Ejemplo n.º 1
1
 public static function Save($strFormState, $blnBackButtonFlag)
 {
     // Compress (if available)
     if (function_exists('gzcompress')) {
         $strFormState = gzcompress($strFormState, 9);
     }
     // Setup CurrentStateIndex (if none yet exists)
     if (!array_key_exists('qform_current_state_index', $_SESSION)) {
         $_SESSION['qform_current_state_index'] = 0;
     }
     // Increment CurrentStateIndex if BackButtonFlag is true
     // Otherwise, we're in an ajax-to-ajax call, and the back button is invalid anyway
     // No need to increment session state index -- let's not to save space
     //			if ($blnBackButtonFlag)
     $_SESSION['qform_current_state_index'] = $_SESSION['qform_current_state_index'] + 1;
     $intStateIndex = $_SESSION['qform_current_state_index'];
     // Save THIS formstate
     // NOTE: if gzcompress is used, we are saving the *BINARY* data stream of the compressed formstate
     // In theory, this SHOULD work.  But if there is a webserver/os/php version that doesn't like
     // binary session streams, you can first base64_encode before saving to session (see note below).
     $_SESSION['qform_' . $intStateIndex] = $strFormState;
     // Return StateIndex
     if (!is_null(QForm::$EncryptionKey)) {
         // Use QCryptography to Encrypt
         $objCrypto = new QCryptography(QForm::$EncryptionKey, true);
         return $objCrypto->Encrypt($intStateIndex);
     } else {
         return $intStateIndex;
     }
 }
 public static function Save($strFormState, $blnBackButtonFlag)
 {
     // Compress (if available)
     if (function_exists('gzcompress')) {
         $strFormState = gzcompress($strFormState, 9);
     }
     if (empty($_POST['Qform__FormState'])) {
         // no prior form state, so create a new one.
         $strFormInstance = uniqid();
         $intFormStateIndex = 1;
     } else {
         $strPriorState = $_POST['Qform__FormState'];
         if (!is_null(QForm::$EncryptionKey)) {
             // Use QCryptography to Decrypt
             $objCrypto = new QCryptography(QForm::$EncryptionKey, true);
             $strPriorState = $objCrypto->Decrypt($strPriorState);
         }
         $a = explode('_', $strPriorState);
         if (count($a) == 2 && is_numeric($a[1]) && !empty($_SESSION['qformstate'][$a[0]]['index'])) {
             $strFormInstance = $a[0];
             $intFormStateIndex = $_SESSION['qformstate'][$a[0]]['index'];
             if ($blnBackButtonFlag) {
                 // can we reuse current state info?
                 $intFormStateIndex++;
                 // nope
                 // try to garbage collect
                 if (count($_SESSION['qformstate'][$a[0]]) > self::$BackButtonMax) {
                     foreach ($_SESSION['qformstate'][$a[0]] as $key => $val) {
                         if (is_numeric($key) && $key < $_SESSION['qformstate'][$a[0]]['index'] - self::$BackButtonMax) {
                             unset($_SESSION['qformstate'][$a[0]][$key]);
                         }
                     }
                 }
             }
         } else {
             // couldn't find old session variables, so create new one
             $strFormInstance = uniqid();
             $intFormStateIndex = 1;
         }
     }
     // Setup current state variable
     if (empty($_SESSION['qformstate'])) {
         $_SESSION['qformstate'] = array();
     }
     if (empty($_SESSION['qformstate'][$strFormInstance])) {
         $_SESSION['qformstate'][$strFormInstance] = array();
     }
     $_SESSION['qformstate'][$strFormInstance]['index'] = $intFormStateIndex;
