44 lines
1.2 KiB
PHP
44 lines
1.2 KiB
PHP
<?php
|
|
|
|
namespace MailPoet\Subscribers;
|
|
|
|
use MailPoet\Models\Subscriber;
|
|
|
|
class LinkTokens {
|
|
const OBSOLETE_LINK_TOKEN_LENGTH = 6;
|
|
const LINK_TOKEN_LENGTH = 32;
|
|
|
|
function getToken(Subscriber $subscriber) {
|
|
if ($subscriber->link_token === null) {
|
|
$subscriber->link_token = $this->generateToken($subscriber->email);
|
|
// `$subscriber->save()` fails if the subscriber has subscriptions, segments or custom fields
|
|
\ORM::rawExecute(sprintf('UPDATE %s SET link_token = ? WHERE email = ?', Subscriber::$_table), [$subscriber->link_token, $subscriber->email]);
|
|
}
|
|
return $subscriber->link_token;
|
|
}
|
|
|
|
function verifyToken(Subscriber $subscriber, $token) {
|
|
$database_token = $subscriber->getLinkToken();
|
|
$request_token = substr($token, 0, strlen($database_token));
|
|
return call_user_func(
|
|
'hash_equals',
|
|
$database_token,
|
|
$request_token
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Only for backward compatibility for old tokens
|
|
*/
|
|
private function generateToken($email = null, $length = self::OBSOLETE_LINK_TOKEN_LENGTH) {
|
|
if ($email !== null) {
|
|
$auth_key = '';
|
|
if (defined('AUTH_KEY')) {
|
|
$auth_key = AUTH_KEY;
|
|
}
|
|
return substr(md5($auth_key . $email), 0, $length);
|
|
}
|
|
return false;
|
|
}
|
|
|
|
} |