TheCoreDev/sterivein
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #531 from lovenunu/firewall

Browse Source 
Add firewall security on forms
This commit is contained in:
Julien
2014-07-16 18:33:56 +02:00
parent da5e43c8a7 a5a8f1993a
commit 1e0bb03804
23 changed files with 3028 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -9,6 +9,7 @@
- Fixed issues on RSS feed links
- Update SwiftMailer
- Fix bugs on customer change password form and module "order by title"
- Add the ability to place a firewall on forms. To use this in a module, extend Thelia\Form\FirewallForm instead of BaseForm
#2.0.2
- Coupon UI has been redesigned.

9
core/lib/Thelia/Config/I18n/en_US.php
View File

@@ -61,7 +61,6 @@ return array(
'Catalog' => 'Catalog',
'Category title *' => 'Category title *',
'Cellphone' => 'Cellphone',
'Chapo' => 'Chapo',
'Check the total Cart amount in the given currency' => 'Check the total Cart amount in the given currency',
'City' => 'City',
'Combination builder' => 'Combination builder',
@@ -90,7 +89,6 @@ return array(
'Delivery country' => 'Delivery country',
'Delivery coutry is' => 'Le pays de livraison est',
'Delivery module ID not found' => 'Delivery module ID not found',
'Description' => 'Description',
'Detailed description' => 'Detailed description',
'Disabled' => 'Disabled',
'Don\'t repeat keywords over and over in a row. Rather, put in keyword phrases.' => 'Don\'t repeat keywords over and over in a row. Rather, put in keyword phrases.',
@@ -220,7 +218,6 @@ return array(
'Please select the offered product' => 'Please select the offered product',
'Please specify either \'path\' or \'file\' parameter in {url} function.' => 'Please specify either \'path\' or \'file\' parameter in {url} function.',
'Port' => 'Port',
'Post Scriptum' => 'Post Scriptum',
'Postage' => 'Postage',
'Preferred locale' => 'Preferred locale',
'Prevent mailing template modification or deletion, except for super-admin' => 'Prevent mailing template modification or deletion, except for super-admin',
@@ -278,11 +275,11 @@ return array(
'Start date' => 'Date de début de validité',
'Stats on %month/%year' => 'Stats on %month/%year',
'Store configuration failed.' => 'Store configuration failed.',
'Store description' => 'Store description',
'Store email address' => 'Store email address',
'Store logs into text file' => 'Store logs into text file',
'Store logs into text file, up to a certian size, then a new file is created' => 'Store logs into text file, up to a certian size, then a new file is created',
'Store name' => 'Store name',
'Store description' => 'Store description',
'Street Address' => 'Street Address',
'Street Address ' => 'Street Address ',
'Strictly use the requested language' => 'Strictly use the requested language',
@@ -310,6 +307,7 @@ return array(
'The detailed description.' => 'The detailed description.',
'The image which replaces an undefined country flag (%file) was not found. Please check unknown-flag-path configuration variable, and check that the image exists.' => 'The image which replaces an undefined country flag (%file) was not found. Please check unknown-flag-path configuration variable, and check that the image exists.',
'The loop name \'%name\' is already defined in %className class' => 'The loop name \'%name\' is already defined in %className class',
'The product sale elements reference %ref doesn\'t exist' => 'The product sale elements reference %ref doesn\'t exist',
'This brand is online' => 'This brand is online',
'This category is online.' => 'This category is online.',
'This condition is always true' => 'This condition is always true',
@@ -360,6 +358,7 @@ return array(
'Yes, I have a password :' => 'Yes, I have a password :',
'You are already registered!' => 'You are already registered!',
'You don\'t need to use commas or other punctuations.' => 'You don\'t need to use commas or other punctuations.',
'You\'ve submitted this form too many times. Further submissions will be ignored during %time' => 'You\'ve submitted this form too many times. Further submissions will be ignored during %time',
'Your Email Address' => 'Your Email Address',
'Your Message' => 'Your Message',
'Your current password does not match.' => 'Your current password does not match.',
@@ -377,4 +376,6 @@ return array(
'this product id does not exists : %d' => 'this product id does not exists : %d',
'thousands separator' => 'Séparateur de milliers',
'time format' => 'time format',
'hour(s)' => 'hour(s)',
'minute(s)' => 'minute(s)',
);

9
core/lib/Thelia/Config/I18n/fr_FR.php
View File

@@ -61,7 +61,6 @@ return array(
'Catalog' => 'Catalogue',
'Category title *' => 'Titre de la catégorie *',
'Cellphone' => 'Numéro de portable',
'Chapo' => 'Chapeau',
'Check the total Cart amount in the given currency' => 'Applique une condition sur le montant total du panier dans la devise indiquée.',
'City' => 'Ville',
'Combination builder' => 'générateur de combinaison',
@@ -90,7 +89,6 @@ return array(
'Delivery country' => 'Pays de livraison',
'Delivery coutry is' => 'Le pays de livraison est',
'Delivery module ID not found' => 'Id du module de livraison non trouvé',
'Description' => 'Description',
'Detailed description' => 'Description détaillée',
'Disabled' => 'Désactivé',
'Don\'t repeat keywords over and over in a row. Rather, put in keyword phrases.' => 'Ne répétez pas sans cesse les même mots-clés dans une ligne. Préférez utiliser des expressions de mots-clés',
@@ -220,7 +218,6 @@ return array(
'Please select the offered product' => 'Merci de choisir le produit offert',
'Please specify either \'path\' or \'file\' parameter in {url} function.' => 'Veuillez spécifier soit le paramètre \'chemin\' ou \'fichier\' dans la fonction {url}',
'Port' => 'Port',
'Post Scriptum' => 'Post-scriptum',
'Postage' => 'Frais de livraison',
'Preferred locale' => 'locale souhaitée',
'Prevent mailing template modification or deletion, except for super-admin' => 'Prévenir la suppression ou la modification des templates de mail, excepté pour les super-administrateurs.',
@@ -278,11 +275,11 @@ return array(
'Start date' => 'Date de début de validité',
'Stats on %month/%year' => 'Statistiques pour %month/%year ',
'Store configuration failed.' => 'Erreur de configuration du magasin.',
'Store description' => 'Description du magasin',
'Store email address' => 'Adresse mail du magasin',
'Store logs into text file' => 'Conserver les logs dans des fichiers texte',
'Store logs into text file, up to a certian size, then a new file is created' => 'Sauvegarder les logs dans un fichier texte. A partir d\'une certaine taille un nouveau fichier est créé',
'Store name' => 'Nom du magasin',
'Store description' => 'Description du magasin',
'Street Address' => 'Adresse',
'Street Address ' => 'Rue',
'Strictly use the requested language' => 'Utiliser strictement la langue demandée',
@@ -310,6 +307,7 @@ return array(
'The detailed description.' => 'La description détaillée',
'The image which replaces an undefined country flag (%file) was not found. Please check unknown-flag-path configuration variable, and check that the image exists.' => 'L\'image qui remplace un drapeau de pays manquant (%file) n\'a pas été trouvée. Merci de vérifier la variable de configuration unknown-flag-path.',
'The loop name \'%name\' is already defined in %className class' => 'La boucle \'%name\' est déjà définir dans la classe %className',
'The product sale elements reference %ref doesn\'t exist' => 'La déclinaison de produit %ref n\'existe pas',
'This brand is online' => 'Cette marque est en ligne',
'This category is online.' => 'Cette catégorie est en ligne.',
'This condition is always true' => 'Cette condition est troujours vérifiée',
@@ -360,6 +358,7 @@ return array(
'Yes, I have a password :' => 'Oui, j\'ai un mot de passe :',
'You are already registered!' => 'Vous êtes déjà enregistré !',
'You don\'t need to use commas or other punctuations.' => 'Vous n\'avez pas besoin d\'utiliser de virgules ou d\'autres signes de ponctuation',
'You\'ve submitted this form too many times. Further submissions will be ignored during %time' => 'Vous avez envoyer ce fomulaire un nombre trop important de fois. Les prochaines soumissions seront ignorées pendant %time',
'Your Email Address' => 'Votre adresse mail',
'Your Message' => 'Votre message',
'Your current password does not match.' => 'Votre mot de passe actuel ne correspond pas',
@@ -377,4 +376,6 @@ return array(
'this product id does not exists : %d' => 'l\'id du produit %d n\'existe pas',
'thousands separator' => 'Séparateur des milliers',
'time format' => 'Format d\'heure',
'hour(s)' => 'heure(s)',
'minute(s)' => 'minute(s)',
);