     $_SESSION['qformstate'][$strFormInstance][$intFormStateIndex] = $strFormState;
     $strPostDataState = $strFormInstance . '_' . $intFormStateIndex;
     // Return StateIndex
     if (!is_null(QForm::$EncryptionKey)) {
         // Use QCryptography to Encrypt
         $objCrypto = new QCryptography(QForm::$EncryptionKey, true);
         return $objCrypto->Encrypt($strPostDataState);
     } else {
         return $strPostDataState;
     }
 }
Ejemplo n.º 3
0
 public function testSerialize()
 {
     $strKey = '438ppp87dgf';
     $crypt = new QCryptography($strKey);
     $str = 'Mary had a little lamb, a little beef, a little ham';
     $e = $crypt->Encrypt($str);
     $this->assertNotEquals($str, $e);
     $encoded = serialize($crypt);
     $crypt2 = unserialize($encoded);
     $str2 = $crypt2->Decrypt($e);
     $this->assertEquals($str, $str2);
 }
Ejemplo n.º 4
0
 public static function Save($strFormState)
 {
     // Compress (if available)
     if (function_exists('gzcompress')) {
         $strFormState = gzcompress($strFormState, 9);
     }
     if (is_null(QForm::$EncryptionKey)) {
         // Don't Encrypt the FormState -- Simply Base64 Encode it
         $strFormState = base64_encode($strFormState);
         // Cleanup FormState Base64 Encoding
         $strFormState = str_replace('+', '-', $strFormState);
         $strFormState = str_replace('/', '_', $strFormState);
     } else {
         // Use QCryptography to Encrypt
         $objCrypto = new QCryptography(QForm::$EncryptionKey, true);
         $strFormState = $objCrypto->Encrypt($strFormState);
     }
     return $strFormState;
 }
Ejemplo n.º 5
0
QCryptography::$Key = 'SampleKey';
// By default, let's leave Base64 encoding turned off
QCryptography::$Base64 = false;
$objCrypto = new QCryptography();
$strEncrypted = $objCrypto->Encrypt($strOriginal);
$strDecrypted = $objCrypto->Decrypt($strEncrypted);
printf('Original Data: <b>%s</b><br/>', $strOriginal);
printf('Encrypted Data: <b>%s</b><br/>', $strEncrypted);
printf('Decrypted Data: <b>%s</b><br/><br/><br/>', $strDecrypted);
?>



	<h3>TripleDES, Electronic Codebook Encryption (with Base64 encoding)</h3>
<?php 
$strOriginal = 'Just keep examining every low bid quoted for zinc etchings.';
// Modify the base64 mode while making the specification on the constructor, itself
// By default, let's instantiate a QCryptography object with Base64 encoding enabled
// Note: while the resulting encrypted data is safe for any text-based stream, including
// use as GET/POST data, inside the URL, etc., the resulting encrypted data stream will
// be 33% larger.
$objCrypto = new QCryptography(null, true);
$strEncrypted = $objCrypto->Encrypt($strOriginal);
$strDecrypted = $objCrypto->Decrypt($strEncrypted);
printf('Original Data: <b>%s</b><br/>', $strOriginal);
printf('Encrypted Data: <b>%s</b><br/>', $strEncrypted);
printf('Decrypted Data: <b>%s</b><br/><br/><br/>', $strDecrypted);
?>

<?php 
require '../includes/footer.inc.php';
Ejemplo n.º 6
0
 public function btnAdd_Click()
 {
     //Save or create all necessary objects
     // Create RecurringDonation
     if (!$this->isEdit) {
         $this->objRecurringDonation = new RecurringDonation();
         $this->objRecurringDonation->PersonId = QApplication::$PublicLogin->Person->Id;
         $this->objRecurringDonation->ConfirmationEmail = QApplication::$PublicLogin->Person->PrimaryEmail->Address;
     }
     $this->objRecurringDonation->Amount = $this->GetAmount();
     $this->objRecurringDonation->Save();
     //Create RecurringPayment object - and associate with RecurringDonation.
