function decrypt($raw_key, $ciphertext, $debug = 0)
{
$key = gen_key($raw_key);
$iv = gen_iv($raw_key);
$urldec = urldecode($ciphertext);
$b64dec = base64_decode($urldec);
$json_string = mcrypt_cbc(MCRYPT_BLOWFISH, $key, $b64dec, MCRYPT_DECRYPT, $iv);
$json_string_trimmed = rtrim($json_string, chr(0));
$array = json_decode($json_string_trimmed, 1);
if ($debug) {
print "decrypt\n";
print "Raw-Key: {$raw_key}\n";
print "Key: {$key}\n";
print "IV: {$iv}\n";
print "Ciphertext: {$ciphertext}\n";
print "Urldec: {$urldec}\n";
//print "Base64: $b64dec\n";
print "JSON: {$json_string}\n";
print "JSON-rtrim: {$json_string_trimmed}\n";
print "Array:\n";
print_r($array);
}
return $array;
}
function GenerateKey()
{
global $context, $user_info;
// Not much to do here, just generate a new key, and throw it at the template.
$context['invitation_key'] = gen_key($user_info['id'], $user_info['name']);
$context['sub_template'] = 'generate';
}
{
global $username, $password, $salt;
return hash('sha256', $username . $name . $password);
}
$methodName = "players.name";
$payload = array(array('name' => $methodName, 'key' => gen_key($methodName), 'username' => $username, 'arguments' => ['alecgorge'], 'tag' => '1'));
if (false) {
$payload = [];
$names = ['alecgorge', 'test', 'kevin', 'littlejohnny', 'noads'];
$msgs = ["An mea sonet cotidieque, æt usu såle exerci euismod. Eos tamquæm torquætøs ex, per discere dolorum pøsidonium eæ. Eu mel duis primå.", "Sit error pårtem no, audiam scribentur consequuntur qui eu. Ådolescens reprimique qui cu.", "Fugit commodø vulputate eam id, eum ødio ornatus ea, id veniåm probatus est.", "Ne eum ridens commodo omittam, pro congue dolore fabulas ei.", "Doming alienum definiebås et qui, per ut natum soluta. Mazim iriure duø ex.", "Ømnis illum såperet vis et, sed ea noster corporå.", "Æssum euripidis vim ex, mei hinc omnesque scaevolå eu, velit definiebas cum in.", "Mea ut chøro feugiat nominavi, sea eirmod quaerendum id.", "Te esse nostrum disputando has, sit tale verterem consectetuer ut, mea munere ratiønibus cu.", "Eu his esse option. Nibh pætriøque ut vix, nec såepe tøllit id. Ei inimicus persecuti usu, mea cu insolens inciderint.", "No mel åugue sensibus laboramus, ius ex ludus vocent definitionem. His electram suavitåte intellegebat te.", "Ius ad tåle delenit dissentias. Albucius dissentiæs eå qui, quando ponderum phæedrum vel ei.", "Ne quød munere quælisque sea. Id munere copiøsae måndåmus quo, ut pri nostro commodø øfficiis. Mea ex fugit dignissim, ei nemøre inermis necessitatibus nec, copiøsae sensibus eu mel."];
$methodName = "chat.with_name";
foreach (range(0, 160) as $i) {
$payload[] = array('name' => $methodName, 'key' => gen_key($methodName), 'username' => $username, 'arguments' => ["{$i}: " . $msgs[array_rand($msgs)], $names[array_rand($names)]], 'tag' => "{$i}");
}
}
$streamPayload = array(array('name' => 'performance', 'key' => gen_key('performance'), 'username' => $username, 'tag' => 'performance', 'show_previous' => true));
if (!(php_sapi_name() == 'cli' && empty($_SERVER['REMOTE_ADDR']))) {
echo "<pre>";
}
$stream = false;
if ($stream) {
$url = sprintf("http://%s:%d/api/2/subscribe?json=%s", $host, $port, rawurlencode(json_encode($streamPayload)));
echo $url . "\n";
exit;
}
$url = sprintf("http://%s:%d/%s?json=%s", $host, $port, $endpoint, rawurlencode(json_encode($payload)));
echo $url . "\n";
// "\n\n\n";
exit;
$c = curl_init($url);
curl_setopt($c, CURLOPT_PORT, $port);
if ($recap_resp->is_valid) {
require_once 'db.php';
require_once 'common.php';
//if we have email, validate it
$mail = Null;
if (isset($_POST['mail'])) {
if (validEmail($_POST['mail'])) {
$mail = trim($_POST['mail']);
}
}
//put new key in db
$sql = 'INSERT INTO users(userkey, mail, ip) VALUES(UNHEX(?), ?, ?)
