Add an improved hash form element

Jamie Snape · Jamie Snape · commit 2008a86d12a6 · 2014-11-21T10:42:34.000-05:00
diff --git a/composer.json b/composer.json
@@ -17,6 +17,7 @@
         "ext-json": "*",
         "francodacosta/phmagick": "0.4.*@dev",
         "intervention/image": "~2.0.13",
+        "ircmaxell/random-lib": "1.0.*@dev",
         "leafo/scssphp": "~0.1.1",
         "maennchen/zipstream-php": "~0.2.2",
         "michelf/php-markdown": "~1.4.1",
diff --git a/library/Midas/Form/Element/Hash.php b/library/Midas/Form/Element/Hash.php
@@ -0,0 +1,34 @@
+<?php
+/*=========================================================================
+ MIDAS Server
+ Copyright (c) Kitware SAS. 26 rue Louis Guérin. 69100 Villeurbanne, FRANCE
+ All rights reserved.
+ More information http://www.kitware.com
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+         http://www.apache.org/licenses/LICENSE-2.0.txt
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+=========================================================================*/
+
+/** Extend Zend Form Element Hash to generate a more random hash. */
+class Midas_Form_Element_Hash extends Zend_Form_Element_Hash
+{
+    /** Generate a CSRF token. */
+    protected function _generateHash()
+    {
+        $factory = new \RandomLib\Factory;
+        $generator = $factory->getMediumStrengthGenerator();
+        $random1 = $generator->generateString(32);
+        $random2 = $generator->generateString(32);
+        $this->_hash = hash('sha256', $random1.$this->getSalt().$this->getName().$random2);
+        $this->setValue($this->_hash);
+    }
+}