12
core/lib/Thelia/Controller/BaseController.php
View File

@@ -25,6 +25,7 @@ use Symfony\Component\Routing\Router;
use Thelia\Core\Template\TemplateHelper;
use Thelia\Core\Translation\Translator;
use Thelia\Form\FirewallForm;
use Thelia\Model\OrderQuery;
use Thelia\Tools\Redirect;
@@ -200,6 +201,17 @@ abstract class BaseController extends ContainerAware
$form->bind($aBaseForm->getRequest());
if ($form->isValid()) {
if ($aBaseForm instanceof FirewallForm && !$aBaseForm->isFirewallOk()) {
throw new FormValidationException(
$this->getTranslator()->trans(
"You've submitted this form too many times. Further submissions will be ignored during %time",
[
"%time" => $aBaseForm->getWaitingTime(),
]
)
);
}
return $form;
} else {
$errorMessage = null;

2
core/lib/Thelia/Form/AddressCreateForm.php
View File

@@ -21,7 +21,7 @@ use Thelia\Core\Translation\Translator;
* @package Thelia\Form
* @author Manuel Raynaud <mraynaud@openstudio.fr>
*/
class AddressCreateForm extends BaseForm
class AddressCreateForm extends FirewallForm
{
/**

2
core/lib/Thelia/Form/AdminLogin.php
View File

@@ -16,7 +16,7 @@ use Symfony\Component\Validator\Constraints\Length;
use Symfony\Component\Validator\Constraints\NotBlank;
use Thelia\Core\Translation\Translator;
class AdminLogin extends BaseForm
class AdminLogin extends BruteforceForm
{
protected function buildForm()
{

37
core/lib/Thelia/Form/BruteforceForm.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
/*************************************************************************************/
/* This file is part of the Thelia package. */
/* */
/* Copyright (c) OpenStudio */
/* email : dev@thelia.net */
/* web : http://www.thelia.net */
/* */
/* For the full copyright and license information, please view the LICENSE.txt */
/* file that was distributed with this source code. */
/*************************************************************************************/
namespace Thelia\Form;
use Thelia\Model\ConfigQuery;
/**
* Class BruteforceForm
* @package Thelia\Form
* @author Benjamin Perche <bperche@openstudio.fr>
*/
abstract class BruteforceForm extends FirewallForm
{
const DEFAULT_TIME_TO_WAIT = 10; // 10 minutes
const DEFAULT_ATTEMPTS = 10;
public function getConfigTime()
{
return ConfigQuery::read("form_firewall_bruteforce_time_to_wait", static::DEFAULT_TIME_TO_WAIT);
}
public function getConfigAttempts()
{
return ConfigQuery::read("form_firewall_bruteforce_attempts", static::DEFAULT_ATTEMPTS);
}
}

2
core/lib/Thelia/Form/ContactForm.php
View File

@@ -21,7 +21,7 @@ use Thelia\Core\Translation\Translator;
* @package Thelia\Form
* @author Manuel Raynaud <mraynaud@openstudio.fr>
*/
class ContactForm extends BaseForm
class ContactForm extends FirewallForm
{
/**

2
core/lib/Thelia/Form/CustomerLogin.php
View File

@@ -24,7 +24,7 @@ use Thelia\Model\CustomerQuery;
* @package Thelia\Form
* @author Manuel Raynaud <mraynaud@openstudio.fr>
*/
class CustomerLogin extends BaseForm
class CustomerLogin extends BruteforceForm
{
protected function buildForm()
{

2
core/lib/Thelia/Form/CustomerLostPasswordForm.php
View File

@@ -24,7 +24,7 @@ use Thelia\Model\CustomerQuery;
* @package Thelia\Form
* @author Manuel Raynaud <mraynaud@openstudio.fr>
*/
class CustomerLostPasswordForm extends BaseForm
class CustomerLostPasswordForm extends FirewallForm
{
/**
*

121
core/lib/Thelia/Form/FirewallForm.php Normal file
View File

@@ -0,0 +1,121 @@
<?php
/*************************************************************************************/
/* This file is part of the Thelia package. */
/* */
/* Copyright (c) OpenStudio */
/* email : dev@thelia.net */
/* web : http://www.thelia.net */
/* */
/* For the full copyright and license information, please view the LICENSE.txt */
/* file that was distributed with this source code. */
/*************************************************************************************/
namespace Thelia\Form;
use Propel\Runtime\ActiveQuery\Criteria;
use Symfony\Component\HttpFoundation\Request;
use Thelia\Core\Translation\Translator;
use Thelia\Model\ConfigQuery;
use Thelia\Model\FormFirewall;
use Thelia\Model\FormFirewallQuery;
/**
* Class FirewallForm
* @package Thelia\Form
* @author Benjamin Perche <bperche@openstudio.fr>
*/
abstract class FirewallForm extends BaseForm
{
/**
* Those values are for a "normal" security policy
*
* Time is in minutes
*/
const DEFAULT_TIME_TO_WAIT = 60; // 1 hour
const DEFAULT_ATTEMPTS = 6;
public function isFirewallOk()
{
/**
* Empty the firewall
*/
$deleteTime = date("Y-m-d G:i:s", time() - $this->getConfigTime() * 60 );
$collection = FormFirewallQuery::create()
->filterByFormName($this->getName())
->filterByUpdatedAt($deleteTime, Criteria::LESS_THAN)
->find();
$collection->delete();
$firewallInstance = FormFirewallQuery::create()
->filterByFormName($this->getName())
->filterByIpAddress($this->request->getClientIp())
->findOne()
;
if ($this->isFirewallActive() && null !== $firewallInstance) {
if ($firewallInstance->getAttempts() < $this->getConfigAttempts()) {
$firewallInstance->incrementAttempts();
} else {
/** Set updated_at at NOW() */
$firewallInstance->save();
return false;
}
} else {
$firewallInstance = (new FormFirewall())
->setIpAddress($this->request->getClientIp())
->setFormName($this->getName())
;
$firewallInstance->save();
}
return true;
}
/**
* @return int
*
* The time (in hours) to wait if the attempts have been exceeded
*/
public function getConfigTime()
{
return ConfigQuery::read("form_firewall_time_to_wait", static::DEFAULT_TIME_TO_WAIT);
}
/**
* @return int
*
* The number of allowed attempts
*/
public function getConfigAttempts()
{
return ConfigQuery::read("form_firewall_attempts", static::DEFAULT_ATTEMPTS);
}
public function isFirewallActive()
{
return ConfigQuery::read("form_firewall_active", true);
}
public function getWaitingTime()
{
$translator = Translator::getInstance();
$minutes = $this->getConfigTime();
$minutesName = $translator->trans("minute(s)");
$text = "";
if ($minutes >= 60) {
$hour = floor($minutes / 60);
$minutes %= 60;
$text = $hour . " " . $translator->trans("hour(s)") . " ";
}
if ($minutes !== 0) {
$text .= $minutes . " " . $minutesName;
} else {
$text = rtrim($text);
}
return $text;
}
}

2
core/lib/Thelia/Form/OrderPayment.php
View File

@@ -24,7 +24,7 @@ use Thelia\Module\BaseModule;
* @package Thelia\Form
* @author Etienne Roudeix <eroudeix@openstudio.fr>
*/
class OrderPayment extends BaseForm
class OrderPayment extends FirewallForm
{
protected function buildForm()
{

