function decrypt_aes_cbc($key, $data, $iv = '') { $ksize = mcrypt_get_key_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); $bsize = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB); if ($iv == '') { $iv = str_repeat("", $bsize); } if (strlen($iv) != $bsize) { echo 'Warning: IV must match block-size in length. Defaulting to null bytes.', PHP_EOL; $iv = str_repeat("", $bsize); } if (strlen($key) > $ksize) { die("Error: Maximum key-size for AES-128-CBC is {$ksize}." . PHP_EOL); } $blocks = str_split($data, $bsize); $dec = mcrypt_ecb(MCRYPT_RIJNDAEL_128, $key, $blocks[0], MCRYPT_DECRYPT) ^ $iv; for ($i = 1, $j = count($blocks); $i < $j; $i++) { $dec .= mcrypt_ecb(MCRYPT_RIJNDAEL_128, $key, $blocks[$i], MCRYPT_DECRYPT) ^ $blocks[$i - 1]; } try { return strip_pkcs7($dec); } catch (Exception $e) { die($e->getMessage() . PHP_EOL); } }
public function decrypt($cipher) { if ($this->blockmode == Lms_Crypt::MODE_ECB) { $plain = mcrypt_ecb($this->alghoritm, $this->key, $cipher, MCRYPT_DECRYPT, $this->iv); } if ($this->blockmode == Lms_Crypt::MODE_CBC) { $plain = mcrypt_cbc($this->alghoritm, $this->key, $cipher, MCRYPT_DECRYPT, $this->iv); } return $plain; }
public function broker_user_update() { if (isset($this->request->data['e']) || isset($this->request->data['u'])) { $broker_key = Configure::read('hippo.sso_broker_key'); if ($broker_key) { $this->loadModel('Agents'); $this->loadModel('Suppliers'); $key = substr($broker_key, 0, 5); $DECRYPT_existing_email = ''; $DECRYPT_existing_username = ''; $DECRYPT_email = ''; $DECRYPT_username = ''; if (isset($this->request->data['ee'])) { $DECRYPT_existing_email = mcrypt_ecb(MCRYPT_3DES, $key, base64_decode($this->request->data['ee']), MCRYPT_DECRYPT); $DECRYPT_existing_email = ereg_replace("[[:cntrl:]]", "", $DECRYPT_existing_email); } if (isset($this->request->data['eu'])) { $DECRYPT_existing_username = mcrypt_ecb(MCRYPT_3DES, $key, base64_decode($this->request->data['eu']), MCRYPT_DECRYPT); $DECRYPT_existing_username = ereg_replace("[[:cntrl:]]", "", $DECRYPT_existing_username); } if (isset($this->request->data['e'])) { $DECRYPT_email = mcrypt_ecb(MCRYPT_3DES, $key, base64_decode($this->request->data['e']), MCRYPT_DECRYPT); $DECRYPT_email = ereg_replace("[[:cntrl:]]", "", $DECRYPT_email); } if (isset($this->request->data['u'])) { $DECRYPT_username = mcrypt_ecb(MCRYPT_3DES, $key, base64_decode($this->request->data['u']), MCRYPT_DECRYPT); $DECRYPT_username = ereg_replace("[[:cntrl:]]", "", $DECRYPT_username); } //attempt to find user in suppliers table $user = $this->Suppliers->find('all', ['conditions' => ['username' => $DECRYPT_existing_username, 'email' => $DECRYPT_existing_email], ['accessibleFields' => ['username' => true]]]); $type = 'supplier'; if ($user->count() == 0) { //attempt to find user in suppliers table $user = $this->Agents->find('all', ['conditions' => ['username' => $DECRYPT_existing_username, 'email' => $DECRYPT_existing_email], ['accessibleFields' => ['username' => true]]]); $type = 'agent'; } if ($user->count() > 0) { $user = $user->first(); if (isset($DECRYPT_username)) { $user->username = $DECRYPT_username; } if (isset($DECRYPT_email)) { $user->email = $DECRYPT_email; } if ($type == 'supplier') { $this->Suppliers->save($user); } else { $this->Agents->save($user); } } } } return ''; }
function containerExec($content) { global $DLC_KEY1, $DLC_KEY2; if ($DLC_KEY1 == '' || $DLC_KEY2 == '') { return 'ERROR: You have to set up the variable $DLC_KEY1 and $DLC_KEY2 in the dlc container module.'; } $retval = ''; $TAILLEN = 88; $IV = hex2bin('00000000000000000000000000000000'); $content = preg_replace('/[\\r\\n]+/s', '', $content); $tail = substr($content, strlen($content) - $TAILLEN); $content = substr($content, 0, strlen($content) - strlen($tail)); $content = base64_decode($content); $response = dlcHttpPost($tail); $responseKey = ''; if (preg_match('/<rc>(.