Skip to content

Commit

Permalink
[zendframework#3585] CS/logic cleanup
Browse files Browse the repository at this point in the history
- Re-work conditionals to reduce nesting
- Minor whitespace changes
  • Loading branch information
weierophinney committed Jan 29, 2013
1 parent 1a068b0 commit 60799ae
Showing 1 changed file with 26 additions and 16 deletions.
42 changes: 26 additions & 16 deletions library/Zend/Authentication/Adapter/Http/ApacheResolver.php
Original file line number Diff line number Diff line change
Expand Up @@ -101,20 +101,27 @@ public function resolve($username, $realm, $password = null)
{
if (empty($username)) {
throw new Exception\InvalidArgumentException('Username is required');
} elseif (!ctype_print($username) || strpos($username, ':') !== false) {
throw new Exception\InvalidArgumentException('Username must consist only of printable characters, '
. 'excluding the colon');
}

if (!ctype_print($username) || strpos($username, ':') !== false) {
throw new Exception\InvalidArgumentException(
'Username must consist only of printable characters, excluding the colon'
);
}

if (!empty($realm) && (!ctype_print($realm) || strpos($realm, ':') !== false)) {
throw new Exception\InvalidArgumentException('Realm must consist only of printable characters, '
. 'excluding the colon.');
throw new Exception\InvalidArgumentException(
'Realm must consist only of printable characters, excluding the colon'
);
}

if (empty($password)) {
throw new Exception\InvalidArgumentException('Password is required');
}

// Open file, read through looking for matching credentials
ErrorHandler::start(E_WARNING);
$fp = fopen($this->file, 'r');
$fp = fopen($this->file, 'r');
$error = ErrorHandler::stop();
if (!$fp) {
throw new Exception\RuntimeException('Unable to open password file: ' . $this->file, 0, $error);
Expand All @@ -123,17 +130,20 @@ public function resolve($username, $realm, $password = null)
// No real validation is done on the contents of the password file. The
// assumption is that we trust the administrators to keep it secure.
while (($line = fgetcsv($fp, 512, ':')) !== false) {
if ($line[0] == $username) {
if (isset($line[2])) {
if ($line[1] == $realm) {
$matchedHash = $line[2];
break;
}
} else {
$matchedHash = $line[1];
if ($line[0] != $username) {
continue;
}

if (isset($line[2])) {
if ($line[1] == $realm) {
$matchedHash = $line[2];
break;
}
continue;
}

$matchedHash = $line[1];
break;
}
fclose($fp);

Expand All @@ -154,8 +164,8 @@ public function resolve($username, $realm, $password = null)

if ($apache->verify($password, $matchedHash)) {
return new AuthResult(AuthResult::SUCCESS, $username);
} else {
return new AuthResult(AuthResult::FAILURE_CREDENTIAL_INVALID, null, array('Passwords did not match.'));
}

return new AuthResult(AuthResult::FAILURE_CREDENTIAL_INVALID, null, array('Passwords did not match.'));
}
}

0 comments on commit 60799ae

Please sign in to comment.