1413
core/lib/Thelia/Model/Base/FormFirewall.php Normal file
View File

File diff suppressed because it is too large Load Diff

615
core/lib/Thelia/Model/Base/FormFirewallQuery.php Normal file
View File

@@ -0,0 +1,615 @@
<?php
namespace Thelia\Model\Base;
use \Exception;
use \PDO;
use Propel\Runtime\Propel;
use Propel\Runtime\ActiveQuery\Criteria;
use Propel\Runtime\ActiveQuery\ModelCriteria;
use Propel\Runtime\Connection\ConnectionInterface;
use Propel\Runtime\Exception\PropelException;
use Thelia\Model\FormFirewall as ChildFormFirewall;
use Thelia\Model\FormFirewallQuery as ChildFormFirewallQuery;
use Thelia\Model\Map\FormFirewallTableMap;
/**
* Base class that represents a query for the 'form_firewall' table.
*
*
*
* @method ChildFormFirewallQuery orderById($order = Criteria::ASC) Order by the id column
* @method ChildFormFirewallQuery orderByFormName($order = Criteria::ASC) Order by the form_name column
* @method ChildFormFirewallQuery orderByIpAddress($order = Criteria::ASC) Order by the ip_address column
* @method ChildFormFirewallQuery orderByAttempts($order = Criteria::ASC) Order by the attempts column
* @method ChildFormFirewallQuery orderByCreatedAt($order = Criteria::ASC) Order by the created_at column
* @method ChildFormFirewallQuery orderByUpdatedAt($order = Criteria::ASC) Order by the updated_at column
*
* @method ChildFormFirewallQuery groupById() Group by the id column
* @method ChildFormFirewallQuery groupByFormName() Group by the form_name column
* @method ChildFormFirewallQuery groupByIpAddress() Group by the ip_address column
* @method ChildFormFirewallQuery groupByAttempts() Group by the attempts column
* @method ChildFormFirewallQuery groupByCreatedAt() Group by the created_at column
* @method ChildFormFirewallQuery groupByUpdatedAt() Group by the updated_at column
*
* @method ChildFormFirewallQuery leftJoin($relation) Adds a LEFT JOIN clause to the query
* @method ChildFormFirewallQuery rightJoin($relation) Adds a RIGHT JOIN clause to the query
* @method ChildFormFirewallQuery innerJoin($relation) Adds a INNER JOIN clause to the query
*
* @method ChildFormFirewall findOne(ConnectionInterface $con = null) Return the first ChildFormFirewall matching the query
* @method ChildFormFirewall findOneOrCreate(ConnectionInterface $con = null) Return the first ChildFormFirewall matching the query, or a new ChildFormFirewall object populated from the query conditions when no match is found
*
* @method ChildFormFirewall findOneById(int $id) Return the first ChildFormFirewall filtered by the id column
* @method ChildFormFirewall findOneByFormName(string $form_name) Return the first ChildFormFirewall filtered by the form_name column
* @method ChildFormFirewall findOneByIpAddress(string $ip_address) Return the first ChildFormFirewall filtered by the ip_address column
* @method ChildFormFirewall findOneByAttempts(int $attempts) Return the first ChildFormFirewall filtered by the attempts column
* @method ChildFormFirewall findOneByCreatedAt(string $created_at) Return the first ChildFormFirewall filtered by the created_at column
* @method ChildFormFirewall findOneByUpdatedAt(string $updated_at) Return the first ChildFormFirewall filtered by the updated_at column
*
* @method array findById(int $id) Return ChildFormFirewall objects filtered by the id column
* @method array findByFormName(string $form_name) Return ChildFormFirewall objects filtered by the form_name column
* @method array findByIpAddress(string $ip_address) Return ChildFormFirewall objects filtered by the ip_address column
* @method array findByAttempts(int $attempts) Return ChildFormFirewall objects filtered by the attempts column
* @method array findByCreatedAt(string $created_at) Return ChildFormFirewall objects filtered by the created_at column
* @method array findByUpdatedAt(string $updated_at) Return ChildFormFirewall objects filtered by the updated_at column
*
*/
abstract class FormFirewallQuery extends ModelCriteria
{
/**
* Initializes internal state of \Thelia\Model\Base\FormFirewallQuery object.
*
* @param string $dbName The database name
* @param string $modelName The phpName of a model, e.g. 'Book'
* @param string $modelAlias The alias for the model in this query, e.g. 'b'
*/
public function __construct($dbName = 'thelia', $modelName = '\\Thelia\\Model\\FormFirewall', $modelAlias = null)
{
parent::__construct($dbName, $modelName, $modelAlias);
}
/**
* Returns a new ChildFormFirewallQuery object.
*
* @param string $modelAlias The alias of a model in the query
* @param Criteria $criteria Optional Criteria to build the query from
*
* @return ChildFormFirewallQuery
*/
public static function create($modelAlias = null, $criteria = null)
{
if ($criteria instanceof \Thelia\Model\FormFirewallQuery) {
return $criteria;
}
$query = new \Thelia\Model\FormFirewallQuery();
if (null !== $modelAlias) {
$query->setModelAlias($modelAlias);
}
if ($criteria instanceof Criteria) {
$query->mergeWith($criteria);
}
return $query;
}
/**
* Find object by primary key.
* Propel uses the instance pool to skip the database if the object exists.
* Go fast if the query is untouched.
*
* <code>
* $obj = $c->findPk(12, $con);
* </code>
*
* @param mixed $key Primary key to use for the query
* @param ConnectionInterface $con an optional connection object
*
* @return ChildFormFirewall|array|mixed the result, formatted by the current formatter
*/
public function findPk($key, $con = null)
{
if ($key === null) {
return null;
}
if ((null !== ($obj = FormFirewallTableMap::getInstanceFromPool((string) $key))) && !$this->formatter) {
// the object is already in the instance pool
return $obj;
}
if ($con === null) {
$con = Propel::getServiceContainer()->getReadConnection(FormFirewallTableMap::DATABASE_NAME);
}
$this->basePreSelect($con);
if ($this->formatter || $this->modelAlias || $this->with || $this->select
|| $this->selectColumns || $this->asColumns || $this->selectModifiers
|| $this->map || $this->having || $this->joins) {
return $this->findPkComplex($key, $con);
} else {
return $this->findPkSimple($key, $con);
}
}
/**
* Find object by primary key using raw SQL to go fast.
* Bypass doSelect() and the object formatter by using generated code.
*
* @param mixed $key Primary key to use for the query
* @param ConnectionInterface $con A connection object
*
* @return ChildFormFirewall A model object, or null if the key is not found
*/
protected function findPkSimple($key, $con)
{
$sql = 'SELECT `ID`, `FORM_NAME`, `IP_ADDRESS`, `ATTEMPTS`, `CREATED_AT`, `UPDATED_AT` FROM `form_firewall` WHERE `ID` = :p0';
try {
$stmt = $con->prepare($sql);
$stmt->bindValue(':p0', $key, PDO::PARAM_INT);
$stmt->execute();
} catch (Exception $e) {
Propel::log($e->getMessage(), Propel::LOG_ERR);
throw new PropelException(sprintf('Unable to execute SELECT statement [%s]', $sql), 0, $e);
}
$obj = null;
if ($row = $stmt->fetch(\PDO::FETCH_NUM)) {
$obj = new ChildFormFirewall();
$obj->hydrate($row);
FormFirewallTableMap::addInstanceToPool($obj, (string) $key);
}
$stmt->closeCursor();
return $obj;
}
/**
* Find object by primary key.
*
* @param mixed $key Primary key to use for the query
* @param ConnectionInterface $con A connection object
*
* @return ChildFormFirewall|array|mixed the result, formatted by the current formatter
*/
protected function findPkComplex($key, $con)
{
// As the query uses a PK condition, no limit(1) is necessary.
$criteria = $this->isKeepQuery() ? clone $this : $this;
$dataFetcher = $criteria
->filterByPrimaryKey($key)
->doSelect($con);
return $criteria->getFormatter()->init($criteria)->formatOne($dataFetcher);
}
/**
* Find objects by primary key
* <code>
* $objs = $c->findPks(array(12, 56, 832), $con);
* </code>
* @param array $keys Primary keys to use for the query
* @param ConnectionInterface $con an optional connection object
*
* @return ObjectCollection|array|mixed the list of results, formatted by the current formatter
*/
public function findPks($keys, $con = null)
{
if (null === $con) {
$con = Propel::getServiceContainer()->getReadConnection($this->getDbName());
}
$this->basePreSelect($con);
$criteria = $this->isKeepQuery() ? clone $this : $this;
$dataFetcher = $criteria
->filterByPrimaryKeys($keys)
->doSelect($con);
return $criteria->getFormatter()->init($criteria)->format($dataFetcher);
}
/**
* Filter the query by primary key
*
* @param mixed $key Primary key to use for the query
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function filterByPrimaryKey($key)
{
return $this->addUsingAlias(FormFirewallTableMap::ID, $key, Criteria::EQUAL);
}
/**
* Filter the query by a list of primary keys
*
* @param array $keys The list of primary key to use for the query
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function filterByPrimaryKeys($keys)
{
return $this->addUsingAlias(FormFirewallTableMap::ID, $keys, Criteria::IN);
}
/**
* Filter the query on the id column
*
* Example usage:
* <code>
* $query->filterById(1234); // WHERE id = 1234
* $query->filterById(array(12, 34)); // WHERE id IN (12, 34)
* $query->filterById(array('min' => 12)); // WHERE id > 12
* </code>
*
* @param mixed $id The value to use as filter.
* Use scalar values for equality.
* Use array values for in_array() equivalent.
* Use associative array('min' => $minValue, 'max' => $maxValue) for intervals.
* @param string $comparison Operator to use for the column comparison, defaults to Criteria::EQUAL
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function filterById($id = null, $comparison = null)
{
if (is_array($id)) {
$useMinMax = false;
if (isset($id['min'])) {
$this->addUsingAlias(FormFirewallTableMap::ID, $id['min'], Criteria::GREATER_EQUAL);
$useMinMax = true;
}
if (isset($id['max'])) {
$this->addUsingAlias(FormFirewallTableMap::ID, $id['max'], Criteria::LESS_EQUAL);
$useMinMax = true;
}
if ($useMinMax) {
return $this;
}
if (null === $comparison) {
$comparison = Criteria::IN;
}
}
return $this->addUsingAlias(FormFirewallTableMap::ID, $id, $comparison);
}
/**
* Filter the query on the form_name column
