
// create file & open for writing
if (($handler = @fopen($path, 'w')) === false) {
throw new Exception('The file "'.$path.'" could not be opened. Check if PHP has enough permissions.');
}
// write to file
if (@fwrite($handler, $content) === false) {
throw new Exception('The file "'.$path.'" could not be written to. Check if PHP has enough permissions.');
}
// close the file
@fclose($handler);
}
/**
* Minify the data & (optionally) saves it to a file.
*
@ -186,13 +141,50 @@ abstract class Minify
*/
abstract public function execute($path = null);
/**
* Load data.
*
* @param string $data Either a path to a file or the content itself.
*
* @return string
*/
protected function load($data)
{
// check if the data is a file
if ($this->canImportFile($data)) {
$data = file_get_contents($data);
// strip BOM, if any
if (substr($data, 0, 3) == "\xef\xbb\xbf") {
$data = substr($data, 3);
}
}
return $data;
}
/**
* Save to file.
*
* @param string $content The minified data.
* @param string $path The path to save the minified data to.
*
* @throws IOException
*/
protected function save($content, $path)
{
$handler = $this->openFileForWriting($path);
$this->writeToFile($handler, $content);
@fclose($handler);
}
/**
* Register a pattern to execute against the source content.
*
* @param string $pattern PCRE pattern.
* @param string|callable $replacement Replacement value for matched pattern.
*
* @throws Exception
*/
protected function registerPattern($pattern, $replacement = '')
{
@ -316,7 +308,7 @@ abstract class Minify
* placeholder text, so we've rid all strings from characters that may be
* misinterpreted. Original string content will be saved in $this->extracted
* and after doing all other minifying, we can restore the original content
* via restoreStrings()
* via restoreStrings().
*
* @param string[optional] $chars
*/
@ -325,7 +317,8 @@ abstract class Minify
// PHP only supports $this inside anonymous functions since 5.4
$minifier = $this;
$callback = function ($match) use ($minifier) {
if (!$match[1]) {
// check the second index here, because the first always contains a quote
if ($match[2] === '') {
/*
* Empty strings need no placeholder; they can't be confused for
* anything else anyway.
@ -379,4 +372,50 @@ abstract class Minify
return $content;
}
/**
* Check if the path is a regular file and can be read.
*
* @param string $path
*
* @return bool
*/
protected function canImportFile($path)
{
return strlen($path) < PHP_MAXPATHLEN && is_file($path) && is_readable($path);
}
/**
* Attempts to open file specified by $path for writing.
*
* @param string $path The path to the file.
*
* @return resource Specifier for the target file.
*
* @throws IOException
*/
protected function openFileForWriting($path)
{
if (($handler = @fopen($path, 'w')) === false) {
throw new IOException('The file "'.$path.'" could not be opened for writing. Check if PHP has enough permissions.');
}
return $handler;
}
/**
* Attempts to write $content to the file specified by $handler. $path is used for printing exceptions.
*
* @param resource $handler The resource to write to.
* @param string $content The content to write.
* @param string $path The path to the file (for exception printing only).
*
* @throws IOException
*/
protected function writeToFile($handler, $content, $path = '')
{
if (($result = @fwrite($handler, $content)) === false || ($result < strlen($content))) {
throw new IOException('The file "'.$path.'" could not be written to. Check your disk space and file permissions.');
}
}
}