*)<.rc>/', $response, $res)) { $responseKey = $res[1]; } if ($responseKey == '' || $responseKey == '2YVhzRFdjR2dDQy9JL25aVXFjQ1RPZ') { return ''; } $responseKeyDeb64 = base64_decode($responseKey); $responseKeyDeb64Decr = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $DLC_KEY1, $responseKeyDeb64, MCRYPT_MODE_ECB, $IV); mcrypt_ecb(MCRYPT_LOKI97, $key, $msg, MCRYPT_ENCRYPT); $newkey = xorcrypt($responseKeyDeb64Decr, $DLC_KEY2); $newdlc = $newkey . $content; for ($dlclen = strlen($content); $dlclen > 0; $dlclen = strlen($content)) { $rest = $dlclen >= 16 ? 16 : $dlclen; $cutold = substr($content, 0, $rest); $cutnew = substr($newdlc, 0, $rest); $content = substr($content, $rest); $newdlc = substr($newdlc, $rest); $cutold = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $newkey, $cutold, MCRYPT_MODE_ECB, $IV); $cutold = xorcrypt($cutold, $cutnew); $xml .= $cutold; } $xml = base64_decode($xml); if (preg_match_all('/<url>([^<]*)<.url>/', $xml, $res)) { foreach ($res[1] as $id => $link) { $link = base64_decode($link); if ($link != 'http://jdownloader.org') { $retval .= $link . "\n"; } } } return $retval; }
function encrypt_aes_cbc($key, $data, $iv = '') { // mcrypt pads with null bytes, but Matasano implies desire for implementation of PKCS#7. $ksize = mcrypt_get_key_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); $bsize = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB); $data = pad_pkcs7($data); if (strlen($iv) != $bsize) { echo 'Warning: IV must match block-size in length. Defaulting to null bytes.', PHP_EOL; $iv = str_repeat("", $bsize); } if (strlen($key) > $ksize) { die("Error: Maximum key-size for AES-128-CBC is {$ksize}." . PHP_EOL); } $blocks = str_split($data, $bsize); $blocks[0] = mcrypt_ecb(MCRYPT_RIJNDAEL_128, $key, $blocks[0] ^ $iv, MCRYPT_ENCRYPT); for ($i = 1, $j = count($blocks), $enc = $blocks[0]; $i < $j; $i++) { $blocks[$i] ^= $blocks[$i - 1]; $blocks[$i] = mcrypt_ecb(MCRYPT_RIJNDAEL_128, $key, $blocks[$i], MCRYPT_ENCRYPT); $enc .= $blocks[$i]; } return $enc; }
function decrypt_data($cipher = MCRYPT_BLOWFISH, $key, $input) { if (function_exists(mcrypt_ecb)) { return mcrypt_ecb($cipher, $key, base64_decode($input), MCRYPT_DECRYPT); } else { return false; } }
function decrypt($strString, $strKey) { $this->Debug("Decrypted Start: " . $strString); if ($strString == "") { return $strString; } $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB), MCRYPT_RAND); $strString = $this->hex2bin($strString); $deString = mcrypt_ecb(MCRYPT_BLOWFISH, $strKey, $strString, MCRYPT_DECRYPT, $iv); $this->Debug("Decrypted: " . $deString); return $deString; }
/** * Decrypt string */ function Decrypt($string) { if (IsModuleInstalled('mcrypt')) { global $config; return mcrypt_ecb(MCRYPT_BLOWFISH, $config['encryption_key'], $string, MCRYPT_DECRYPT); } return $string; }
/** * DESENCRIPTADO DE DATOS CON LLAVE * @param String $cadena TEXTO A DESCIFRAR * @param String $llave_descifrado LLAVE DE DESENCRIPTADO * @return String TEXTO DESENCRIPTADO */ public function desencriptar($cadena, $llave_descifrado) { $decrypted = mcrypt_ecb(MCRYPT_DES, $llave_descifrado, $cadena, MCRYPT_DECRYPT); return $decrypted; }
/** * Decrypt a string using php mcrypt functions * @global SSP_Configure $SSP_Config * @param string $input * @return string */ function SSP_decrypt($input) { $SSP_Config = Configuration::getConfiguration(); if ($SSP_Config->useEncryption) { return mcrypt_ecb(MCRYPT_3DES, $SSP_Config->encryptionString, $input, MCRYPT_DECRYPT); } else { return $input; } }