*
* Example usage:
* <code>
* $query->filterByFormName('fooValue'); // WHERE form_name = 'fooValue'
* $query->filterByFormName('%fooValue%'); // WHERE form_name LIKE '%fooValue%'
* </code>
*
* @param string $formName The value to use as filter.
* Accepts wildcards (* and % trigger a LIKE)
* @param string $comparison Operator to use for the column comparison, defaults to Criteria::EQUAL
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function filterByFormName($formName = null, $comparison = null)
{
if (null === $comparison) {
if (is_array($formName)) {
$comparison = Criteria::IN;
} elseif (preg_match('/[\%\*]/', $formName)) {
$formName = str_replace('*', '%', $formName);
$comparison = Criteria::LIKE;
}
}
return $this->addUsingAlias(FormFirewallTableMap::FORM_NAME, $formName, $comparison);
}
/**
* Filter the query on the ip_address column
*
* Example usage:
* <code>
* $query->filterByIpAddress('fooValue'); // WHERE ip_address = 'fooValue'
* $query->filterByIpAddress('%fooValue%'); // WHERE ip_address LIKE '%fooValue%'
* </code>
*
* @param string $ipAddress The value to use as filter.
* Accepts wildcards (* and % trigger a LIKE)
* @param string $comparison Operator to use for the column comparison, defaults to Criteria::EQUAL
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function filterByIpAddress($ipAddress = null, $comparison = null)
{
if (null === $comparison) {
if (is_array($ipAddress)) {
$comparison = Criteria::IN;
} elseif (preg_match('/[\%\*]/', $ipAddress)) {
$ipAddress = str_replace('*', '%', $ipAddress);
$comparison = Criteria::LIKE;
}
}
return $this->addUsingAlias(FormFirewallTableMap::IP_ADDRESS, $ipAddress, $comparison);
}
/**
* Filter the query on the attempts column
*
* Example usage:
* <code>
* $query->filterByAttempts(1234); // WHERE attempts = 1234
* $query->filterByAttempts(array(12, 34)); // WHERE attempts IN (12, 34)
* $query->filterByAttempts(array('min' => 12)); // WHERE attempts > 12
* </code>
*
* @param mixed $attempts The value to use as filter.
* Use scalar values for equality.
* Use array values for in_array() equivalent.
* Use associative array('min' => $minValue, 'max' => $maxValue) for intervals.
* @param string $comparison Operator to use for the column comparison, defaults to Criteria::EQUAL
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function filterByAttempts($attempts = null, $comparison = null)
{
if (is_array($attempts)) {
$useMinMax = false;
if (isset($attempts['min'])) {
$this->addUsingAlias(FormFirewallTableMap::ATTEMPTS, $attempts['min'], Criteria::GREATER_EQUAL);
$useMinMax = true;
}
if (isset($attempts['max'])) {
$this->addUsingAlias(FormFirewallTableMap::ATTEMPTS, $attempts['max'], Criteria::LESS_EQUAL);
$useMinMax = true;
}
if ($useMinMax) {
return $this;
}
if (null === $comparison) {
$comparison = Criteria::IN;
}
}
return $this->addUsingAlias(FormFirewallTableMap::ATTEMPTS, $attempts, $comparison);
}
/**
* Filter the query on the created_at column
*
* Example usage:
* <code>
* $query->filterByCreatedAt('2011-03-14'); // WHERE created_at = '2011-03-14'
* $query->filterByCreatedAt('now'); // WHERE created_at = '2011-03-14'
* $query->filterByCreatedAt(array('max' => 'yesterday')); // WHERE created_at > '2011-03-13'
* </code>
*
* @param mixed $createdAt The value to use as filter.
* Values can be integers (unix timestamps), DateTime objects, or strings.
* Empty strings are treated as NULL.
* Use scalar values for equality.
* Use array values for in_array() equivalent.
* Use associative array('min' => $minValue, 'max' => $maxValue) for intervals.
* @param string $comparison Operator to use for the column comparison, defaults to Criteria::EQUAL
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function filterByCreatedAt($createdAt = null, $comparison = null)
{
if (is_array($createdAt)) {
$useMinMax = false;
if (isset($createdAt['min'])) {
$this->addUsingAlias(FormFirewallTableMap::CREATED_AT, $createdAt['min'], Criteria::GREATER_EQUAL);
$useMinMax = true;
}
if (isset($createdAt['max'])) {
$this->addUsingAlias(FormFirewallTableMap::CREATED_AT, $createdAt['max'], Criteria::LESS_EQUAL);
$useMinMax = true;
}
if ($useMinMax) {
return $this;
}
if (null === $comparison) {
$comparison = Criteria::IN;
}
}
return $this->addUsingAlias(FormFirewallTableMap::CREATED_AT, $createdAt, $comparison);
}
/**
* Filter the query on the updated_at column
*
* Example usage:
* <code>
* $query->filterByUpdatedAt('2011-03-14'); // WHERE updated_at = '2011-03-14'
* $query->filterByUpdatedAt('now'); // WHERE updated_at = '2011-03-14'
* $query->filterByUpdatedAt(array('max' => 'yesterday')); // WHERE updated_at > '2011-03-13'
* </code>
*
* @param mixed $updatedAt The value to use as filter.
* Values can be integers (unix timestamps), DateTime objects, or strings.
* Empty strings are treated as NULL.
* Use scalar values for equality.
* Use array values for in_array() equivalent.
* Use associative array('min' => $minValue, 'max' => $maxValue) for intervals.
* @param string $comparison Operator to use for the column comparison, defaults to Criteria::EQUAL
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function filterByUpdatedAt($updatedAt = null, $comparison = null)
{
if (is_array($updatedAt)) {
$useMinMax = false;
if (isset($updatedAt['min'])) {
$this->addUsingAlias(FormFirewallTableMap::UPDATED_AT, $updatedAt['min'], Criteria::GREATER_EQUAL);
$useMinMax = true;
}
if (isset($updatedAt['max'])) {
$this->addUsingAlias(FormFirewallTableMap::UPDATED_AT, $updatedAt['max'], Criteria::LESS_EQUAL);
$useMinMax = true;
}
if ($useMinMax) {
return $this;
}
if (null === $comparison) {
$comparison = Criteria::IN;
}
}
return $this->addUsingAlias(FormFirewallTableMap::UPDATED_AT, $updatedAt, $comparison);
}
/**
* Exclude object from result
*
* @param ChildFormFirewall $formFirewall Object to remove from the list of results
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function prune($formFirewall = null)
{
if ($formFirewall) {
$this->addUsingAlias(FormFirewallTableMap::ID, $formFirewall->getId(), Criteria::NOT_EQUAL);
}
return $this;
}
/**
* Deletes all rows from the form_firewall table.
*
* @param ConnectionInterface $con the connection to use
* @return int The number of affected rows (if supported by underlying database driver).
*/
public function doDeleteAll(ConnectionInterface $con = null)
{
if (null === $con) {
$con = Propel::getServiceContainer()->getWriteConnection(FormFirewallTableMap::DATABASE_NAME);
}
$affectedRows = 0; // initialize var to track total num of affected rows
try {
// use transaction because $criteria could contain info
// for more than one table or we could emulating ON DELETE CASCADE, etc.
$con->beginTransaction();
$affectedRows += parent::doDeleteAll($con);
// Because this db requires some delete cascade/set null emulation, we have to
// clear the cached instance *after* the emulation has happened (since
// instances get re-added by the select statement contained therein).
FormFirewallTableMap::clearInstancePool();
FormFirewallTableMap::clearRelatedInstancePool();
$con->commit();
} catch (PropelException $e) {
$con->rollBack();
throw $e;
}
return $affectedRows;
}
/**
* Performs a DELETE on the database, given a ChildFormFirewall or Criteria object OR a primary key value.
*
* @param mixed $values Criteria or ChildFormFirewall object or primary key or array of primary keys
* which is used to create the DELETE statement
* @param ConnectionInterface $con the connection to use
* @return int The number of affected rows (if supported by underlying database driver). This includes CASCADE-related rows
* if supported by native driver or if emulated using Propel.
* @throws PropelException Any exceptions caught during processing will be
* rethrown wrapped into a PropelException.
*/
public function delete(ConnectionInterface $con = null)
{
if (null === $con) {
$con = Propel::getServiceContainer()->getWriteConnection(FormFirewallTableMap::DATABASE_NAME);
}
$criteria = $this;
// Set the correct dbName
$criteria->setDbName(FormFirewallTableMap::DATABASE_NAME);
$affectedRows = 0; // initialize var to track total num of affected rows
try {
// use transaction because $criteria could contain info
// for more than one table or we could emulating ON DELETE CASCADE, etc.
$con->beginTransaction();
FormFirewallTableMap::removeInstanceFromPool($criteria);
$affectedRows += ModelCriteria::delete($con);
FormFirewallTableMap::clearRelatedInstancePool();
$con->commit();
return $affectedRows;
} catch (PropelException $e) {
$con->rollBack();
throw $e;
}
}
// timestampable behavior
/**
* Filter by the latest updated
*
* @param int $nbDays Maximum age of the latest update in days
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function recentlyUpdated($nbDays = 7)
{
return $this->addUsingAlias(FormFirewallTableMap::UPDATED_AT, time() - $nbDays * 24 * 60 * 60, Criteria::GREATER_EQUAL);
}
/**
* Filter by the latest created
*
* @param int $nbDays Maximum age of in days
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function recentlyCreated($nbDays = 7)
{
return $this->addUsingAlias(FormFirewallTableMap::CREATED_AT, time() - $nbDays * 24 * 60 * 60, Criteria::GREATER_EQUAL);
}
/**
* Order by update date desc
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function lastUpdatedFirst()
{
return $this->addDescendingOrderByColumn(FormFirewallTableMap::UPDATED_AT);
}
/**
* Order by update date asc
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function firstUpdatedFirst()
{
return $this->addAscendingOrderByColumn(FormFirewallTableMap::UPDATED_AT);
}
/**
* Order by create date desc
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function lastCreatedFirst()
{
return $this->addDescendingOrderByColumn(FormFirewallTableMap::CREATED_AT);
}
/**
* Order by create date asc
*
* @return ChildFormFirewallQuery The current query, for fluid interface
*/
public function firstCreatedFirst()
{
return $this->addAscendingOrderByColumn(FormFirewallTableMap::CREATED_AT);
}
} // FormFirewallQuery

