// add generated strings to config file
// the IV is stored in hex
$data_to_add = "\ndefine('SECRET_KEY', '" . $crypto->getSecretKey() . "');\ndefine('IV', '" . bin2hex($crypto->getIv()) . "');\n";
try {
file_put_contents('config.php', $data_to_add, FILE_APPEND);
} catch (Exception $e) {
$msg_arr[] = "[ERROR] " . $e->getMessage();
$_SESSION['errors'] = $msg_arr;
header('Location: sysconfig.php');
exit;
}
// ok so now we have a secret key, an IV and we want to convert our old cleartext SMTP password to an encrypted one
$config_arr = array();
// if there is a password in cleartext in the database, we encrypt it
if (strlen(get_config('smtp_password')) > 0) {
$config_arr['smtp_password'] = $crypto->encrypt(get_config('smtp_password'));
}
if (strlen(get_config('stamppass')) > 0) {
$config_arr['stamppass'] = $crypto->encrypt(get_config('stamppass'));
}
try {
update_config($config_arr);
} catch (Exception $e) {
$msg_arr[] = "[ERROR] " . $e->getMessage();
$_SESSION['errors'] = $msg_arr;
header('Location: sysconfig.php');
exit;
}
// now we update the stamppass in the `teams` table
// first get the list of teams with a stamppass
$sql = "SELECT * FROM teams WHERE CHAR_LENGTH(stamppass) > 0";
/**
* Validate POST variables containing login/validation data for the TSP;
* Substitute missing values with empty strings and return as array
*
* @return array
*/
function processTimestampPost()
{
$crypto = new \Elabftw\Elabftw\Crypto();
if (isset($_POST['stampprovider'])) {
$stampprovider = filter_var($_POST['stampprovider'], FILTER_VALIDATE_URL);
} else {
$stampprovider = '';
}
if (isset($_POST['stampcert'])) {
$cert_chain = filter_var($_POST['stampcert'], FILTER_SANITIZE_STRING);
if (is_file(realpath(ELAB_ROOT . $cert_chain)) || realpath($cert_chain)) {
$stampcert = $cert_chain;
} else {
$stampcert = '';
}
} else {
$stampcert = '';
}
if (isset($_POST['stampshare'])) {
$stampshare = $_POST['stampshare'];
} else {
$stampshare = 0;
}
if (isset($_POST['stamplogin'])) {
$stamplogin = filter_var($_POST['stamplogin'], FILTER_SANITIZE_STRING);
} else {
$stamplogin = '';
}
if (isset($_POST['stamppass'])) {
$stamppass = $crypto->encrypt(filter_var($_POST['stamppass'], FILTER_SANITIZE_STRING));
} else {
$stamppass = '';
}
return array('stampprovider' => $stampprovider, 'stampcert' => $stampcert, 'stampshare' => $stampshare, 'stamplogin' => $stamplogin, 'stamppass' => $stamppass);
}
} else {
$smtp_encryption = '';
}
if (isset($_POST['smtp_port']) && is_pos_int($_POST['smtp_port'])) {
$smtp_port = $_POST['smtp_port'];
} else {
$smtp_port = '';
}
if (isset($_POST['smtp_username'])) {
$smtp_username = filter_var($_POST['smtp_username'], FILTER_SANITIZE_STRING);
} else {
$smtp_username = '';
}
if (isset($_POST['smtp_password'])) {
// the password is stored encrypted in the SQL
$smtp_password = $crypto->encrypt(filter_var($_POST['smtp_password'], FILTER_SANITIZE_STRING));
} else {
$smtp_password = '';
}
// SQL
$updates = array('smtp_address' => $smtp_address, 'smtp_encryption' => $smtp_encryption, 'smtp_port' => $smtp_port, 'smtp_username' => $smtp_username, 'smtp_password' => $smtp_password, 'mail_method' => $mail_method, 'mail_from' => $mail_from, 'sendmail_path' => $sendmail_path);
if (update_config($updates)) {
$msg_arr[] = _('Configuration updated successfully.');
$_SESSION['infos'] = $msg_arr;
header('Location: ../sysconfig.php?tab=5');
exit;
} else {
$msg_arr[] = sprintf(_("There was an unexpected problem! Please %sopen an issue on GitHub%s if you think this is a bug.") . "<br>E#9", "<a href='https://github.com/elabftw/elabftw/issues/'>", "</a>");
$_SESSION['errors'] = $msg_arr;
header('Location: ../sysconfig.php?tab=5');
exit;