if ($status < 400) { $xml = xmlstr_to_array(strstr($prop["result"], '<?xml')); $xml = $xml['d:response']; $fname = $xml["d:propstat"]["d:prop"]["d:displayname"]; $type = $xml["d:propstat"]["d:prop"]["d:getcontenttype"]; $get = davGET($url, $thiscloud["username"], mcrypt_ecb(MCRYPT_3DES, MCRYPTKEY, $thiscloud["password"], MCRYPT_DECRYPT)); header("Content-disposition: attachment; filename={$fname}"); header("Content-type: {$type}"); echo $get; exit; } else { apologize("Error {$status} - An unexpected error occurred."); } } else { // If Webdav Folder $prop = davPROP($url, $thiscloud["username"], mcrypt_ecb(MCRYPT_3DES, MCRYPTKEY, $thiscloud["password"], MCRYPT_DECRYPT)); $status = $prop["info"]["http_code"]; if ($status < 400) { if (strpos($prop["result"], '<?xml') !== false) { $xml = xmlstr_to_array(strstr($prop["result"], '<?xml')); $xml = $xml['d:response']; foreach ($xml as $row) { $positions[] = array("folder" => isset($row['d:propstat']['d:prop']['d:isFolder']) ? "t" : "f", "name" => $row['d:propstat']['d:prop']['d:displayname'], "size" => isset($row['d:propstat']['d:prop']['d:getcontentlength']) ? $row['d:propstat']['d:prop']['d:getcontentlength'] : "f", "modified" => strtotime($row['d:propstat']['d:prop']['d:getlastmodified']) + LOCALTIME, "href" => $row['d:href']); } if (!isset($_GET["url"])) { $positions[0]["name"] = "Home"; } render("home.php", array("title" => isset($positions[0]["name"]) ? $positions[0]["name"] : "", "positions" => $positions, "clouds" => $clouds, "thiscloud" => $thiscloud)); } else { apologize("No xml data returned."); }
* Alias to functions: */ echo "*** Testing mcrypt_ecb() : basic functionality ***\n"; $cipher = MCRYPT_TRIPLEDES; $data = "This is the secret message which must be encrypted"; $mode = MCRYPT_DECRYPT; // tripledes uses keys upto 192 bits (24 bytes) $keys = array('12345678', '12345678901234567890', '123456789012345678901234', '12345678901234567890123456'); $data1 = array('0D4ArM3ejyhic9rnCcIW9A==', 'q0wt1YeOjLpnKm5WsrzKEw==', 'zwKEFeqHkhlj+7HZTRA/yA==', 'zwKEFeqHkhlj+7HZTRA/yA=='); // tripledes is a block cipher of 64 bits (8 bytes) $ivs = array('1234', '12345678', '123456789'); $data2 = array('+G7nGcWIxigQcJD+2P14HA==', '+G7nGcWIxigQcJD+2P14HA==', '+G7nGcWIxigQcJD+2P14HA=='); $iv = '12345678'; echo "\n--- testing different key lengths\n"; for ($i = 0; $i < sizeof($keys); $i++) { echo "\nkey length=" . strlen($keys[$i]) . "\n"; special_var_dump(mcrypt_ecb($cipher, $keys[$i], base64_decode($data1[$i]), $mode, $iv)); } $key = '123456789012345678901234'; echo "\n--- testing different iv lengths\n"; for ($i = 0; $i < sizeof($ivs); $i++) { echo "\niv length=" . strlen($ivs[$i]) . "\n"; special_var_dump(mcrypt_ecb($cipher, $key, base64_decode($data2[$i]), $mode, $ivs[$i])); } function special_var_dump($str) { var_dump(bin2hex($str)); } ?> ===DONE===
<TR><TD> <div style='padding:2.0pt 2.0pt 2.0pt 2.0pt'><FONT SIZE="4" COLOR="#8192E0"><B>NewsLetter - <?php echo ucfirst($action); ?> </B></FONT></div> <div align="justify" style='padding:2.0pt 2.0pt 2.0pt 2.0pt'> Receive news about our new products, updates, and special offers !! <BR><BR><BR> <?php // $action = $_GET["action"]; // $encemailid = $_GET["id"]; // Check whether this email has been registered OR Not // If already member .. tell the same .. no action // If not a member send a mail asking confirmation include "mysql.inc"; $decryptedid = @mcrypt_ecb(MCRYPT_3DES, $key, base64_decode($encemailid), MCRYPT_DECRYPT); $link = mysql_connect("{$mysqlhost}", "{$mysqluser}", "{$mysqlpassword}") or die("Could not connect : " . mysql_error()); mysql_select_db("{$mysqldb}") or die("Could not select database"); $result = mysql_query("select emailid from nlregusers where emailid like '%{$decryptedid}%'") or die("Query failed : " . mysql_error()); $num_rows = mysql_num_rows($result); if ($num_rows == 1 && $action == "subscribe") { echo "<BR><BR><BR><FONT COLOR=\"#FF0033\">You are already registered to the newsletter.</FONT><BR><BR><BR>\r\n\t\t\tNote : If you want to unsubscribe from our Newsletter, Please visit our home page<BR>\r\n\t\t\t\t and select the unsubscribe option\r\n\t\t\t<BR><BR><BR><BR><BR><BR>"; } elseif ($num_rows == 0 && $action == "unsubscribe") { echo "<BR><BR><BR><FONT COLOR=\"#FF0033\">You are not subscribed to the newsletter.