26
core/lib/Thelia/Model/FormFirewall.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
namespace Thelia\Model;
use Thelia\Model\Base\FormFirewall as BaseFormFirewall;
class FormFirewall extends BaseFormFirewall
{
public function resetAttempts()
{
$this->setAttempts(0)->save();
return $this;
}
public function incrementAttempts()
{
$this->setAttempts(
$this->getAttempts() + 1
);
$this->save();
return $this;
}
}

20
core/lib/Thelia/Model/FormFirewallQuery.php Normal file
View File

@@ -0,0 +1,20 @@
<?php
namespace Thelia\Model;
use Thelia\Model\Base\FormFirewallQuery as BaseFormFirewallQuery;
/**
* Skeleton subclass for performing query and update operations on the 'form_firewall' table.
*
*
*
* You should add additional methods to this class to meet the
* application requirements. This class will only be generated as
* long as it does not already exist in the output directory.
*
*/
class FormFirewallQuery extends BaseFormFirewallQuery
{
} // FormFirewallQuery

455
core/lib/Thelia/Model/Map/FormFirewallTableMap.php Normal file
View File

@@ -0,0 +1,455 @@
<?php
namespace Thelia\Model\Map;
use Propel\Runtime\Propel;
use Propel\Runtime\ActiveQuery\Criteria;
use Propel\Runtime\ActiveQuery\InstancePoolTrait;
use Propel\Runtime\Connection\ConnectionInterface;
use Propel\Runtime\DataFetcher\DataFetcherInterface;
use Propel\Runtime\Exception\PropelException;
use Propel\Runtime\Map\RelationMap;
use Propel\Runtime\Map\TableMap;
use Propel\Runtime\Map\TableMapTrait;
use Thelia\Model\FormFirewall;
use Thelia\Model\FormFirewallQuery;
/**
* This class defines the structure of the 'form_firewall' table.
*
*
*
* This map class is used by Propel to do runtime db structure discovery.
* For example, the createSelectSql() method checks the type of a given column used in an
* ORDER BY clause to know whether it needs to apply SQL to make the ORDER BY case-insensitive
* (i.e. if it's a text column type).
*
*/
class FormFirewallTableMap extends TableMap
{
use InstancePoolTrait;
use TableMapTrait;
/**
* The (dot-path) name of this class
*/
const CLASS_NAME = 'Thelia.Model.Map.FormFirewallTableMap';
/**
* The default database name for this class
*/
const DATABASE_NAME = 'thelia';
/**
* The table name for this class
*/
const TABLE_NAME = 'form_firewall';
/**
* The related Propel class for this table
*/
const OM_CLASS = '\\Thelia\\Model\\FormFirewall';
/**
* A class that can be returned by this tableMap
*/
const CLASS_DEFAULT = 'Thelia.Model.FormFirewall';
/**
* The total number of columns
*/
const NUM_COLUMNS = 6;
/**
* The number of lazy-loaded columns
*/
const NUM_LAZY_LOAD_COLUMNS = 0;
/**
* The number of columns to hydrate (NUM_COLUMNS - NUM_LAZY_LOAD_COLUMNS)
*/
const NUM_HYDRATE_COLUMNS = 6;
/**
* the column name for the ID field
*/
const ID = 'form_firewall.ID';
/**
* the column name for the FORM_NAME field
*/
const FORM_NAME = 'form_firewall.FORM_NAME';
/**
* the column name for the IP_ADDRESS field
*/
const IP_ADDRESS = 'form_firewall.IP_ADDRESS';
/**
* the column name for the ATTEMPTS field
*/
const ATTEMPTS = 'form_firewall.ATTEMPTS';
/**
* the column name for the CREATED_AT field
*/
const CREATED_AT = 'form_firewall.CREATED_AT';
/**
* the column name for the UPDATED_AT field
*/
const UPDATED_AT = 'form_firewall.UPDATED_AT';
/**
* The default string format for model objects of the related table
*/
const DEFAULT_STRING_FORMAT = 'YAML';
/**
* holds an array of fieldnames
*
* first dimension keys are the type constants
* e.g. self::$fieldNames[self::TYPE_PHPNAME][0] = 'Id'
*/
protected static $fieldNames = array (
self::TYPE_PHPNAME => array('Id', 'FormName', 'IpAddress', 'Attempts', 'CreatedAt', 'UpdatedAt', ),
self::TYPE_STUDLYPHPNAME => array('id', 'formName', 'ipAddress', 'attempts', 'createdAt', 'updatedAt', ),
self::TYPE_COLNAME => array(FormFirewallTableMap::ID, FormFirewallTableMap::FORM_NAME, FormFirewallTableMap::IP_ADDRESS, FormFirewallTableMap::ATTEMPTS, FormFirewallTableMap::CREATED_AT, FormFirewallTableMap::UPDATED_AT, ),
self::TYPE_RAW_COLNAME => array('ID', 'FORM_NAME', 'IP_ADDRESS', 'ATTEMPTS', 'CREATED_AT', 'UPDATED_AT', ),
self::TYPE_FIELDNAME => array('id', 'form_name', 'ip_address', 'attempts', 'created_at', 'updated_at', ),
self::TYPE_NUM => array(0, 1, 2, 3, 4, 5, )
);
/**
* holds an array of keys for quick access to the fieldnames array
*
* first dimension keys are the type constants
* e.g. self::$fieldKeys[self::TYPE_PHPNAME]['Id'] = 0
*/
protected static $fieldKeys = array (
self::TYPE_PHPNAME => array('Id' => 0, 'FormName' => 1, 'IpAddress' => 2, 'Attempts' => 3, 'CreatedAt' => 4, 'UpdatedAt' => 5, ),
self::TYPE_STUDLYPHPNAME => array('id' => 0, 'formName' => 1, 'ipAddress' => 2, 'attempts' => 3, 'createdAt' => 4, 'updatedAt' => 5, ),
self::TYPE_COLNAME => array(FormFirewallTableMap::ID => 0, FormFirewallTableMap::FORM_NAME => 1, FormFirewallTableMap::IP_ADDRESS => 2, FormFirewallTableMap::ATTEMPTS => 3, FormFirewallTableMap::CREATED_AT => 4, FormFirewallTableMap::UPDATED_AT => 5, ),
self::TYPE_RAW_COLNAME => array('ID' => 0, 'FORM_NAME' => 1, 'IP_ADDRESS' => 2, 'ATTEMPTS' => 3, 'CREATED_AT' => 4, 'UPDATED_AT' => 5, ),
self::TYPE_FIELDNAME => array('id' => 0, 'form_name' => 1, 'ip_address' => 2, 'attempts' => 3, 'created_at' => 4, 'updated_at' => 5, ),
self::TYPE_NUM => array(0, 1, 2, 3, 4, 5, )
);
/**
* Initialize the table attributes and columns
* Relations are not initialized by this method since they are lazy loaded
*
* @return void
* @throws PropelException
*/
public function initialize()
{
// attributes
$this->setName('form_firewall');
$this->setPhpName('FormFirewall');
$this->setClassName('\\Thelia\\Model\\FormFirewall');
$this->setPackage('Thelia.Model');
$this->setUseIdGenerator(true);
// columns
$this->addPrimaryKey('ID', 'Id', 'INTEGER', true, null, null);
$this->addColumn('FORM_NAME', 'FormName', 'VARCHAR', true, 255, null);
$this->addColumn('IP_ADDRESS', 'IpAddress', 'VARCHAR', true, 15, null);
$this->addColumn('ATTEMPTS', 'Attempts', 'TINYINT', false, null, 1);
$this->addColumn('CREATED_AT', 'CreatedAt', 'TIMESTAMP', false, null, null);
$this->addColumn('UPDATED_AT', 'UpdatedAt', 'TIMESTAMP', false, null, null);
} // initialize()
/**
* Build the RelationMap objects for this table relationships
*/
public function buildRelations()
{
} // buildRelations()
/**
*
* Gets the list of behaviors registered for this table
*
* @return array Associative array (name => parameters) of behaviors
*/
public function getBehaviors()
{
return array(
'timestampable' => array('create_column' => 'created_at', 'update_column' => 'updated_at', ),
);
} // getBehaviors()
/**
* Retrieves a string version of the primary key from the DB resultset row that can be used to uniquely identify a row in this table.
*
* For tables with a single-column primary key, that simple pkey value will be returned. For tables with
* a multi-column primary key, a serialize()d version of the primary key will be returned.
*
* @param array $row resultset row.
* @param int $offset The 0-based offset for reading from the resultset row.
* @param string $indexType One of the class type constants TableMap::TYPE_PHPNAME, TableMap::TYPE_STUDLYPHPNAME
* TableMap::TYPE_COLNAME, TableMap::TYPE_FIELDNAME, TableMap::TYPE_NUM
*/
public static function getPrimaryKeyHashFromRow($row, $offset = 0, $indexType = TableMap::TYPE_NUM)
{
// If the PK cannot be derived from the row, return NULL.
if ($row[TableMap::TYPE_NUM == $indexType ? 0 + $offset : static::translateFieldName('Id', TableMap::TYPE_PHPNAME, $indexType)] === null) {
return null;
}
return (string) $row[TableMap::TYPE_NUM == $indexType ? 0 + $offset : static::translateFieldName('Id', TableMap::TYPE_PHPNAME, $indexType)];
}
/**
* Retrieves the primary key from the DB resultset row
* For tables with a single-column primary key, that simple pkey value will be returned. For tables with
* a multi-column primary key, an array of the primary key columns will be returned.
*
* @param array $row resultset row.
* @param int $offset The 0-based offset for reading from the resultset row.
* @param string $indexType One of the class type constants TableMap::TYPE_PHPNAME, TableMap::TYPE_STUDLYPHPNAME
* TableMap::TYPE_COLNAME, TableMap::TYPE_FIELDNAME, TableMap::TYPE_NUM
*
* @return mixed The primary key of the row
*/
public static function getPrimaryKeyFromRow($row, $offset = 0, $indexType = TableMap::TYPE_NUM)
{
return (int) $row[
$indexType == TableMap::TYPE_NUM
? 0 + $offset