     if (!$this->isEdit) {
         $objRecurringPayment = new RecurringPayments();
     } else {
         $objRecurringPayment = RecurringPayments::Load($this->objRecurringDonation->RecurringPaymentId);
     }
     QCryptography::$Key = CRYPTO_KEY;
     $objCrypto = new QCryptography(null, false);
     $objRecurringPayment->Address1 = $objCrypto->Encrypt(trim($this->pnlPayment->txtAddress1->Text));
     $objRecurringPayment->Address2 = $objCrypto->Encrypt(trim($this->pnlPayment->txtAddress2->Text));
     $objRecurringPayment->City = $objCrypto->Encrypt(trim($this->pnlPayment->txtCity->Text));
     $objRecurringPayment->State = trim($this->pnlPayment->lstState->SelectedValue);
     $objRecurringPayment->Zip = $objCrypto->Encrypt(trim($this->pnlPayment->txtZipCode->Text));
     $objRecurringPayment->ExpirationDate = sprintf('%02d%02d', $this->pnlPayment->lstCcExpMonth->SelectedValue, substr($this->pnlPayment->lstCcExpYear->SelectedValue, 2));
     //$objCrypto->Encrypt(sprintf('%02d%02d', $this->pnlPayment->lstCcExpMonth->SelectedValue, substr($this->pnlPayment->lstCcExpYear->SelectedValue, 2)));
     $objRecurringPayment->SecurityCode = $objCrypto->Encrypt($this->pnlPayment->txtCcCsc->Text);
     $objRecurringPayment->CreditCardTypeId = $this->pnlPayment->lstCcType->SelectedValue;
     $objRecurringPayment->CardHolderName = $objCrypto->Encrypt(sprintf('%s %s', $this->pnlPayment->txtFirstName->Text, $this->pnlPayment->txtLastName->Text));
     $objRecurringPayment->AccountNumber = $objCrypto->Encrypt($this->pnlPayment->txtCcNumber->Text);
     $objRecurringPayment->AuthorizeFlag = $this->chkAgreement->Checked;
     $objRecurringPayment->StartDate = $this->dtxStartDate->DateTime;
     $objRecurringPayment->EndDate = $this->dtxEndDate->DateTime;
     $objRecurringPayment->Amount = $this->GetAmount();
     $objRecurringPayment->PaymentPeriodId = $this->lstPaymentPeriod->SelectedValue;
     $objRecurringPayment->Name = $this->txtPaymentName->Text;
     $intRecurringPaymentId = $objRecurringPayment->Save();
     if (!$this->isEdit) {
         $this->objRecurringDonation->RecurringPaymentId = $intRecurringPaymentId;
         $this->objRecurringDonation->Save();
     }
     // Create RecurringDonationItems - And associate with RecurringDonation
     foreach ($this->objDonationItemArray as $objDonationItem) {
         if ($objDonationItem->Amount) {
             $objOnlineDonationLineItem = clone $objDonationItem;
             $objOnlineDonationLineItem->RecurringDonationId = $this->objRecurringDonation->Id;
             $objOnlineDonationLineItem->DonationFlag = true;
             $objOnlineDonationLineItem->Save();
         }
     }
     QApplication::Redirect('/give/recurring.php');
 }
Ejemplo n.º 7
0
 /**
  * Create and store in the user's cookie a login ticket so that they
  * can stay logged in across browser sessions
  * @param $objPerson Person
  * @return void
  */
 public static function SetLoginTicketToCookie(Person $objPerson)
 {
     // Create a new ticket for this user
     $objTicket = new LoginTicket();
     $objTicket->Person = $objPerson;
     $objTicket->Save();
     $objCrypto = new QCryptography();
     $strTicket = $objCrypto->Encrypt($objTicket->Id . '_' . $objPerson->Id);
     setcookie('strTicket', $strTicket, time() + 60 * 60 * 24 * 365, '/', null);
 }
 /**
  * @static
  *
  * @param $strFormState
  * @param $blnBackButtonFlag
  *
  * @return string
  */
 public static function Save($strFormState, $blnBackButtonFlag)
 {
     $objDatabase = QApplication::$Database[self::$intDbIndex];
     $strOriginal = $strFormState;
     // compress (if available)
     if (function_exists('gzcompress') && self::$blnCompress) {
         $strFormState = gzcompress($strFormState, 9);
     }
     if (defined('__DB_BACKED_FORM_STATE_HANDLER_ENCRYPTION_KEY__')) {
         try {
             $crypt = new QCryptography(__DB_BACKED_FORM_STATE_HANDLER_ENCRYPTION_KEY__, false, null, __DB_BACKED_FORM_STATE_HANDLER_HASH_KEY__);
             $strFormState = $crypt->Encrypt($strFormState);
         } catch (Exception $e) {
         }
     }
     if (self::$blnBase64) {
         $encoded = base64_encode($strFormState);
         if ($strFormState && !$encoded) {
             throw new Exception("Base64 Encoding Failed on " . $strOriginal);
         } else {
             $strFormState = $encoded;
         }
     }
     if (!empty($_POST['Qform__FormState']) && QApplication::$RequestMode == QRequestMode::Ajax) {
         // update the current form state if possible
         $strPageId = $_POST['Qform__FormState'];
         $strQuery = '
                             UPDATE
                                     ' . $objDatabase->EscapeIdentifier(self::$strTableName) . '
                             SET
                                     ' . $objDatabase->EscapeIdentifier('save_time') . ' = ' . $objDatabase->SqlVariable(time()) . ',
                                     ' . $objDatabase->EscapeIdentifier('state_data') . ' = ' . $objDatabase->SqlVariable($strFormState) . '
                             WHERE
                                     ' . $objDatabase->EscapeIdentifier('page_id') . ' = ' . $objDatabase->SqlVariable($strPageId);
         $objDatabase->NonQuery($strQuery);
         if ($objDatabase->AffectedRows > 0) {
             return $strPageId;
             // successfully updated the current record. No need to create a new one.