</FONT><BR><BR><BR>\r\n\t\t\tNote : You can unsubscribe only if you are subscribed to our Newsletter. To subscribe, Please our home page<BR>\r\n\t\t\t\t and select the 'subscribe' option\r\n\t\t\t<BR><BR><BR><BR><BR><BR>"; } elseif ($num_rows == 1 && $action == "unsubscribe") { $result = mysql_query("delete from nlregusers where emailid ='{$decryptedid}'") or die("<FONT COLOR=\"#FF0033\">UnSubscribe failed : " . mysql_error()); echo "<BR><BR><FONT SIZE=+2>You are unsbsribed from our NewsLetter !</FONT>"; } elseif ($num_rows == 0 && $action == "subscribe") { $result = mysql_query("INSERT INTO nlregusers (name, emailid) VALUES ('{$name}', '{$decryptedid}')") or die("<FONT COLOR=\"#FF0033\">Subscribtion failed : " . mysql_error()); echo "<BR><BR><FONT SIZE=+2>You are Subscribed to our NewsLetter !</FONT>"; }
return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT)); } if (is_file('../main.inc.php')) { $dir = '../'; } elseif (is_file('../../../main.inc.php')) { $dir = '../../../'; } else { $dir = '../../'; } require $dir . 'main.inc.php'; // Load $user and permissions require_once DOL_DOCUMENT_ROOT . '/core/lib/admin.lib.php'; // Load traductions files requiredby by page $langs->load("cdav"); //parse Token $arrTmp = explode('+ø+', mcrypt_ecb(MCRYPT_BLOWFISH, CDAV_URI_KEY, base64url_decode(GETPOST('token')), MCRYPT_DECRYPT)); if (!isset($arrTmp[1]) || !in_array(trim($arrTmp[1]), array('nolabel', 'full'))) { echo 'Unauthorized Access !'; exit; } $id = trim($arrTmp[0]); $type = trim($arrTmp[1]); header('Content-type: text/calendar; charset=utf-8'); header('Content-Disposition: attachment; filename=Calendar-' . $id . '-' . $type . '.ics'); //fake user having right on this calendar $user = new stdClass(); $user->rights = new stdClass(); $user->rights->agenda = new stdClass(); $user->rights->agenda->myactions = new stdClass(); $user->rights->agenda->allactions = new stdClass(); $user->rights->societe = new stdClass();
$encrypted = mcrypt_cbc(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $CC, MCRYPT_ENCRYPT, substr($key, 32, 16)); $decrypted = mcrypt_cbc(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $encrypted, MCRYPT_DECRYPT, substr($key, 32, 16)); VERIFY($encrypted !== $decrypted); VS(trim((string) $decrypted), $CC); ////////////////////////////////////////////////////////////////////// $key = "123456789012345678901234567890123456789012345678901234567890"; $CC = "4007000000027"; $encrypted = mcrypt_cfb(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $CC, MCRYPT_ENCRYPT, substr($key, 32, 16)); $decrypted = mcrypt_cfb(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $encrypted, MCRYPT_DECRYPT, substr($key, 32, 16)); VERIFY($encrypted !== $decrypted); VS(trim((string) $decrypted), $CC); ////////////////////////////////////////////////////////////////////// $key = "123456789012345678901234567890123456789012345678901234567890"; $CC = "4007000000027"; $encrypted = mcrypt_ecb(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $CC, MCRYPT_ENCRYPT, substr($key, 32, 16)); $decrypted = mcrypt_ecb(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $encrypted, MCRYPT_DECRYPT, substr($key, 32, 16)); VERIFY($encrypted !== $decrypted); VS(trim((string) $decrypted), $CC); ////////////////////////////////////////////////////////////////////// $key = "123456789012345678901234567890123456789012345678901234567890"; $CC = "4007000000027"; $encrypted = mcrypt_ofb(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $CC, MCRYPT_ENCRYPT, substr($key, 32, 16)); $decrypted = mcrypt_ofb(MCRYPT_RIJNDAEL_128, substr($key, 0, 32), $encrypted, MCRYPT_DECRYPT, substr($key, 32, 16)); VERIFY($encrypted !== $decrypted); VS($decrypted, $CC); ////////////////////////////////////////////////////////////////////// VS(mcrypt_get_block_size("tripledes", "ecb"), 8); VS(mcrypt_get_cipher_name(MCRYPT_TRIPLEDES), "3DES"); VS(mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB), 16); VS(mcrypt_get_iv_size("des", "ecb"), 8); VS(mcrypt_get_key_size("tripledes", "ecb"), 24);
