libs

TODOS

@@ -1,7 +1,10 @@
-CODE KEY
-- 
-
 CAPTCHA
 - write test cases
 - confirm security (is it really preventing all kinds of hacking attempts - or least slowing them down?)
-- add more captcha types (image, sentence, ...) and processing types (session, db, ...)
+- add more captcha types (image, sentence, ...) and processing types (session, db, ...)
+
+CONTACT
+- write test cases
+
+CODE KEY
+- 

libs/chmod_lib.php

@@ -0,0 +1,123 @@
+<?php
+
+/**
+ * PHP5
+ * u=user, g=group, o=other
+ * 2010-06-21 ms
+ */
+class ChmodLib {
+
+  //private $dir;
+  private $modes = array('user' => 0 , 'group' => 0 , 'other' => 0);
+
+
+/*** calc octal ***/
+
+   	/**
+	 * from Octal 0xxx back to STRING with leading zero added on leading zero = true
+	 * e.g. 0777 => 0777, '755' => 0755
+	 * @access static Chmod::convertFromOctal(mode, leadingZero)
+	 * 2009-07-26 ms
+	 */
+	public function convertFromOctal($mode, $leadingZero = false) {
+		$res = (String)substr(sprintf('%o', $mode), -4);
+		if ($leadingZero===true) {
+			$res = '0'.$res;
+		}
+		return $res;
+	}
+
+	/**
+	 * from INT or STRING with or without leading 0 -> Octal 0xxx
+	 * @access static Chmod::converttoOctal(mode)
+	 * 2009-07-26 ms
+	 */
+	public function convertToOctal($mode) {
+		return intval((string)$mode, 8);
+	}
+
+
+/*** set/get modes ***/
+
+  public function setUser($read, $write, $execute) {
+      $this->modes['user'] = $this->setMode($read,$write,$execute);
+  }
+
+  public function setGroup($read, $write, $execute) {
+      $this->modes['group'] = $this->setMode($read,$write,$execute);
+  }
+
+  public function setOther($read, $write, $execute) {
+      $this->modes['other'] = $this->setMode($read,$write,$execute);
+  }
+
+	/**
+	 * get mode as octal value or
+	 * @param options
+	 * - string: string/int/symbolic
+	 * 2010-06-21 ms
+	 */
+  public function getMode($options = array()) {
+  	$mode = (string)($this->modes['user'] . $this->modes['group'] . $this->modes['other']);
+  	if (!empty($options['type'])) {
+			if ($options['type'] == 'string') {
+				return $mode;
+			} elseif ($options['type'] == 'int') {
+				return (int)$mode;
+			} elseif ($options['type'] == 'symbolic') {
+				$mode = $this->symbol($this->modes['user']).$this->symbol($this->modes['group']).$this->symbol($this->modes['other']);
+				return $mode;
+			}
+  	}
+		return intval($mode, 8);
+  }
+
+
+	/**
+	 * full table with all rights
+	 * //TODO
+	 * 2010-06-21 ms
+	 */
+	function table() {
+		$res = array();
+
+
+		return $res;
+	}
+
+	/**
+	 * get symbol for
+	 * read(4) = 'r', write(2) = 'w', execute(1) = 'x'
+	 * e.g: 4 for = r--
+	 * 2010-06-21 ms
+	 */
+	private function symbol($mode) {
+		$res = '---';
+		if ($mode == 7) {
+			$res = 'rwx';
+		} elseif ($mode == 6) {
+			$res = 'rw-';
+		} elseif ($mode == 5) {
+			$res = 'r-x';
+		} elseif ($mode == 4) {
+			$res = 'r--';
+		} elseif ($mode == 3) {
+			$res = '-wx';
+		} elseif ($mode == 2) {
+			$res = '-w-';
+		} elseif ($mode == 1) {
+			$res = '--x';
+		}
+		return $res;
+	}
+
+  private function setMode($r, $w, $e) {
+    $mode = 0;
+    if($r) $mode+=4;
+    if($w) $mode+=2;
+    if($e) $mode+=1;
+    return $mode;
+  }
+
+}
+?>

libs/security_lib.php

@@ -0,0 +1,58 @@
+<?php
+
+define('HACKERS_ORG_XML', 'http://ha.ckers.org/xssAttacks.xml');
+
+/**
+ * used in configurations controller + debug helper
+ */
+class SecurityLib {
+
+
+	/**
+	 * get dangerous strings to test with
+	 *
+	 * @return array
+	 * @static
+	 **/
+	function xssStrings($cache = true) {
+		if ($cache) {
+			$texts = Cache::read('security_lib_texts');
+		}
+		if (empty($texts)) {
+			$texts = array();
+			$contents =  $this->parse(HACKERS_ORG_XML);
+			foreach ($contents as $content) {
+				$texts[] = $content['code'];
+			}
+			if (empty($texts)) {
+				trigger_error('ha.ckers.org FAILED - XML not available', E_WARNING);
+				return array();
+			}
+			if ($cache) {
+				Cache::write('security_lib_texts', $texts);
+			}
+
+		}
+		return $texts;
+	}
+
+	/**
+	 * parse xml
+	 * 2010-02-07 ms
+	 */
+	function parse($file) {
+		App::import('Core', 'Xml');
+
+		$xml = new Xml($file);
+		$res = $xml->toArray();
+
+		if (!empty($res['Xss']['Attack'])) {
+			return (array)$res['Xss']['Attack'];
+		}
+
+		return array();
+	}
+
+}
+
+?>

tests/cases/libs/chmod_lib.test.php

@@ -0,0 +1,76 @@
+<?php
+
+App::import('Lib', 'Tools.ChmodLib');
+
+/**
+ * testing
+ * 2009-07-15 ms
+ */
+class ChmodLibCase extends CakeTestCase {
+	var $Chmod = null;
+
+	function startTest() {
+		$this->Chmod = new ChmodLib();
+
+	}
+
+/** Start **/
+
+	function testConvertFromOctal() {
+
+		$is = $this->Chmod->convertFromOctal(0777);
+		$expected = '777';
+		$this->assertEqual($expected, $is);
+
+		$is = $this->Chmod->convertFromOctal(0777, true);
+		$expected = '0777';
+		$this->assertEqual($expected, $is);
+
+	}
+
+
+	function testConvertToOctal() {
+
+		$is = $this->Chmod->convertToOctal(777);
+		$expected = 0777;
+		$this->assertEqual($expected, $is);
+
+		$is = $this->Chmod->convertToOctal('777');
+		$expected = 0777;
+		$this->assertEqual($expected, $is);
+
+		$is = $this->Chmod->convertToOctal('0777');
+		$expected = 0777;
+		$this->assertEqual($expected, $is);
+	}
+
+
+
+	function testChmod() {
+		$this->Chmod->setUser(true, true, true);
+		$this->Chmod->setGroup(true, true, true);
+		$this->Chmod->setOther(true, true, true);
+
+		$is = $this->Chmod->getMode();
+		$expected = 0777;
+		$this->assertEqual($expected, $is);
+
+		$is = $this->Chmod->getMode(array('type'=>'string'));
+		$expected = '777';
+		$this->assertEqual($expected, $is);
+
+		$is = $this->Chmod->getMode(array('type'=>'int'));
+		$expected = 777;
+		$this->assertEqual($expected, $is);
+
+		$is = $this->Chmod->getMode(array('type'=>'symbolic'));
+		$expected = 'rwxrwxrwx';
+		$this->assertEqual($expected, $is);
+	}
+
+
+
+/** End **/
+
+}
+?>