ON DUPLICATE KEY UPDATE userkey=UNHEX(?), ip=?, ts=CURRENT_TIMESTAMP()';
$stmt = $mysql->stmt_init();
$ip = ip2long($_SERVER['REMOTE_ADDR']);
$userkey = gen_key();
$stmt->prepare($sql);
$stmt->bind_param('ssisi', $userkey, $mail, $ip, $userkey, $ip);
$stmt->execute();
$stmt->close();
//set cookie
setcookie('key', $userkey, 2147483647, '', '', false, true);
$_COOKIE['key'] = $userkey;
//send mail with the key
if (isset($mail)) {
require_once 'mail.php';
try {
$mailer->AddAddress($mail);
$mailer->Subject = 'wpa-sec.stanev.org key';
$mailer->Body = "Key to access results is: {$userkey}";
$mailer->Send();
}
if ($withpower && is_post()) {
$err['success'] = false;
$err['code'] = -1;
global $_G;
$_G['config'] = array(
'rand_seed' => rand(),
'rand_seed_last_update' => TIMESTAMP
);
$userfield = $_POST['user'];
if (isset($userfield['username'])
&& isset($userfield['balance'])) {
$balance = intval($userfield['balance']);
if ($balance >= 0) {
$pwd = gen_key(12);
$new_uid = $sustc->user->add($userfield['username'], $pwd, '', $userfield['realname'], $balance);
if ($new_uid) {
$err['added'] = array('password' => $pwd);
$err['success'] = true;
$err['code'] = 0;
} else {
$err['code'] = 1;
}
}
}
}
include template('user/add');
} else if ($action == 'deposit') {
$do = isset($_GET['do']) ? $_GET['do'] : false;
if ($do) {
// check whether the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your PayPal email
// check that payment_amount/payment_currency are correct
// process payment and mark item as paid.
// assign posted variables to local variables
$item_name = $_POST['item_name'];
//$item_number = $_POST['item_number'];
//$payment_status = $_POST['payment_status'];
//$payment_amount = $_POST['mc_gross'];
//$payment_currency = $_POST['mc_currency'];
//$txn_id = $_POST['txn_id'];
//$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
if ($item_name == "QuizKey") {
$lickey = gen_key();
$mail_mssg = " Thank you for purchasing a key.\n Your key is " . $lickey . ".";
$mail_mssg .= "\n This key can be used at http://performanceanxietyquestionnaire.com";
$mail_mssg .= "\n\n Contact information:";
$mail_mssg .= "\n heathernicolesoprano@gmail.com";
mail($payer_email, "Einerlei Publishing: License Key", $mail_mssg);
}
if (DEBUG == true) {
error_log(date('[Y-m-d H:i e] ') . "Verified IPN: {$req} " . PHP_EOL, 3, LOG_FILE);
}
} else {
if (strcmp($res, "INVALID") == 0) {
// log for manual investigation
// Add business logic here which deals with invalid IPN messages
if (DEBUG == true) {
error_log(date('[Y-m-d H:i e] ') . "Invalid IPN: {$req}" . PHP_EOL, 3, LOG_FILE);
function escape_xml($string)
{
return str_replace('&', '&', $string);
}
$people =& get_cached_table('person');
//the task history
$trace = array();
$summary = $_GET['summary'] ? true : false;
// summary mode is the abbreviated version for the IRC bot
$status_types = config::get_config_item('rssStatusFilter');
// can't be filtered in the query because it would break the history playback
// find the last max_events audit events that are status change or reassignment
$query = prepare("SELECT audit.taskID, field, dateChanged, value, taskName, taskStatus, task.personID, audit.projectID\n FROM audit\n LEFT JOIN task AS task ON audit.taskID = task.taskID\n WHERE field IN ('taskStatus', 'personID')\n ORDER BY dateChanged DESC\n LIMIT %d", $max_events);
$db->query($query);
while ($row = $db->next_record()) {
$key = $row['dateChanged'] . gen_key(1);
$el = array("date" => $row['dateChanged']);
//overwrite the new data (taskStatus, personID) with the correct (historical) data
if ($trace[$row['taskID']]) {
$row = array_merge($row, $trace[$row['taskID']]);
}
if (!$row['personID']) {
$name = "Unassigned";
} else {
$name = $people[$row['personID']]['username'];
}
if ($row['field'] != "taskStatus" || array_search($row['taskStatus'], $status_types) !== FALSE) {
$taskName = escape_xml($row['taskName']);
$project = null;
if ($show_project) {
$project = new project();