<html> <head> <title>PHP Encryption test</title> </head> <body> <?php $key = 'My key'; $iv = 'abcdefghijklmnop'; $data = 'My data'; $encryptedecb = mcrypt_ecb(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_ENCRYPT, $iv); $encryptedcbc = mcrypt_cbc(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_ENCRYPT, $iv); echo '<p>Key: ' . $key; echo '<p>IV: ' . $iv; echo '<hr>'; echo '<p>Data: ' . $data; echo '<p>ECB encrypted: ' . base64_encode($encryptedecb); echo '<p>CBC encrypted: ' . base64_encode($encryptedcbc); $data = 'A longer piece of data'; $encryptedecb = mcrypt_ecb(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_ENCRYPT, $iv); $encryptedcbc = mcrypt_cbc(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_ENCRYPT, $iv); echo '<hr>'; echo '<p>Data: ' . $data; echo '<p>ECB encrypted: ' . base64_encode($encryptedecb); echo '<p>CBC encrypted: ' . base64_encode($encryptedcbc); ?> </body> </html>
function encrypt($input) { $output = mcrypt_ecb(MCRYPT_DES, $this->key, $input, MCRYPT_ENCRYPT); $output = strtr(base64_encode($output), '+/=', '-_~'); return $output; }
/** * Get encripted cookie login string * * @param string $string String to encode * @param string $key Key to encode with * * @return string Encripted */ static function encodeString($string, $key) { $key = substr(hash('md5', $key), 0, 24); $iv_size = mcrypt_get_iv_size(MCRYPT_3DES, MCRYPT_MODE_ECB); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $string = mcrypt_ecb(MCRYPT_3DES, $key, $string, MCRYPT_ENCRYPT, $iv); return base64_encode($string); }
<?php $key = "Last Chance to See"; $input = base64_decode("KiL2IfHUkEZE7H753kKICiG66O6qQqir2dIxItALEP4HeP5qVx6CIxYAGH6iWQe9fhhxeN6wNNs="); echo mcrypt_ecb(MCRYPT_3DES, $key, $input, MCRYPT_DECRYPT);
function decrypt($encrypted_text) { $key_value = "klfklfads \$%#%\$#klsshkl gsad465468165"; return mcrypt_ecb(MCRYPT_DES, $key_value, $encrypted_text, MCRYPT_DECRYPT); }
function encrypt($str, $key) { // hex mod $hex_key = $this->hexmod($key); $bin_hex_key = pack('H*', str_pad($hex_key, 16 * 3, '0')); // Pad string length to exact multiple of 8 $str = $str . str_repeat(' ', 8 - strlen($str) % 8); // return return $out = base64_encode(mcrypt_ecb(MCRYPT_3DES, $bin_hex_key, $str, MCRYPT_ENCRYPT)); }
<?php $key = "0123456789012345"; $secret = "PHP Testfest 2008"; $cipher = MCRYPT_RIJNDAEL_128; $iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher, MCRYPT_MODE_ECB), MCRYPT_RAND); $enc_data = mcrypt_ecb($cipher, $key, $secret, MCRYPT_ENCRYPT, $iv); // we have to trim as AES rounds the blocks and decrypt doesnt detect that echo trim(mcrypt_ecb($cipher, $key, $enc_data, MCRYPT_DECRYPT, $iv)) . "\n"; // a warning must be issued if we don't use a IV on a AES cipher, that usually requires an IV mcrypt_ecb($cipher, $key, $enc_data, MCRYPT_DECRYPT);
<?php $url = 'http://gist.github.com/tqbf/3132853/raw/c02ff8a08ccf872f4cd278396379f4bb1ef337d8/gistfile1.txt'; $enc = base64_decode(file_get_contents($url)); $dec = mcrypt_ecb(MCRYPT_RIJNDAEL_128, 'YELLOW SUBMARINE', $enc, MCRYPT_DECRYPT); echo $dec;
} else { echo '<PRE>' . dol_buildpath('cdav/server.php', 2) . '/calendars/' . $user->login . '/' . $user->id . '-cal-' . $user->login . '</PRE>'; } } elseif ($type == 'ICS') { echo '<h3>' . $langs->trans('URLforICS') . '</h3>'; if (isset($user->rights->agenda->allactions->read) && $user->rights->agenda->allactions->read) { if (versioncompare(versiondolibarrarray(), array(3, 7, 9)) > 0) { $fk_soc_fieldname = 'fk_soc'; } else { $fk_soc_fieldname = 'fk_societe'; } $sql = 'SELECT u.rowid, u.login, u.firstname, u.lastname FROM ' . MAIN_DB_PREFIX . 