: self::translateFieldName('Id', TableMap::TYPE_PHPNAME, $indexType)
];
}
/**
* The class that the tableMap will make instances of.
*
* If $withPrefix is true, the returned path
* uses a dot-path notation which is translated into a path
* relative to a location on the PHP include_path.
* (e.g. path.to.MyClass -> 'path/to/MyClass.php')
*
* @param boolean $withPrefix Whether or not to return the path with the class name
* @return string path.to.ClassName
*/
public static function getOMClass($withPrefix = true)
{
return $withPrefix ? FormFirewallTableMap::CLASS_DEFAULT : FormFirewallTableMap::OM_CLASS;
}
/**
* Populates an object of the default type or an object that inherit from the default.
*
* @param array $row row returned by DataFetcher->fetch().
* @param int $offset The 0-based offset for reading from the resultset row.
* @param string $indexType The index type of $row. Mostly DataFetcher->getIndexType().
One of the class type constants TableMap::TYPE_PHPNAME, TableMap::TYPE_STUDLYPHPNAME
* TableMap::TYPE_COLNAME, TableMap::TYPE_FIELDNAME, TableMap::TYPE_NUM.
*
* @throws PropelException Any exceptions caught during processing will be
* rethrown wrapped into a PropelException.
* @return array (FormFirewall object, last column rank)
*/
public static function populateObject($row, $offset = 0, $indexType = TableMap::TYPE_NUM)
{
$key = FormFirewallTableMap::getPrimaryKeyHashFromRow($row, $offset, $indexType);
if (null !== ($obj = FormFirewallTableMap::getInstanceFromPool($key))) {
// We no longer rehydrate the object, since this can cause data loss.
// See http://www.propelorm.org/ticket/509
// $obj->hydrate($row, $offset, true); // rehydrate
$col = $offset + FormFirewallTableMap::NUM_HYDRATE_COLUMNS;
} else {
$cls = FormFirewallTableMap::OM_CLASS;
$obj = new $cls();
$col = $obj->hydrate($row, $offset, false, $indexType);
FormFirewallTableMap::addInstanceToPool($obj, $key);
}
return array($obj, $col);
}
/**
* The returned array will contain objects of the default type or
* objects that inherit from the default.
*
* @param DataFetcherInterface $dataFetcher
* @return array
* @throws PropelException Any exceptions caught during processing will be
* rethrown wrapped into a PropelException.
*/
public static function populateObjects(DataFetcherInterface $dataFetcher)
{
$results = array();
// set the class once to avoid overhead in the loop
$cls = static::getOMClass(false);
// populate the object(s)
while ($row = $dataFetcher->fetch()) {
$key = FormFirewallTableMap::getPrimaryKeyHashFromRow($row, 0, $dataFetcher->getIndexType());
if (null !== ($obj = FormFirewallTableMap::getInstanceFromPool($key))) {
// We no longer rehydrate the object, since this can cause data loss.
// See http://www.propelorm.org/ticket/509
// $obj->hydrate($row, 0, true); // rehydrate
$results[] = $obj;
} else {
$obj = new $cls();
$obj->hydrate($row);
$results[] = $obj;
FormFirewallTableMap::addInstanceToPool($obj, $key);
} // if key exists
}
return $results;
}
/**
* Add all the columns needed to create a new object.
*
* Note: any columns that were marked with lazyLoad="true" in the
* XML schema will not be added to the select list and only loaded
* on demand.
*
* @param Criteria $criteria object containing the columns to add.
* @param string $alias optional table alias
* @throws PropelException Any exceptions caught during processing will be
* rethrown wrapped into a PropelException.
*/
public static function addSelectColumns(Criteria $criteria, $alias = null)
{
if (null === $alias) {
$criteria->addSelectColumn(FormFirewallTableMap::ID);
$criteria->addSelectColumn(FormFirewallTableMap::FORM_NAME);
$criteria->addSelectColumn(FormFirewallTableMap::IP_ADDRESS);
$criteria->addSelectColumn(FormFirewallTableMap::ATTEMPTS);
$criteria->addSelectColumn(FormFirewallTableMap::CREATED_AT);
$criteria->addSelectColumn(FormFirewallTableMap::UPDATED_AT);
} else {
$criteria->addSelectColumn($alias . '.ID');
$criteria->addSelectColumn($alias . '.FORM_NAME');
$criteria->addSelectColumn($alias . '.IP_ADDRESS');
$criteria->addSelectColumn($alias . '.ATTEMPTS');
$criteria->addSelectColumn($alias . '.CREATED_AT');
$criteria->addSelectColumn($alias . '.UPDATED_AT');
}
}
/**
* Returns the TableMap related to this object.
* This method is not needed for general use but a specific application could have a need.
* @return TableMap
* @throws PropelException Any exceptions caught during processing will be
* rethrown wrapped into a PropelException.
*/
public static function getTableMap()
{
return Propel::getServiceContainer()->getDatabaseMap(FormFirewallTableMap::DATABASE_NAME)->getTable(FormFirewallTableMap::TABLE_NAME);
}
/**
* Add a TableMap instance to the database for this tableMap class.
*/
public static function buildTableMap()
{
$dbMap = Propel::getServiceContainer()->getDatabaseMap(FormFirewallTableMap::DATABASE_NAME);
if (!$dbMap->hasTable(FormFirewallTableMap::TABLE_NAME)) {
$dbMap->addTableObject(new FormFirewallTableMap());
}
}
/**
* Performs a DELETE on the database, given a FormFirewall or Criteria object OR a primary key value.
*
* @param mixed $values Criteria or FormFirewall object or primary key or array of primary keys
* which is used to create the DELETE statement
* @param ConnectionInterface $con the connection to use
* @return int The number of affected rows (if supported by underlying database driver). This includes CASCADE-related rows
* if supported by native driver or if emulated using Propel.
* @throws PropelException Any exceptions caught during processing will be
* rethrown wrapped into a PropelException.
*/
public static function doDelete($values, ConnectionInterface $con = null)
{
if (null === $con) {
$con = Propel::getServiceContainer()->getWriteConnection(FormFirewallTableMap::DATABASE_NAME);
}
if ($values instanceof Criteria) {
// rename for clarity
$criteria = $values;
} elseif ($values instanceof \Thelia\Model\FormFirewall) { // it's a model object
// create criteria based on pk values
$criteria = $values->buildPkeyCriteria();
} else { // it's a primary key, or an array of pks
$criteria = new Criteria(FormFirewallTableMap::DATABASE_NAME);
$criteria->add(FormFirewallTableMap::ID, (array) $values, Criteria::IN);
}
$query = FormFirewallQuery::create()->mergeWith($criteria);
if ($values instanceof Criteria) { FormFirewallTableMap::clearInstancePool();
} elseif (!is_object($values)) { // it's a primary key, or an array of pks
foreach ((array) $values as $singleval) { FormFirewallTableMap::removeInstanceFromPool($singleval);
}
}
return $query->delete($con);
}
/**
* Deletes all rows from the form_firewall table.
*
* @param ConnectionInterface $con the connection to use
* @return int The number of affected rows (if supported by underlying database driver).
*/
public static function doDeleteAll(ConnectionInterface $con = null)
{
return FormFirewallQuery::create()->doDeleteAll($con);
}
/**
* Performs an INSERT on the database, given a FormFirewall or Criteria object.
*
* @param mixed $criteria Criteria or FormFirewall object containing data that is used to create the INSERT statement.
* @param ConnectionInterface $con the ConnectionInterface connection to use
* @return mixed The new primary key.
* @throws PropelException Any exceptions caught during processing will be
* rethrown wrapped into a PropelException.
*/
public static function doInsert($criteria, ConnectionInterface $con = null)
{
if (null === $con) {
$con = Propel::getServiceContainer()->getWriteConnection(FormFirewallTableMap::DATABASE_NAME);
}
if ($criteria instanceof Criteria) {
$criteria = clone $criteria; // rename for clarity
} else {
$criteria = $criteria->buildCriteria(); // build Criteria from FormFirewall object
}
if ($criteria->containsKey(FormFirewallTableMap::ID) && $criteria->keyContainsValue(FormFirewallTableMap::ID) ) {
throw new PropelException('Cannot insert a value for auto-increment primary key ('.FormFirewallTableMap::ID.')');
}
// Set the correct dbName
$query = FormFirewallQuery::create()->mergeWith($criteria);
try {
// use transaction because $criteria could contain info
// for more than one table (I guess, conceivably)
$con->beginTransaction();
$pk = $query->doInsert($con);
$con->commit();
} catch (PropelException $e) {
$con->rollBack();
throw $e;
}
return $pk;
}
} // FormFirewallTableMap
// This is the static code needed to register the TableMap for this table with the main Propel class.
//
FormFirewallTableMap::buildTableMap();

