RWDE::CCR
Base object to add methods for CCR verification
get_ccrcontext()
Return back the class declared ccrcontext if it exists, otherwise generate one from the class name.
We use a pretty general hashing scheme here, it's suggested that this be replaced.
ccrcontext is ultimately used to generate web-safe ids that can't easily be guessed by web robots (or jerks) - although depending on your hashing scheme you could make this pretty strong, but that has the cost of tying up the webserver if you frequently end up using these ids in the application.
fetch_by_id()
This method is a macro for fetching a single record from the database using either id.enc or ccr. This could manually be done using more complicated methods found within the items class, which is probably what you want to do if you are trying to do anything fancy.
append_ccr($integer[,$context])
Append the check-character to the integer and return the result. Verify by calling the verify_ccr() method. Zero-pads the integer to a five character minimum length string.
The $context
parameter acts as a salt to change the code based on context such as owner ID, user ID, etc.
verify_ccr($string[,$context])
Compares the check-character (last character) of $string
to a new one computed against the remaining digits. Returns $string without CCR if they match or undef if not. $string
should be of the form \d+[A-Z]
and $context
is as above.
_compute_ccr($string[,$context])
Internal routine to do the math to compute the Character Checksum characteR (ccr) code for a string.
Basically multiplies the ordinal value of each character of the string by an exponential weight based on its position in the string, and keeps the sum of these modulo 26. Returns the letter corresponding to that value.
The intent of this encoding as opposed to the encode() methods above is to provide a check to prevent typos and quick hack attempts on simple email messages involving the user/owner ID values.
The $context parameter acts as a salt to change the code based on context such as owner ID, user ID, etc.
compute_security_code($string)
Method to do the math to compute the MD5 checksum for a string, and return the last 8 characters to use as a "security" code for verifying some data.
The $context parameter acts as a salt to change the code based on context such as owner ID, user ID, etc.
ccr_to_id($string)
Convert the string to an id number. Returns undef on failure.
get_ccr()
Returns the encoded value of the derived objects id
encode($string)
Returns the value with CCR appended and a hash both based on $ccrcontext appended to that. Useful for passing information from form to form via hidden fields that need to be secured from tampering. The string may not contain a dash (-) or comma character.
This produces a shorter encoded result without funny characters in it that may cause the longer form to break, so is useful for creating links that people may need to cut-and-paste.
get_enc()
Returns the encoded value of the derived objects id
decode($encodedString)
Return the value decoded from the return value of the encode method. Throws 'undef' exception if fails.
get_ccr_name()
Determine the exact label used within the object for storing the ccr value. By convention it's a variation on the class id label.
get_enc_name()
Determine the exact label used within the object for storing the enc value. By convention it's a variation on the class id label.
compute_md5_rand($string)
Method to do the math to evenly distribute a non-uniformly distributed string input for use as in cases where we want to randomly select based on a non-random input (ip address for example).