Next pass at bootstrap conversion

Author: carlbennett

src/controllers/User/CreatePassword.php

@@ -1,46 +1,30 @@
 <?php
-
 namespace BNETDocs\Controllers\User;
 
 use \BNETDocs\Libraries\User;
 use \BNETDocs\Models\User\CreatePassword as UserCreatePasswordModel;
-
 use \CarlBennett\MVC\Libraries\Common;
 use \CarlBennett\MVC\Libraries\Controller;
 use \CarlBennett\MVC\Libraries\Router;
 use \CarlBennett\MVC\Libraries\View;
 
-class CreatePassword extends Controller {
-  public function &run(Router &$router, View &$view, array &$args) {
+class CreatePassword extends Controller
+{
+  public function &run(Router &$router, View &$view, array &$args)
+  {
     $model = new UserCreatePasswordModel();
-
     $data = $router->getRequestBodyArray();
 
     $model->input = (
       isset($data['input']) ? $data['input'] : null
     );
+
     $model->output = (
-      !is_null($model->input) ? self::transform($model->input) : null
+      !is_null($model->input) ? User::createPassword($model->input) : null
     );
 
     $view->render($model);
     $model->_responseCode = 200;
     return $model;
   }
-
-  private static function transform($input) {
-    $hash = null;
-    $salt = null;
-
-    $pepper = Common::$config->bnetdocs->user_password_pepper;
-
-    $gmp  = gmp_init(time());
-    $gmp  = gmp_mul($gmp, mt_rand());
-    $gmp  = gmp_mul($gmp, gmp_random_bits(64));
-    $salt = strtoupper(gmp_strval($gmp, 36));
-
-    $hash = strtoupper(hash('sha256', $input.$salt.$pepper));
-
-    return [ $hash, $salt ];
-  }
 }

src/templates/User/CreatePassword.phtml

@@ -1,56 +1,39 @@
-<?php
-
+<?php /* vim: set colorcolumn= expandtab shiftwidth=2 softtabstop=2 tabstop=4 smarttab: */
 namespace BNETDocs\Templates\User;
-
+use \CarlBennett\MVC\Libraries\Common;
 use \CarlBennett\MVC\Libraries\Pair;
-
-$title       = "Create Password";
-$description = "This form allows an individual to create a password hash and salt for their account. DEVELOPMENT PURPOSES ONLY";
-$this->opengraph->attach(new Pair("url", "/user/createpassword"));
-
-require("./header.inc.phtml");
-?>
-      <article>
-        <header>Create Password</header>
-        <form method="POST" action="?">
-          <section>
-            <p>This form is for creating a password to your user account. It generates values that need to be given to the BNETDocs Staff for facilitating your account's creation or password reset.</p>
-          </section>
-          <section>
-            <label for="input">Password:</label><br/>
-            <input
-              type="password"
-              name="input"
-              id="input"
-              value="<?php echo filter_var($this->getContext()->input, FILTER_SANITIZE_FULL_SPECIAL_CHARS); ?>"
-              tabindex="1"
-              required
-              autofocus="autofocus"
-            />
-          </section>
-          <section>
-            <input
-              type="submit"
-              value="Get Hash &amp; Salt"
-              tabindex="2"
-            />
-          </section>
-        </form>
-<?php if (!empty($this->getContext()->output)) { ?>
-      </article>
-      <article>
-        <header class="green">Secret Data</header>
-        <section class="green">
-          <p>These values with your email address or username must be given to BNETDocs Staff, message them now.</p>
-          <table>
-            <thead></thead>
-            <tbody>
-              <tr><th>Hash:</th><td><code><?php echo filter_var($this->getContext()->output[0], FILTER_SANITIZE_FULL_SPECIAL_CHARS); ?></code></td></tr>
-              <tr><th>Salt:</th><td><code><?php echo filter_var($this->getContext()->output[1], FILTER_SANITIZE_FULL_SPECIAL_CHARS); ?></code></td></tr>
-            </tbody>
-          </table>
-          <p>Please allow BNETDocs Staff a few moments to put these values into your account.</p>
-        </section>
-<?php } ?>
-      </article>
-<?php require("./footer.inc.phtml"); ?>
+$title = 'Create Password';
+$description = 'This page creates a password suitable for a user account.';
+$this->opengraph->attach(new Pair('url', '/user/createpassword'));
+$output = $this->getContext()->output;
+require('./header.inc.phtml'); ?>
+<div class="container">
+  <h1><?=$title?></h1>
+  <p><?=$description?></p>
+  <div class="alert alert-info"><p class="mb-0">Our <a href="<?=Common::relativeUrlToAbsolute('/privacy')?>">privacy notice</a> page clarifies your data rights. You agree to giving (or not giving) the info contained herein on this page.</p></div>
+  <div class="alert alert-warning"><p class="mb-0"><strong>Warning:</strong> This page is to be used with permission by site staff only. Use without permission is <strong>prohibited</strong> and may result in this page being shutdown in the future.</p></div>
+  <form method="POST" action="?">
+    <div class="form-group">
+      <label class="font-weight-bold" for="input">Password:</label><br/>
+      <input class="bg-dark border border-primary form-control text-light" type="password" name="input" id="input" placeholder="Enter the password here" value="<?=filter_var($this->getContext()->input, FILTER_SANITIZE_FULL_SPECIAL_CHARS)?>" tabindex="1" required autocomplete="new-password" autofocus="autofocus"/>
+    </div>
+    <div class="form-group">
+      <input class="btn btn-success" type="submit" value="Submit" tabindex="2"/>
+    </div>
+  </form>
+<? if (!empty($output)) { ?>
+  <div class="container border border-success p-2 rounded">
+    <h3 class="text-success">Output</h3>
+<? if (is_string($output)) { ?>
+    <pre><code class="language-plaintext"><?=filter_var($output, FILTER_SANITIZE_FULL_SPECIAL_CHARS)?></code></pre>
+<? } else { ?>
+    <ul>
+      <li><strong>Hash:</strong> <code><?=filter_var($output[0], FILTER_SANITIZE_FULL_SPECIAL_CHARS)?></code></li>
+      <li><strong>Salt:</strong> <code><?=filter_var($output[1], FILTER_SANITIZE_FULL_SPECIAL_CHARS)?></code></li>
+    </ul>
+<? } ?>
+    <p class="mb-0">Please copy the output above and send it to the staff member for integration into your user account.</p>
+  </div>
+<? } ?>
+</div>
+<? require('./footer.inc.phtml'); ?>