Beispiel #1
  * Set the hash for the user mails
  * @return bool
 protected function setUserMailHash()
     $ds = CSQLDataSource::get("std");
     $mails = $ds->loadList("SELECT m.user_mail_id, m.account_class, m.account_id, m.from,, m.subject, c.content FROM user_mail as m, content_html as c WHERE m.account_class IS NOT NULL AND m.account_id IS NOT NULL AND m.text_html_id = c.content_id ORDER BY m.user_mail_id DESC;");
     if (count($mails)) {
         $values = array();
         foreach ($mails as $_mail) {
             $data = "==FROM==\n" . $_mail['from'] . "\n==TO==\n" . $_mail['to'] . "\n==SUBJECT==\n" . $_mail['subject'] . "\n==CONTENT==\n" . $_mail['content'];
             $hash = CMbSecurity::hash(CMbSecurity::SHA256, $data);
             $values[] = '(' . $_mail['user_mail_id'] . ', ' . $_mail['account_id'] . ', \'' . $_mail['account_class'] . "', '{$hash}')";
         $mails = $ds->loadList("SELECT m.user_mail_id, m.account_class, m.account_id, m.from,, m.subject, c.content FROM user_mail AS m, content_any AS c WHERE m.account_class IS NOT NULL AND m.account_id IS NOT NULL AND m.text_html_id IS NULL AND m.text_plain_id = c.content_id ORDER BY m.user_mail_id DESC;");
         foreach ($mails as $_mail) {
             $data = "==FROM==\n" . $_mail['from'] . "\n==TO==\n" . $_mail['to'] . "\n==SUBJECT==\n" . $_mail['subject'] . "\n==CONTENT==\n" . $_mail['content'];
             $hash = CMbSecurity::hash(CMbSecurity::SHA256, $data);
             $values[] = '(' . $_mail['user_mail_id'] . ', ' . $_mail['account_id'] . ', \'' . $_mail['account_class'] . "', '{$hash}')";
         $query = "INSERT INTO `user_mail` (`user_mail_id`, `account_id`, `account_class`, `hash`) VALUES " . implode(', ', $values) . " ON DUPLICATE KEY UPDATE `hash` = VALUES(`hash`);";
         if ($msg = $ds->error()) {
             CAppUI::stepAjax($msg, UI_MSG_WARNING);
             return false;
     return true;
  * Création d'une entête WS-Adressing
  * @param string $action_name Action name
  * @param string $to          To
  * @return CSVSMessageXML[]
 static function createWSAddressing($action_name, $to)
     $headers[] = self::createHeaders("Action", $action_name, true);
     $headers[] = self::createHeaders("MessageID", "urn:uuid:" . CMbSecurity::generateUUID());
     $headers[] = self::createHeaders("ReplyTo", array("Address" => array("_", "")));
     $headers[] = self::createHeaders("To", $to, true);
     return $headers;
  * @see parent::store()
 function store()
     if (!$this->datetime_start) {
         $this->datetime_start = CMbDT::dateTime();
     if (!$this->_id) {
         $rand = CMbSecurity::getRandomString(16);
         $this->hash = CMbSecurity::hash(CMbSecurity::SHA1, $rand);
     return parent::store();
  * @see parent::updatePlainFields()
 function updatePlainFields()
     // GET
     if ($this->_query_params_get) {
         $this->_query_params_get = CMbSecurity::filterInput($this->_query_params_get);
         $this->query_params_get = json_encode($this->_query_params_get);
     // POST
     if ($this->_query_params_post) {
         $this->_query_params_post = CMbSecurity::filterInput($this->_query_params_post);
         $this->query_params_post = json_encode($this->_query_params_post);
     // SESSION
     if ($this->_session_data) {
         $this->_session_data = CMbSecurity::filterInput($this->_session_data);
         $this->session_data = json_encode($this->_session_data);
  * @see parent::extractData
 function extractData()
     /** @var CCDAFactory $factory */
     $factory = $this->mbObject;
     $this->document = $factory->mbObject;
     $this->targetObject = $factory->targetObject;
     $this->id_classification = 0;
     $this->id_external = 0;
     $mediuser = CMediusers::get();
     $specialty = $mediuser->loadRefOtherSpec();
     $group = $mediuser->loadRefFunction()->loadRefGroup();
     $identifiant = CXDSTools::getIdEtablissement(true, $group) . "/{$mediuser->_id}";
     $this->specialty = $specialty->code . "^" . $specialty->libelle . "^" . $specialty->oid;
     $this->xcn_mediuser = CXDSTools::getXCNMediuser($identifiant, $mediuser->_p_last_name, $mediuser->_p_first_name);
     $this->xon_etablissement = CXDSTools::getXONetablissement($group->text, CXDSTools::getIdEtablissement(false, $group));
     $this->xpath = new CMbXPath($factory->dom_cda);
     $this->xpath->registerNamespace("cda", "urn:hl7-org:v3");
     $this->patient_id = $this->getID($factory->patient, $factory->receiver);
     $this->ins_patient = $this->getIns($factory->patient);
     $uuid = CMbSecurity::generateUUID();
     $this->uuid["registry"] = $uuid . "1";