'user u WHERE ' . $fk_soc_fieldname . ' IS NULL ORDER BY login'; $result = $db->query($sql); while ($row = $db->fetch_array($result)) { echo '<h4>' . $row['firstname'] . ' ' . $row['lastname'] . ' :</h4>'; echo "<PRE>" . $langs->trans('Full') . " :\n" . dol_buildpath('cdav/ics.php', 2) . '?token=' . base64url_encode(mcrypt_ecb(MCRYPT_BLOWFISH, CDAV_URI_KEY, $row['rowid'] . '+ø+full', MCRYPT_ENCRYPT)) . "\n\n"; echo $langs->trans('NoLabel') . " :\n" . dol_buildpath('cdav/ics.php', 2) . '?token=' . base64url_encode(mcrypt_ecb(MCRYPT_BLOWFISH, CDAV_URI_KEY, $row['rowid'] . '+ø+nolabel', MCRYPT_ENCRYPT)) . '</PRE><br/>'; } } else { echo "<PRE>" . $langs->trans('Full') . " :\n" . dol_buildpath('cdav/ics.php', 2) . '?token=' . base64url_encode(mcrypt_ecb(MCRYPT_BLOWFISH, CDAV_URI_KEY, $user->id . '+ø+full', MCRYPT_ENCRYPT)) . "\n\n"; echo $langs->trans('NoLabel') . " :\n" . dol_buildpath('cdav/ics.php', 2) . '?token=' . base64url_encode(mcrypt_ecb(MCRYPT_BLOWFISH, CDAV_URI_KEY, $user->id . '+ø+nolabel', MCRYPT_ENCRYPT)) . '</PRE><br/>'; } } else { echo '<h3>' . $langs->trans('URLGeneric') . '</h3>'; echo '<PRE>' . dol_buildpath('cdav', 2) . '</PRE>'; } // End of page llxFooter(); $db->close();
eregi_replace(); import_request_variables(); mcrypt_generic_end(); mysql_db_query(); mysql_escape_string(); mysql_list_dbs(); mysqli_bind_param(); mysqli_bind_result(); mysqli_client_encoding(); mysqli_fetch(); mysqli_param_count(); mysqli_get_metadata(); mysqli_send_long_data(); magic_quotes_runtime(); session_register(); session_unregister(); session_is_registered(); set_magic_quotes_runtime(); set_socket_blocking(); split(); spliti(); sql_regcase(); php_logo_guid(); php_egg_logo_guid(); php_real_logo_guid(); zend_logo_guid(); datefmt_set_timezone_id(); mcrypt_ecb(); mcrypt_cbc(); mcrypt_cfb(); mcrypt_ofb();
/** * sessDecrypt - Decrypts encrypted text created by the sessEncrypt member. * It needs to be passed the same Initialization Vector (IV) used in the * encryption process. When you have a few/many fields to decrypt in one * script cycle, choose to keep the mcrypt module open to speed up * decryption (only for libmcrypt >= 2.4.x). A correctly decrypted field * will be returned as a string, so if you're expecting/wanting an integer * then you have to type cast or use intval() function. * * @param string $_enc Pass the encrypted text you would like to decrypt. * @param string $_IV Pass the same IV used in the encryption phase. * @param bool $_keep_open TRUE to keep mcrypt module open, FALSE close. * @return mixed Returns the original plain text or FALSE on error. * @access public */ function sessDecrypt($_enc, $_IV, $_keep_open = FALSE) { static $_open_already = FALSE; // Open encrypt flag For ver >= 2.4.x static $_module = NULL; if (!is_bool($_keep_open)) { $_keep_open = FALSE; } if (is_numeric($_IV) && strlen($_IV) > 0 && strlen($_IV) < 4 && intval($_IV) > 0 && intval($_IV) < 501) { $_text = $this->sessDecode($_enc, intval($_IV)); } else { if ($this->_MCRYPT && !empty($this->_ENC_ALGO) && !empty($this->_ENC_MODE)) { $_IV = @base64_decode($_IV); $_enc = @base64_decode($_enc); if ($this->_MCRYPT_LATEST) { // For >= 2.4.x if (!$_open_already) { $_module = @mcrypt_module_open($this->_ENC_ALGO, '', $this->_ENC_MODE, ''); if (FALSE === $_module) { // Could not open encryption module for decryption $this->_setErrMsg('DEC_OPEN_FAIL', NULL, $this->_ENC_ALGO, $this->_ENC_MODE); $this->_handleErrors(); return FALSE; } $_open_already = TRUE; } $_key = substr($this->_ENC_KEY_HASHED, 0, @mcrypt_enc_get_key_size($_module)); $_result = @mcrypt_generic_init($_module, $_key, $_IV); if ($_result < 0) { switch ($_result) { case -3: // Key length for decryption is incorrect $this->_setErrMsg('DEC_KEY_LEN', NULL, $this->_ENC_ALGO, $this->_ENC_MODE, strlen($_key)); case -4: // There were memory allocation problems - decrypt $this->_setErrMsg('DEC_MEMORY', NULL, $this->_ENC_ALGO, $this->_ENC_MODE); default: // There were unknown errors while trying to decrypt $this->_setErrMsg('DEC_UNKNOWN', NULL, $this->_ENC_ALGO, $this->_ENC_MODE); } $this->_handleErrors(); return FALSE; } // trim is especially needed in Cipher Block Chaining (CBC) mode $_text = trim(@mdecrypt_generic($_module, $_enc)); if (!