diff --git a/framework/base/Model.php b/framework/base/Model.php index 7818293..b9b5846 100644 --- a/framework/base/Model.php +++ b/framework/base/Model.php @@ -541,7 +541,7 @@ class Model extends Component implements \IteratorAggregate, \ArrayAccess public function onUnsafeAttribute($name, $value) { if (YII_DEBUG) { - \Yii::info("Failed to set unsafe attribute '$name' in '" . get_class($this) . "'.", __CLASS__); + \Yii::info("Failed to set unsafe attribute '$name' in '" . get_class($this) . "'.", __METHOD__); } } diff --git a/framework/base/Module.php b/framework/base/Module.php index 6b82157..cf751c0 100644 --- a/framework/base/Module.php +++ b/framework/base/Module.php @@ -346,7 +346,7 @@ abstract class Module extends Component if ($this->_modules[$id] instanceof Module) { return $this->_modules[$id]; } elseif ($load) { - Yii::trace("Loading module: $id", __CLASS__); + Yii::trace("Loading module: $id", __METHOD__); return $this->_modules[$id] = Yii::createObject($this->_modules[$id], $id, $this); } } @@ -452,7 +452,7 @@ abstract class Module extends Component if ($this->_components[$id] instanceof Component) { return $this->_components[$id]; } elseif ($load) { - Yii::trace("Loading component: $id", __CLASS__); + Yii::trace("Loading component: $id", __METHOD__); return $this->_components[$id] = Yii::createObject($this->_components[$id]); } } diff --git a/framework/db/Command.php b/framework/db/Command.php index ecd3674..a30aa14 100644 --- a/framework/db/Command.php +++ b/framework/db/Command.php @@ -134,7 +134,7 @@ class Command extends \yii\base\Component try { $this->pdoStatement = $this->db->pdo->prepare($sql); } catch (\Exception $e) { - Yii::error($e->getMessage() . "\nFailed to prepare SQL: $sql", __CLASS__); + Yii::error($e->getMessage() . "\nFailed to prepare SQL: $sql", __METHOD__); $errorInfo = $e instanceof \PDOException ? $e->errorInfo : null; throw new Exception($e->getMessage(), $errorInfo, (int)$e->getCode()); } @@ -266,15 +266,16 @@ class Command extends \yii\base\Component $paramLog = "\nParameters: " . var_export($this->_params, true); } - Yii::trace("Executing SQL: {$sql}{$paramLog}", __CLASS__); + Yii::trace("Executing SQL: {$sql}{$paramLog}", __METHOD__); if ($sql == '') { return 0; } try { + $token = "SQL: $sql"; if ($this->db->enableProfiling) { - Yii::beginProfile(__METHOD__ . "($sql)", __CLASS__); + Yii::beginProfile($token, __METHOD__); } $this->prepare(); @@ -282,16 +283,16 @@ class Command extends \yii\base\Component $n = $this->pdoStatement->rowCount(); if ($this->db->enableProfiling) { - Yii::endProfile(__METHOD__ . "($sql)", __CLASS__); + Yii::endProfile($token, __METHOD__); } return $n; } catch (\Exception $e) { if ($this->db->enableProfiling) { - Yii::endProfile(__METHOD__ . "($sql)", __CLASS__); + Yii::endProfile($token, __METHOD__); } $message = $e->getMessage(); - Yii::error("$message\nFailed to execute SQL: {$sql}{$paramLog}", __CLASS__); + Yii::error("$message\nFailed to execute SQL: {$sql}{$paramLog}", __METHOD__); $errorInfo = $e instanceof \PDOException ? $e->errorInfo : null; throw new Exception($message, $errorInfo, (int)$e->getCode()); @@ -383,7 +384,7 @@ class Command extends \yii\base\Component $paramLog = "\nParameters: " . var_export($this->_params, true); } - Yii::trace("Querying SQL: {$sql}{$paramLog}", __CLASS__); + Yii::trace("Querying SQL: {$sql}{$paramLog}", __METHOD__); /** @var $cache \yii\caching\Cache */ if ($db->enableQueryCache && $method !== '') { @@ -399,14 +400,15 @@ class Command extends \yii\base\Component $paramLog, )); if (($result = $cache->get($cacheKey)) !