compromised validate

lib/yform/validate/compromised.php

@@ -0,0 +1,63 @@
+<?php
+
+class rex_yform_compromised extends \rex_yform_validate_abstract
+{
+    public function enterObject()
+    {
+
+        $Object = $this->getValueObject($this->getElement('name'));
+
+        if (!$this->isObject($Object)) {
+            return;
+        }
+
+        if ('' == $Object->getValue()) {
+            return;
+        }
+
+        $partitalSHA256 = substr(hash('sha256', $Object->getValue()), 0, 10);
+
+        $url = 'https://api.enzoic.com/v1/passwords';
+        $rex_socket = rex_socket::factoryUrl($url);
+        $rex_socket->addBasicAuthorization(rex_config::get('yform_field', 'compromised_api_key'), rex_config::get('yform_field', 'compromised_api_secret'));
+        $rex_socket_response = $rex_socket->doPost(['partialSHA256' => $partitalSHA256]);
+
+        if (!$rex_socket_response->isOk()) {
+
+            $body = $rex_socket_response->getBody();
+            $candidates = json_decode($body, true);
+            if(!$candidates) {
+                return;
+            }
+
+            if (isset($candidates['candidates'])) {
+                foreach ($candidates['candidates'] as $candidate) {
+                    if ($candidate['sha256'] == hash('sha256', $Object->getValue())) {
+                        $Object->setValue('');
+                        $this->params['warning'][$Object->getId()] = $this->params['error_class'];
+                        $this->params['warning_messages'][$Object->getId()] = $this->getElement('message');
+                        return;
+                    }
+                }
+            }
+        }
+    }
+
+    public function getDescription(): string
+    {
+        return 'validate|password_compromised|passwordfieldname|warning_message';
+    }
+
+    public function getDefinitions(): array
+    {
+        return [
+            'type' => 'validate',
+            'name' => 'password_compromised',
+            'values' => [
+                'name' => ['type' => 'select_name', 'label' => rex_i18n::msg('yform_validate_password_compromised_name')],
+                'message' => ['type' => 'text',        'label' => rex_i18n::msg('yform_validate_password_compromised_message')],
+            ],
+            'description' => rex_i18n::msg('yform_validate_password_compromised_description'),
+        ];
+    }
+}

pages/yform.yform_field.settings.php

@@ -0,0 +1,42 @@
+<?php
+
+
+echo rex_view::title(rex_i18n::msg('yform_field_settings'));
+
+$addon = rex_addon::get('yform_field');
+
+$form = rex_config_form::factory($addon->getName());
+
+$field = $form->addTextField('enzoic_api_key');
+$field->setLabel('enzoic API-Schlüssel');
+$field->setNotice('für die <a href="https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/passwords-api" target="_blank">Enzoic Passwords API</a>');
+
+$field = $form->addTextField('enzoic_api_key');
+$field->setLabel('enzoic API-Secret');
+$field->setNotice('für die <a href="https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/passwords-api" target="_blank">Enzoic Passwords API</a>');
+
+$fragment = new rex_fragment();
+$fragment->setVar('class', 'edit', false);
+$fragment->setVar('title', $addon->i18n('stellenangebote_config'), false);
+$fragment->setVar('body', $form->get(), false);
+
+
+?>
+
+<div class="row">
+	<div class="col-lg-8">
+		<?= $fragment->parse('core/page/section.php') ?>
+	</div>
+	<div class="col-lg-4">
+		<?php
+
+$anchor = '<a target="_blank" href="https://donate.alexplus.de/?addon=yform_field"><img src="' . rex_url::addonAssets('yform_field', 'jetzt-spenden.svg') . '" style="width: 100% max-width: 400px;"></a>';
+
+$fragment = new rex_fragment();
+$fragment->setVar('class', 'info', false);
+$fragment->setVar('title', $this->i18n('yform_field_donate'), false);
+$fragment->setVar('body', '<p>' . $this->i18n('yform_field_info_donate') . '</p>' . $anchor, false);
+echo !rex_config::get('alexplusde', 'donated') ? $fragment->parse('core/page/section.php') : '';
+?>
+	</div>
+</div>