$_keep_open) { @mcrypt_generic_deinit($_module); @mcrypt_module_close($_module); $_open_already = FALSE; $_module = NULL; } } else { // For 2.2.x $_key = substr($this->_ENC_KEY_HASHED, 0, @mcrypt_get_key_size($this->_ENC_ALGO)); switch ($this->_ENC_MODE) { case MCRYPT_MODE_ECB: $_text = @mcrypt_ecb($this->_ENC_ALGO, $_key, $_enc, MCRYPT_DECRYPT); break; case MCRYPT_MODE_CFB: $_text = @mcrypt_cfb($this->_ENC_ALGO, $_key, $_enc, MCRYPT_DECRYPT, $_IV); break; case MCRYPT_MODE_OFB: $_text = @mcrypt_ofb($this->_ENC_ALGO, $_key, $_enc, MCRYPT_DECRYPT, $_IV); break; default: $_text = @mcrypt_cbc($this->_ENC_ALGO, $_key, $_enc, MCRYPT_DECRYPT, $_IV); } $_text = trim($_text); // Especially needed for CBC mode } } else { $_text = FALSE; } } return $_text; }
function profile_save() { $user_data = array(); $columns = $this->passport_db->get_results("SHOW COLUMNS FROM passport_profiles"); foreach ($columns as $column) { if (isset($_POST[$column->Field])) { $user_data[$column->Field] = $_POST[$column->Field]; } } if (isset($user_data['userID'])) { unset($user_data['userID']); } $user_data['username'] = $_POST['username']; $user_data['email'] = $_POST['email']; $wp_user = array('display_name' => $_POST['first_name'] . ' ' . $_POST['last_name'], 'user_login' => $_POST['username'], 'user_nicename' => strtolower(str_replace(" ", "-", $_POST['username'])), 'user_email' => $_POST['email']); if (isset($_POST['password'])) { $user_data['password'] = MD5($_POST['password']); } $existing_username = $_POST['existing_username']; $existing_email = $_POST['existing_email']; if ($wp_user['user_email'] != $existing_email) { $session_email = $wp_user['user_email']; } else { $session_email = $existing_email; } $user_data['sso_session'] = session_id(); $user_data['sso_datetime'] = date("Y-m-d H:i:s", strtotime("+ 30 minutes")); $user_data['lastLogin'] = date("Y-m-d H:i:s"); $this->passport_db->update('passport_profiles', $user_data, array('email' => $existing_email)); // update broker wp installs $sso_brokers = $this->settings->sso_brokers; if ($sso_brokers) { foreach ($sso_brokers as $broker_url => $broker_data) { $key = substr($broker_data['broker_key'], 0, 5); $broker_parameters = ''; if ($wp_user['user_email'] != $existing_email) { $ENCRYPT_email = $wp_user['user_email']; $broker_parameters .= '&e=' . base64_encode($ENCRYPT_email); } if ($wp_user['user_login'] != $existing_username) { $ENCRYPT_username = $wp_user['user_login']; $broker_parameters .= '&u=' . base64_encode($ENCRYPT_username); } if ($broker_parameters) { $ENCRYPT_existing_email = mcrypt_ecb(MCRYPT_3DES, $key, $existing_email, MCRYPT_ENCRYPT); $ENCRYPT_existing_email = $existing_email; $broker_parameters .= '&ee=' . base64_encode($ENCRYPT_existing_email); $ENCRYPT_existing_username = mcrypt_ecb(MCRYPT_3DES, $key, $existing_username, MCRYPT_ENCRYPT); $ENCRYPT_existing_username = $existing_username; $broker_parameters .= '&eu=' . base64_encode($ENCRYPT_existing_username); list($response, $content) = $this->SSO_Parent->call_broker($broker_url, 'broker_user_update', $broker_parameters = ''); } } } if ($user = get_user_by('email', $existing_email)) { global $wpdb; $wpdb->update($wpdb->prefix . 'users', $wp_user, array('ID' => $user->ID)); if (isset($_POST['password'])) { wp_set_password($_POST['password'], $user->ID); } wp_clear_auth_cookie(); wp_set_auth_cookie($user->ID); } if ($wp_user['user_email'] != $existing_email) { $updated = 'Your account and email have been updated.'; } elseif ($wp_user['user_email'] != $existing_email && $user_data['username'] != $existing_username) { $updated = 'Your account, username, and email have been updated.'; } elseif ($user_data['username'] != $existing_username) { $updated = 'Your account and username have been updated.'; } else { $updated = 'Your account has been updated.'; } return $updated; }