         }
     }
     // First see if we need to perform garbage collection
     // Decide for garbage collection
     if (self::$intGarbageCollectOnHitCount > 0 && rand(1, self::$intGarbageCollectOnHitCount) == 1) {
         self::GarbageCollect();
     }
     //*/
     // Figure Out Session Id (if applicable)
     $strSessionId = session_id();
     // Calculate a new unique Page Id
     $strPageId = md5(microtime());
     // Figure Out Page ID to be saved onto the database
     $strPageId = sprintf('%s_%s', $strSessionId, $strPageId);
     // Save THIS formstate to the database
     //Get database
     // Create the query
     $strQuery = '
                             INSERT INTO
                                     ' . $objDatabase->EscapeIdentifier(self::$strTableName) . '
                             (
                                     ' . $objDatabase->EscapeIdentifier('page_id') . ',
                                     ' . $objDatabase->EscapeIdentifier('session_id') . ',
                                     ' . $objDatabase->EscapeIdentifier('save_time') . ',
                                     ' . $objDatabase->EscapeIdentifier('state_data') . '
                             )
                             VALUES
                             (
                                     ' . $objDatabase->SqlVariable($strPageId) . ',
                                     ' . $objDatabase->SqlVariable($strSessionId) . ',
                                     ' . $objDatabase->SqlVariable(time()) . ',
                                     ' . $objDatabase->SqlVariable($strFormState) . '
                             )';
     $result = $objDatabase->NonQuery($strQuery);
     // Return the Page Id
     // Because of the MD5-random nature of the Page ID, there is no need/reason to encrypt it
     return $strPageId;
 }
 /**
  * Write data to the session
  *
  * @param string $id The session ID
  * @param string $strSessionData Data to be written to the Session whose ID was supplied
  *
  * @return bool
  */
 public static function SessionWrite($id, $strSessionData)
 {
     if (empty($strSessionData)) {
         static::SessionDestroy($id);
         return true;
     }
     $strEncoded = $strSessionData;
     if (self::$blnCompress) {
         $strEncoded = gzcompress($strSessionData);
     }
     if (defined('DB_BACKED_SESSION_HANDLER_ENCRYPTION_KEY')) {
         try {
             $crypt = new QCryptography(DB_BACKED_SESSION_HANDLER_ENCRYPTION_KEY, false, null, DB_BACKED_SESSION_HANDLER_HASH_KEY);
             $strEncoded = $crypt->Encrypt($strEncoded);
         } catch (Exception $e) {
         }
     }
     if (self::$blnBase64) {
         $encoded = base64_encode($strEncoded);
         if ($strEncoded && !$encoded) {
             throw new Exception("Base64 Encoding Failed on " . $strSessionData);
         } else {
             $strEncoded = $encoded;
         }
     }
     assert(!empty($strEncoded));
     $id = self::$strSessionName . '.' . $id;
     $objDatabase = QApplication::$Database[self::$intDbIndex];
     $objDatabase->InsertOrUpdate(self::$strTableName, array('data' => $strEncoded, 'last_access_time' => time(), 'id' => $id), 'id');
     return true;
 }