173
core/lib/Thelia/Tests/Form/FirewallTest.php Normal file
View File

@@ -0,0 +1,173 @@
<?php
/*************************************************************************************/
/* This file is part of the Thelia package. */
/* */
/* Copyright (c) OpenStudio */
/* email : dev@thelia.net */
/* web : http://www.thelia.net */
/* */
/* For the full copyright and license information, please view the LICENSE.txt */
/* file that was distributed with this source code. */
/*************************************************************************************/
namespace Thelia\Tests\Form;
use Symfony\Component\DependencyInjection\Container;
use Thelia\Core\HttpFoundation\Session\Session;
use Thelia\Core\Translation\Translator;
use Thelia\Model\ConfigQuery;
use Thelia\Model\FormFirewallQuery;
use Thelia\Model\Map\FormFirewallTableMap;
/**
* Class FirewallTest
* @package Thelia\Tests\Form
* @author Benjamin Perche <bperche@openstudio.fr>
*/
class FirewallTest extends \PHPUnit_Framework_TestCase
{
/** @var \Thelia\Core\HttpFoundation\Request */
protected $request;
/** @var \PHPUnit_Framework_MockObject_MockObject */
protected $form;
public function setUp()
{
$session = new Session();
new Translator(new Container());
$this->request = $this->getMock("\Thelia\Core\HttpFoundation\Request");
$this->request
->expects($this->any())
->method("getClientIp")
->willReturn("127.0.0.1")
;
$this->request
->expects($this->any())
->method("getSession")
->willReturn($session)
;
/**
* Get an example form. We
*/
$this->form = $this->getMock(
"\Thelia\Form\FirewallForm",
[
"buildForm",
"getName",
],
[
$this->request,
]
);
$this->form
->expects($this->any())
->method('getName')
->will($this->returnValue("test_form_firewall"))
;
/**
* Be sure that the firewall is active
*/
ConfigQuery::write("form_firewall_active", 1);
ConfigQuery::write("form_firewall_time_to_wait", 60);
ConfigQuery::write("form_firewall_attempts", 6);
/**
* Empty the firewall blacklist between each test
*/
FormFirewallQuery::create()->find()->delete();
}
public function testBlock()
{
for ($i = 1; $i <= 10; ++$i) {
if ($i > 6) {
$this->assertFalse(
$this->form->isFirewallOk()
);
} else {
$this->assertTrue(
$this->form->isFirewallOk()
);
}
$attempts = FormFirewallQuery::create()
->select(FormFirewallTableMap::ATTEMPTS)
->findOne()
;
$this->assertEquals($i > 6 ? 6 : $i, $attempts);
}
}
public function testFormatTime()
{
$this->assertEquals(
"1 hour(s)",
$this->form->getWaitingTime()
);
ConfigQuery::write("form_firewall_time_to_wait", 61);
$this->assertEquals(
"1 hour(s) 1 minute(s)",
$this->form->getWaitingTime()
);
ConfigQuery::write("form_firewall_time_to_wait", 59);
$this->assertEquals(
"59 minute(s)",
$this->form->getWaitingTime()
);
ConfigQuery::write("form_firewall_time_to_wait", 5);
$this->assertEquals(
"5 minute(s)",
$this->form->getWaitingTime()
);
ConfigQuery::write("form_firewall_time_to_wait", 132);
$this->assertEquals(
"2 hour(s) 12 minute(s)",
$this->form->getWaitingTime()
);
}
public function testAutoDelete()
{
/** Add two rows */
$this->form->isFirewallOk();
$this->form
->expects($this->any())
->method('getName')
->will($this->returnValue("test_form_firewall_2"))
;
$this->form->isFirewallOk();
/** Set the time to 1h and 1s after the limit */
FormFirewallQuery::create()
->findOne()
->setUpdatedAt(date("Y-m-d G:i:s", time() - 3601))
->save()
;
$this->form->isFirewallOk();
/** Assert that the table is empty */
$this->assertEquals(
1,
FormFirewallQuery::create()->count()
);
}
}

15
local/config/schema.xml
View File

@@ -1,4 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<database defaultIdMethod="native" name="thelia">
<table name="category" namespace="Thelia\Model">
<column autoIncrement="true" name="id" primaryKey="true" required="true" type="INTEGER" />
@@ -1491,4 +1492,18 @@
<parameter name="i18n_columns" value="title, description, chapo, postscriptum" />
</behavior>
</table>
<table name="form_firewall" namespace="Thelia\Model">
<column autoIncrement="true" name="id" primaryKey="true" required="true" type="INTEGER" />
<column name="form_name" required="true" type="VARCHAR" size="255" />
<column name="ip_address" required="true" type="VARCHAR" size="15" />
<column defaultValue="1" name="attempts" type="TINYINT" />
<index name="idx_form_firewall_form_name">
<index-column name="form_name" />
</index>
<index name="idx_form_firewall_ip_address">
<index-column name="ip_address" />
</index>
<behavior name="timestampable" />
</table>
</database>