== false) { - Yii::trace('Query result served from cache', __CLASS__); + Yii::trace('Query result served from cache', __METHOD__); return $result; } } try { + $token = "SQL: $sql"; if ($db->enableProfiling) { - Yii::beginProfile(__METHOD__ . "($sql)", __CLASS__); + Yii::beginProfile($token, __METHOD__); } $this->prepare(); @@ -423,21 +425,21 @@ class Command extends \yii\base\Component } if ($db->enableProfiling) { - Yii::endProfile(__METHOD__ . "($sql)", __CLASS__); + Yii::endProfile($token, __METHOD__); } if (isset($cache, $cacheKey) && $cache instanceof Cache) { $cache->set($cacheKey, $result, $db->queryCacheDuration, $db->queryCacheDependency); - Yii::trace('Saved query result in cache', __CLASS__); + Yii::trace('Saved query result in cache', __METHOD__); } return $result; } catch (\Exception $e) { if ($db->enableProfiling) { - Yii::endProfile(__METHOD__ . "($sql)", __CLASS__); + Yii::endProfile($token, __METHOD__); } $message = $e->getMessage(); - Yii::error("$message\nCommand::$method() failed: {$sql}{$paramLog}", __CLASS__); + Yii::error("$message\nCommand::$method() failed: {$sql}{$paramLog}", __METHOD__); $errorInfo = $e instanceof \PDOException ? $e->errorInfo : null; throw new Exception($message, $errorInfo, (int)$e->getCode()); } diff --git a/framework/db/Connection.php b/framework/db/Connection.php index 59e8422..e84970b 100644 --- a/framework/db/Connection.php +++ b/framework/db/Connection.php @@ -324,12 +324,12 @@ class Connection extends Component throw new InvalidConfigException('Connection::dsn cannot be empty.'); } try { - \Yii::trace('Opening DB connection: ' . $this->dsn, __CLASS__); + \Yii::trace('Opening DB connection: ' . $this->dsn, __METHOD__); $this->pdo = $this->createPdoInstance(); $this->initConnection(); } catch (\PDOException $e) { - \Yii::error("Failed to open DB connection ({$this->dsn}): " . $e->getMessage(), __CLASS__); + \Yii::error("Failed to open DB connection ({$this->dsn}): " . $e->getMessage(), __METHOD__); $message = YII_DEBUG ? 'Failed to open DB connection: ' . $e->getMessage() : 'Failed to open DB connection.'; throw new Exception($message, $e->errorInfo, (int)$e->getCode()); } @@ -343,7 +343,7 @@ class Connection extends Component public function close() { if ($this->pdo !== null) { - \Yii::trace('Closing DB connection: ' . $this->dsn, __CLASS__); + \Yii::trace('Closing DB connection: ' . $this->dsn, __METHOD__); $this->pdo = null; $this->_schema = null; $this->_transaction = null; diff --git a/framework/db/Transaction.php b/framework/db/Transaction.php index 177d2cb..d66c38e 100644 --- a/framework/db/Transaction.php +++ b/framework/db/Transaction.php @@ -66,7 +66,7 @@ class Transaction extends \yii\base\Object if ($this->db === null) { throw new InvalidConfigException('Transaction::db must be set.'); } - \Yii::trace('Starting transaction', __CLASS__); + \Yii::trace('Starting transaction', __METHOD__); $this->db->open(); $this->db->pdo->beginTransaction(); $this->_active = true; @@ -80,7 +80,7 @@ class Transaction extends \yii\base\Object public function commit() { if ($this->_active && $this->db && $this->db->isActive) { - \Yii::trace('Committing transaction', __CLASS__); + \Yii::trace('Committing transaction', __METHOD__); $this->db->pdo->commit(); $this->_active = false; } else { @@ -95,7 +95,7 @@ class Transaction extends \yii\base\Object public function rollback() { if ($this->_active && $this->db && $this->db->isActive) { - \Yii::trace('Rolling back transaction', __CLASS__); + \Yii::trace('Rolling