     $this->uuid["extrinsic"] = $uuid . "2";
     $this->uuid["signature"] = $uuid . "3";
  * Teste la validité de la phrase de passe via la chaîne témoin
  * @param string $passphrase Phrase de passe saisie par l'utilisateur
  * @return bool
 function testSample($passphrase)
     $decrypted = CMbSecurity::decrypt(CMbSecurity::AES, CMbSecurity::CTR, $passphrase, $this->sample, $this->iv);
     return $decrypted === self::SAMPLE;
Beispiel #7
  * Make the hash for the given headers and mail content
  * @param stdOject $header  The headers, returned by the POP source
  * @param array    $content The content, returned by the POP source
  * @return bool|string
 public function makeHash($header, $content)
     if (!isset($header->fromaddress) && !isset($header->toaddress) && !isset($header->subject)) {
         return null;
     $data = "==FROM==\n" . self::flatMimeDecode($header->fromaddress) . "\n==TO==\n" . self::flatMimeDecode($header->toaddress) . "\n==SUBJECT==\n" . self::flatMimeDecode($header->subject);
     if (!empty($content['text']['html'])) {
         $content = $content['text']['html'];
     } elseif (!empty($content['text']['plain'])) {
         $content = $content['text']['plain'];
     $data .= "\n==CONTENT==\n{$content}";
     return CMbSecurity::hash(CMbSecurity::SHA256, $data);
  * @see parent::doStore()
 function doStore()
     /** @var CUserMail $mail */
     $mail = $this->_obj;
     $mail->date_inbox = CMbDT::dateTime();
     $mail->date_read = $mail->date_inbox;
     $content_html = new CContentHTML();
     $mail->_content = CUserMail::purifyHTML($mail->_content);
     $content_html->content = $mail->_content;
     if (!($msg = $content_html->store())) {
         $mail->text_html_id = $content_html->_id;
         $mail->_text_html = $content_html;
     $content_plain = new CContentAny();
     $content_plain->content = strip_tags($mail->_content);
     if (!($msg = $content_plain->store())) {
         $mail->text_plain_id = $content_plain->_id;
     $hash = CMbSecurity::hash(CMbSecurity::SHA256, "==FROM==\n{$mail->from}\n==TO==\n{$mail->to}\n==SUBJECT==\n{$mail->subject}\n==CONTENT==\n{$mail->_content}");
     if ($msg = $mail->store()) {
         CAppUI::setMsg($msg, UI_MSG_ERROR);
         return parent::doStore();
     $action = CValue::post('action');
     switch ($action) {
         case 'draft':
             $mail->draft = '1';
             CAppUI::setMsg('CUserMail-msg-drafted', UI_MSG_OK);
         case 'send':
             $mail->sent = '1';
             $mail->draft = '0';
             $account = $mail->loadAccount();
             if ($mail->_is_apicrypt) {
                 /** @var CSourceSMTP $smtp */
                 $smtp = CExchangeSource::get("mediuser-{$account->object_id}-apicrypt", 'smtp');
             } else {
                 /** @var CSourceSMTP $smtp */
                 $smtp = CExchangeSource::get("mediuser-{$account->object_id}", 'smtp');
             foreach (explode(',', $mail->to) as $_address) {
             if ($mail->cc != '') {
                 foreach (explode(',', $mail->cc) as $_address) {
             if ($mail->bcc != '') {
                 foreach (explode(',', $mail->bcc) as $_address) {
             if ($mail->_is_apicrypt) {
                 $receiver = explode(',', $mail->to);
                 $body = CApicrypt::encryptBody($account->object_id, $receiver[0], $mail->_content);
             } else {
             /** @var CMailAttachments[] $attachments */
             $attachments = $mail->loadAttachments();
             foreach ($attachments as $_attachment) {
                 $file = $_attachment->loadFiles();
                 $smtp->addAttachment($file->_file_path, $file->file_name);
             try {
                 CAppUI::setMsg('CUserMail-msg-sent', UI_MSG_OK);
             } catch (phpmailerException $e) {
                 CAppUI::setMsg($e->errorMessage(), UI_MSG_ERROR);
             } catch (CMbException $e) {
     if (CAppUI::isMsgOK() && $this->redirectStore) {
         $this->redirect =& $this->redirectStore;
     if (!CAppUI::isMsgOK() && $this->redirectError) {
         $this->redirect =& $this->redirectError;
  * Déchiffrement d'un mot de passe
  * @param string $passphrase Phrase de passe à appliquer
  * @return string
 function getPassword($passphrase = null)
     if (!$passphrase) {
         $passphrase = CValue::sessionAbs("passphrase");
     return CMbSecurity::decrypt(CMbSecurity::AES, CMbSecurity::CTR, $passphrase, $this->password, $this->iv);
  * Return the certificate to array format
  * @return String[]
 function getCertificateToArray()
     return CMbSecurity::getInformationCertificate($this->certificate);