cipher() public static method

public static cipher ( $text, $key )
Ejemplo n.º 1
0
 function __encrypt($value)
 {
     if (is_array($value)) {
         $value = $this->__implode($value);
     }
     return "Q2FrZQ==." . base64_encode(Security::cipher($value, $this->Controller->Cookie->key));
 }
Ejemplo n.º 2
0
 public function postLogin()
 {
     $this->loadModel('User');
     $key = 'iznWsaal5lKhOKu4f7f0YagKW81ClEBXqVuTjrFovrXXtOggrqHdDJqkGXsQpHf';
     $email = trim($this->request->data['email']);
     $password = trim($this->request->data['password']);
     $encrypted_password = Security::cipher($password, $key);
     $opts = array('conditions' => array('and' => array('User.user_email' => $email, 'User.password' => $encrypted_password)));
     $userInfo = $this->User->find('first', $opts);
     if ($userInfo) {
         //session
         CakeSession::write('session_id', $userInfo['User']['user_id']);
         CakeSession::write('session_name', $userInfo['User']['user_name']);
         CakeSession::write('session_email', $userInfo['User']['user_email']);
         $this->redirect('../User/user_profile');
     } else {
         $this->loadModel('CreateGroup');
         $opts = array('conditions' => array('and' => array('CreateGroup.group_admin_email' => $email, 'CreateGroup.password' => $encrypted_password)));
         $groupInfo = $this->CreateGroup->find('first', $opts);
         if ($groupInfo) {
             //session
             CakeSession::write('session_id', $groupInfo['CreateGroup']['group_id']);
             CakeSession::write('session_name', $groupInfo['CreateGroup']['group_name']);
             CakeSession::write('session_code', $groupInfo['CreateGroup']['group_code']);
             CakeSession::write('session_email', $groupInfo['CreateGroup']['group_admin_email']);
             $this->redirect('../Admin/group_profile');
         } else {
             $this->Session->write('login_message', 'Invalid username or password');
             $this->redirect('../login/home');
         }
     }
 }
Ejemplo n.º 3
0
 public static function write($name, $value = null, $encrypt = true, $expires = null, $path = null, $domain = null, $secure = null)
 {
     self::ready();
     SlConfigure::write($name, $value, false, 'cookie');
     self::$_cookies[] = $name;
     self::$_cookies = array_unique(self::$_cookies);
     if (empty($path)) {
         $path = SlConfigure::read('Sl.cookie.path');
     }
     if ($domain === null) {
         $domain = SlConfigure::read('Sl.cookie.domain');
     }
     if ($secure === null) {
         $secure = SlConfigure::read('Sl.cookie.secure');
     }
     $now = time();
     if (is_int($expires) || is_numeric($expires)) {
         $expires = $now + intval($expires);
     } elseif (is_string($expires)) {
         $expires = strtotime($expires, $now);
     }
     $value = serialize($value);
     if ($encrypt) {
         App::import('core', 'security');
         $value = "?" . base64_encode(Security::cipher($value, self::$_key));
     } else {
         $value = base64_encode($value);
     }
     setcookie(self::$_cookieName . "[{$name}]", $value, $expires, $path, $domain, $secure);
 }
 private function getConnection()
 {
     if (!$this->_connection) {
         $this->_connection = new TwitterOAuth(Security::cipher(base64_decode(Configure::read('Data.Twitter.consumerKey')), 'gummTwitterCypher'), Security::cipher(base64_decode(Configure::read('Data.Twitter.consumerSecret')), 'gummTwitterCypher'), Security::cipher(base64_decode(Configure::read('Data.Twitter.accessToken')), 'gummTwitterCypher'), Security::cipher(base64_decode(Configure::read('Data.Twitter.accessTokenSecret')), 'gummTwitterCypher'));
     }
     return $this->_connection;
 }
Ejemplo n.º 5
0
 public static function decrypt($value)
 {
     $self = self::getInstance();
     $prefix = strpos($value, 'U3BhZ2hldHRp.');
     if ($prefix !== false) {
         $encrypted = base64_decode(substr($value, $prefix + 13));
         return Security::cipher($encrypted, $self->key);
     }
     return false;
 }
Ejemplo n.º 6
0
 public function getUserInfo()
 {
     // Authデータの取得
     $authUserInfo = AuthComponent::user();
     // Authの場合
     if (!empty($authUserInfo)) {
         $authUserInfo['method'] = U_AUTH;
         unset($authUserInfo['password']);
         unset($authUserInfo['created']);
         unset($authUserInfo['modified']);