back transaction', __METHOD__); $this->db->pdo->rollBack(); $this->_active = false; } else { diff --git a/framework/i18n/PhpMessageSource.php b/framework/i18n/PhpMessageSource.php index 6b12353..1ada44a 100644 --- a/framework/i18n/PhpMessageSource.php +++ b/framework/i18n/PhpMessageSource.php @@ -72,7 +72,7 @@ class PhpMessageSource extends MessageSource } return $messages; } else { - Yii::error("The message file for category '$category' does not exist: $messageFile", __CLASS__); + Yii::error("The message file for category '$category' does not exist: $messageFile", __METHOD__); return array(); } } diff --git a/framework/web/Identity.php b/framework/web/Identity.php index 4668337..805d3d4 100644 --- a/framework/web/Identity.php +++ b/framework/web/Identity.php @@ -16,15 +16,14 @@ interface Identity { /** * Returns an ID that can uniquely identify a user identity. - * The returned ID can be a string, an integer, or any serializable data. - * @return mixed an ID that uniquely identifies a user identity. + * @return string|integer an ID that uniquely identifies a user identity. */ public function getId(); /** * Returns a key that can be used to check the validity of a given identity ID. * The space of such keys should be big and random enough to defeat potential identity attacks. * The returned key can be a string, an integer, or any serializable data. - * @return mixed a key that is used to check the validity of a given identity ID. + * @return string a key that is used to check the validity of a given identity ID. * @see validateAuthKey() */ public function getAuthKey(); @@ -37,7 +36,7 @@ interface Identity public function validateAuthKey($authKey); /** * Finds an identity by the given ID. - * @param mixed $id the ID to be looked for + * @param string|integer $id the ID to be looked for * @return Identity the identity object that matches the given ID. * Null should be returned if such an identity cannot be found. */ diff --git a/framework/web/Session.php b/framework/web/Session.php index c289db2..3e0f599 100644 --- a/framework/web/Session.php +++ b/framework/web/Session.php @@ -117,7 +117,7 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co $this->_opened = false; $error = error_get_last(); $message = isset($error['message']) ? $error['message'] : 'Failed to start session.'; - Yii::error($message, __CLASS__); + Yii::error($message, __METHOD__); } else { $this->_opened = true; $this->updateFlashCounters(); diff --git a/framework/web/User.php b/framework/web/User.php index 2326a10..74b5f18 100644 --- a/framework/web/User.php +++ b/framework/web/User.php @@ -90,6 +90,9 @@ class User extends Component { parent::init(); + if ($this->identityClass === null) { + throw new InvalidConfigException('User::identityClass must be set.'); + } if ($this->enableAutoLogin && !isset($this->identityCookie['name'])) { throw new InvalidConfigException('User::identityCookie must contain the "name" element.'); } @@ -179,7 +182,13 @@ class User extends Component /** @var $class Identity */ $class = $this->identityClass; $identity = $class::findIdentity($id); - if ($identity !== null && $identity->validateAuthKey($authKey) && $this->beforeLogin($identity, true)) { + if ($identity === null || !$identity->validateAuthKey($authKey)) { + if ($identity !== null) { + Yii::warning("Invalid auth key attempted for user '$id': $authKey", __METHOD__); + } + return; + } + if ($this->beforeLogin($identity, true)) { $this->switchIdentity($identity); if ($this->autoRenewCookie) { $this->saveIdentityCookie($identity, $duration);