// define some classes class classWithToString { public function __toString() { return "Class A object"; } } class classWithoutToString { } // heredoc string $heredoc = <<<EOT hello world EOT; // get a resource variable $fp = fopen(__FILE__, "r"); // add arrays $index_array = array(1, 2, 3); $assoc_array = array('one' => 1, 'two' => 2); //array of values to iterate over $inputs = array('int 0' => 0, 'int 1' => 1, 'int 12345' => 12345, 'int -12345' => -2345, 'float 10.5' => 10.5, 'float -10.5' => -10.5, 'float 12.3456789000e10' => 123456789000.0, 'float -12.3456789000e10' => -123456789000.0, 'float .5' => 0.5, 'empty array' => array(), 'int indexed array' => $index_array, 'associative array' => $assoc_array, 'nested arrays' => array('foo', $index_array, $assoc_array), 'uppercase NULL' => NULL, 'lowercase null' => null, 'lowercase true' => true, 'lowercase false' => false, 'uppercase TRUE' => TRUE, 'uppercase FALSE' => FALSE, 'empty string DQ' => "", 'empty string SQ' => '', 'instance of classWithToString' => new classWithToString(), 'instance of classWithoutToString' => new classWithoutToString(), 'undefined var' => @$undefined_var, 'unset var' => @$unset_var, 'resource' => $fp); // loop through each element of the array for cipher foreach ($inputs as $valueType => $value) { echo "\n--{$valueType}--\n"; var_dump(mcrypt_ecb($value, $key, $data, $mode, $iv)); } fclose($fp); ?> ===DONE===
<?php error_reporting(E_ALL & ~E_DEPRECATED); /* Prototype : string mcrypt_ecb(int cipher, string key, string data, int mode, string iv) * Description: ECB crypt/decrypt data using key key with cipher cipher starting with iv * Source code: ext/mcrypt/mcrypt.c * Alias to functions: */ echo "*** Testing mcrypt_ecb() : basic functionality ***\n"; $cipher = MCRYPT_TRIPLEDES; $data = "This is the secret message which must be encrypted"; $mode = MCRYPT_ENCRYPT; // tripledes uses keys upto 192 bits (24 bytes) $keys = array('12345678', '12345678901234567890', '123456789012345678901234', '12345678901234567890123456'); // tripledes is a block cipher of 64 bits (8 bytes) $ivs = array('1234', '12345678', '123456789'); $iv = '12345678'; echo "\n--- testing different key lengths\n"; foreach ($keys as $key) { echo "\nkey length=" . strlen($key) . "\n"; var_dump(bin2hex(mcrypt_ecb($cipher, $key, $data, $mode, $iv))); } $key = "1234567890123456"; echo "\n--- testing different iv lengths\n"; foreach ($ivs as $iv) { echo "\niv length=" . strlen($iv) . "\n"; var_dump(bin2hex(mcrypt_ecb($cipher, $key, $data, $mode, $iv))); } ?> ===DONE===
unset($_SESSION["cloud"]); } } elseif ($_SERVER["REQUEST_METHOD"] == "POST") { //IF NEW CLOUD if ($_POST["provider"] == 1) { // if DAV // todo: Check if server is a webdav compliant server. $prop = davPROP($_POST["url"], $_POST["username"], $_POST["password"]); $status = $prop["info"]["http_code"]; if ($status > 399) { apologize("Error {$status} - An unexpected error occurred."); } elseif (strpos($prop["info"]["content_type"], 'xml') === false) { // if content type isn't xml apologize("Improper data returned. Check your input and try again."); } else { query("INSERT INTO clouds (id, cloudnum, username, password, cloudname, url) VALUES (?, ?, ?, ?, ?, ?)", $_SESSION["id"], $_POST["provider"], $_POST["username"], mcrypt_ecb(MCRYPT_3DES, MCRYPTKEY, $_POST["password"], MCRYPT_ENCRYPT), $_POST["name"], $_POST["url"]); $bokk = query("SELECT LAST_INSERT_ID() AS number"); $bokk = $bokk[0]["number"]; $_SESSION["cloud"] = $bokk[0]["number"]; } } elseif ($_POST["provider"] == 2) { // If Google OAuth require "../includes/gclient.php"; query("INSERT INTO clouds (id, cloudnum, cloudname) VALUES (?, ?, ?)", $_SESSION["id"], $_POST["provider"], $_POST["name"]); $lasttmp = query("SELECT LAST_INSERT_ID() AS number"); $_SESSION["tmp"] = $lasttmp[0]["number"]; $authUrl = $client->createAuthUrl(); redirect("{$authUrl}"); } } elseif (isset($_GET['code'])) { // From AuthUrl - Accepted