41
setup/insert.sql
View File

@@ -51,7 +51,13 @@ INSERT INTO `config` (`name`, `value`, `secured`, `hidden`, `created_at`, `updat
('front_cart_country_cookie_name','fcccn', 1, 1, NOW(), NOW()),
('front_cart_country_cookie_expires','2592000', 1, 1, NOW(), NOW()),
('sitemap_ttl','7200', 1, 1, NOW(), NOW()),
('feed_ttl','7200', 1, 1, NOW(), NOW());
('feed_ttl','7200', 1, 1, NOW(), NOW()),
('form_firewall_bruteforce_time_to_wait', '10', 0, 0, NOW(), NOW()),
('form_firewall_time_to_wait', '60', 0, 0, NOW(), NOW()),
('form_firewall_bruteforce_attempts', '10', 0, 0, NOW(), NOW()),
('form_firewall_attempts', '6', 0, 0, NOW(), NOW()),
('from_firewall_active', '1', 0, 0, NOW(), NOW());
INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
@@ -1378,3 +1384,36 @@ INSERT INTO `message_i18n` (`id`, `locale`, `title`, `subject`, `text_message`,
(1, 'fr_FR', 'Confirmation de commande', 'Commande : {$order_ref}', '{assign var="order_id" value=1}\\r\\n\\r\\n{loop name="order.invoice" type="order" id=$order_id customer="*"}\\r\\n {loop name="currency.order" type="currency" id=$CURRENCY}\\r\\n {assign "orderCurrency" $CODE}\\r\\n {/loop}\\r\\n{loop type="order_address" name="delivery_address" id=$INVOICE_ADDRESS}\\r\\n{loop type="title" name="order-invoice-address-title" id=$TITLE}{$LONG}{/loop}{$FIRSTNAME} {$LASTNAME}\\\\r\\\\n\\r\\n{$ADDRESS1} {$ADDRESS2} {$ADDRESS3}\\\\r\\\\n\\r\\n{$ZIPCODE} {$CITY}\\\\r\\\\n\\r\\n{loop type="country" name="country_delivery" id=$COUNTRY}{$TITLE}{/loop}\\\\r\\\\n\\r\\n{/loop}\\r\\nConfirmation de commande {$REF} du {format_date date=$INVOICE_DATE}\\\\r\\\\n\\\\r\\\\n\\r\\nLes articles commandés:\\\\r\\\\n\\r\\n{loop type="order_product" name="order-products" order=$ID}\\r\\n{if $WAS_IN_PROMO == 1}\\r\\n {assign "realPrice" $PROMO_PRICE}\\r\\n {assign "realTax" $PROMO_PRICE_TAX}\\r\\n {assign "realTaxedPrice" $TAXED_PROMO_PRICE}\\r\\n{else}\\r\\n {assign "realPrice" $PRICE}\\r\\n {assign "realTax" $PRICE_TAX}\\r\\n {assign "realTaxedPrice" $TAXED_PRICE}\\r\\n{/if}\\r\\n \\\\r\\\\n\\r\\n Article : {$TITLE}\\r\\n{ifloop rel="combinations"}\\r\\n {loop type="order_product_attribute_combination" name="combinations" order_product=$ID}\\r\\n {$ATTRIBUTE_TITLE} - {$ATTRIBUTE_AVAILABILITY_TITLE}\\\\r\\\\n\\r\\n{/loop}\\r\\n{/ifloop}\\\\r\\\\n\\r\\n Quantité : {$QUANTITY}\\\\r\\\\n\\r\\n Prix unitaire TTC : {$realTaxedPrice} {$orderCurrency}\\\\r\\\\n\\r\\n{/loop}\\r\\n\\\\r\\\\n-----------------------------------------\\\\r\\\\n\\r\\nMontant total TTC : {$TOTAL_TAXED_AMOUNT - $POSTAGE} {$orderCurrency} \\\\r\\\\n\\r\\nFrais de port TTC : {$POSTAGE} {$orderCurrency} \\\\r\\\\n\\r\\nSomme totale: {$TOTAL_TAXED_AMOUNT} {$orderCurrency} \\\\r\\\\n\\r\\n==================================\\\\r\\\\n\\\\r\\\\n\\r\\nVotre facture est disponible dans la rubrique mon compte sur {config key="url_site"}\\r\\n{/loop}', NULL),
(2, 'en_US', 'Your new password', 'Your new password', 'Your new passord is : {$password}', NULL),
(2, 'fr_FR', 'Votre nouveau mot de passe', 'Votre nouveau mot de passe', 'Votre nouveau mot de passe est : {$password}', NULL);
-- Add firewall i18n
SELECT @bf_time := `id` FROM `config` WHERE `name` = 'form_firewall_bruteforce_time_to_wait';
SELECT @time := `id` FROM `config` WHERE `name` = 'form_firewall_time_to_wait';
SELECT @bf_attempts := `id` FROM `config` WHERE `name` = 'form_firewall_bruteforce_attempts';
SELECT @attempts := `id` FROM `config` WHERE `name` = 'form_firewall_attempts';
SELECT @active := `id` FROM `config` WHERE `name` = 'from_firewall_active';
INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
(@time, 'en_US', '[Firewall] Time to wait between X attempts', NULL, NULL, NULL),
(@time, 'fr_FR', '[Pare-feu] Temps à attendre entre X essais', NULL, NULL, NULL)
;
INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
(@bf_time, 'en_US', '[Firewall/Bruteforce] Time to wait between X attempts', NULL, NULL, NULL),
(@bf_time, 'fr_FR', '[Pare-feu/Bruteforce] Temps à attendre entre X essais', NULL, NULL, NULL)
;
INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
(@attempts, 'en_US', '[Firewall] Number of allowed attemps', NULL, NULL, NULL),
(@attempts, 'fr_FR', '[Pare-feu] Nombre de tentatives autorisées', NULL, NULL, NULL)
;
INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
(@bf_attempts, 'en_US', '[Firewall/Bruteforce] Number of allowed attemps', NULL, NULL, NULL),
(@bf_attempts, 'fr_FR', '[Pare-feu/Bruteforce] Nombre de tentatives autorisées', NULL, NULL, NULL)
;
INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
(@active, 'en_US', '[Firewall] Activate the firewall', NULL, NULL, NULL),
(@active, 'fr_FR', '[Pare-feu] Activer le pare-feu', NULL, NULL, NULL)
;

19
setup/thelia.sql
View File

@@ -1842,6 +1842,25 @@ CREATE TABLE `brand_image`
ON DELETE CASCADE
) ENGINE=InnoDB;
-- ---------------------------------------------------------------------
-- form_firewall
-- ---------------------------------------------------------------------
DROP TABLE IF EXISTS `form_firewall`;
CREATE TABLE `form_firewall`
(
`id` INTEGER NOT NULL AUTO_INCREMENT,
`form_name` VARCHAR(255) NOT NULL,
`ip_address` VARCHAR(15) NOT NULL,
`attempts` TINYINT DEFAULT 1,
`created_at` DATETIME,
`updated_at` DATETIME,
PRIMARY KEY (`id`),
INDEX `idx_form_firewall_form_name` (`form_name`),
INDEX `idx_form_firewall_ip_address` (`ip_address`)
) ENGINE=InnoDB;
-- ---------------------------------------------------------------------
-- category_i18n
-- ---------------------------------------------------------------------

61
setup/update/2.0.3.sql
View File

@@ -264,6 +264,67 @@ SELECT @max := MAX(`id`) FROM `config`;
INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
(@max, 'en_US', 'Whitespace trim level of the generated HTML code (0 = none, 1 = medium, 2 = maximum)', NULL, NULL, NULL);
-- ---------------------------------------------------------------------
-- form_firewall
-- ---------------------------------------------------------------------
DROP TABLE IF EXISTS `form_firewall`;
CREATE TABLE `form_firewall`
(
`id` INTEGER NOT NULL AUTO_INCREMENT,
`form_name` VARCHAR(255) NOT NULL,
`ip_address` VARCHAR(15) NOT NULL,
`attempts` TINYINT DEFAULT 1,
`created_at` DATETIME,
`updated_at` DATETIME,
PRIMARY KEY (`id`),
INDEX `idx_form_firewall_form_name` (`form_name`),
INDEX `idx_form_firewall_ip_address` (`ip_address`)
) ENGINE=InnoDB;
INSERT INTO `config`(`name`, `value`, `secured`, `hidden`, `created_at`, `updated_at`) VALUES
('form_firewall_bruteforce_time_to_wait', '10', 0, 0, NOW(), NOW()),
('form_firewall_time_to_wait', '60', 0, 0, NOW(), NOW()),
('form_firewall_bruteforce_attempts', '10', 0, 0, NOW(), NOW()),
('form_firewall_attempts', '6', 0, 0, NOW(), NOW()),
('from_firewall_active', '1', 0, 0, NOW(), NOW())
;
SELECT @bf_time := `id` FROM `config` WHERE `name` = 'form_firewall_bruteforce_time_to_wait';
SELECT @time := `id` FROM `config` WHERE `name` = 'form_firewall_time_to_wait';
SELECT @bf_attempts := `id` FROM `config` WHERE `name` = 'form_firewall_bruteforce_attempts';
SELECT @attempts := `id` FROM `config` WHERE `name` = 'form_firewall_attempts';
SELECT @active := `id` FROM `config` WHERE `name` = 'from_firewall_active';
INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
(@time, 'en_US', '[Firewall] Time to wait between X attempts', NULL, NULL, NULL),
(@time, 'fr_FR', '[Pare-feu] Temps à attendre entre X essais', NULL, NULL, NULL)
;
INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
(@bf_time, 'en_US', '[Firewall/Bruteforce] Time to wait between X attempts', NULL, NULL, NULL),
(@bf_time, 'fr_FR', '[Pare-feu/Bruteforce] Temps à attendre entre X essais', NULL, NULL, NULL)
;
INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
(@attempts, 'en_US', '[Firewall] Number of allowed attemps', NULL, NULL, NULL),
(@attempts, 'fr_FR', '[Pare-feu] Nombre de tentatives autorisées', NULL, NULL, NULL)
;
INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
(@bf_attempts, 'en_US', '[Firewall/Bruteforce] Number of allowed attemps', NULL, NULL, NULL),
(@bf_attempts, 'fr_FR', '[Pare-feu/Bruteforce] Nombre de tentatives autorisées', NULL, NULL, NULL)
;
INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
(@active, 'en_US', '[Firewall] Activate the firewall', NULL, NULL, NULL),
(@active, 'fr_FR', '[Pare-feu] Activer le pare-feu', NULL, NULL, NULL)
;
# Done !
# ------
SET FOREIGN_KEY_CHECKS = 1;