         return $authUserInfo;
     }
     // Cookieの場合
     if (isset($_COOKIE['tora']['User'])) {
         $tmpc = Security::cipher(base64_decode(substr($_COOKIE['tora']['User'], 8)), Configure::read('Security.salt'));
         $tmpcArray = json_decode($tmpc, true);
         $tmpfArray = $this->find('first', array('conditions' => array('User.id' => $tmpcArray['id']), 'fields' => array('User.id', 'User.username', 'User.nickname', 'User.stat')));
         $tmpfArray['User']['method'] = U_COOKIE;
         return $tmpfArray['User'];
     }
     // ない場合
     return array('method' => U_NONE);
 }
Ejemplo n.º 7
0
 public function changePassword()
 {
     $this->loadModel('User');
     $key = 'iznWsaal5lKhOKu4f7f0YagKW81ClEBXqVuTjrFovrXXtOggrqHdDJqkGXsQpHf';
     $userId = trim($this->request->data['user_id']);
     $password = trim($this->request->data['password']);
     $cpassword = trim($this->request->data['c_password']);
     $encrypted_password = Security::cipher($password, $key);
     if ($password == $cpassword) {
         if ($this->User->updateAll(array('password' => "'{$encrypted_password}'"), array('user_id' => $userId))) {
             $this->Session->write('pcmessage', 'password changed successfully');
             $this->redirect('../User/change_password');
         } else {
             $this->Session->write('pcmessage', 'Password not changed');
             $this->redirect('../User/change_password');
         }
     } else {
         $this->Session->write('pcmessage', 'password and confirm pasword different');
         $this->redirect('../User/change_password');
     }
 }
Ejemplo n.º 8
0
 /**
  * Decodes and decrypts a single value.
  *
  * @param string $value The value to decode & decrypt.
  * @return string Decoded value.
  */
 protected function _decode($value)
 {
     $prefix = 'Q2FrZQ==.';
     $pos = strpos($value, $prefix);
     if ($pos === false) {
         return $this->_explode($value);
     }
     $value = base64_decode(substr($value, strlen($prefix)));
     if ($this->_type === 'rijndael') {
         $plain = Security::rijndael($value, $this->key, 'decrypt');
     }
     if ($this->_type === 'cipher') {
         $plain = Security::cipher($value, $this->key);
     }
     if ($this->_type === 'aes') {
         $plain = Security::decrypt($value, $this->key);
     }
     return $this->_explode($plain);
 }
Ejemplo n.º 9
0
 /**
  * Checks whether the setting already exists and cleans the data array if it does.
  * This is used mainly by outside of the model functions which don't know if the Setting exists or not.
  *
  * @param {array}    An array of Setting data
  */
 private function _cleanSettingData($data, $append = false)
 {
     if (is_array($data['Setting']['value'])) {
         $settingValue = '';
         foreach ($data['Setting']['value'] as $key => $value) {
             if (is_array($value)) {
                 // Form->input('Setting.value.variable.key')
                 // turns into variable[key] = value
                 foreach ($value as $index => $val) {
                     $settingValue .= __('%s[%s] = "%s"%s', $key, $index, Sanitize::escape($val), PHP_EOL);
                 }
             } else {
                 // Form->input('Setting.value.variable)
                 // turns into variable = value
                 $settingValue .= __('%s = "%s"%s', $key, Sanitize::escape($value), PHP_EOL);
             }
         }
         $data['Setting']['value'] = $settingValue;
     }
     if (!empty($data['Setting'][0])) {
         $i = 0;
         foreach ($data['Setting'] as $setting) {
             if (is_array($setting['value'])) {
                 $newValue = null;
                 foreach ($setting['value'] as $key => $value) {
                     $newValue .= is_numeric($value) ? $key . ' = ' . $value . '' . PHP_EOL : $key . ' = "' . $value . '"' . PHP_EOL;
                 }
                 // end value loop
             } else {
                 $newValue = $setting['value'];
             }
             $data['Setting'][$i]['value'] = $newValue;
             $i++;
         }
         // end setting loop
         $data = $data['Setting'];
         // because we are using saveAll
     }
     // @todo break these out into individual setting function in a foreach loop that will
     // handle many and single records to save
     if (!empty($data['Setting']['name']) && !empty($data['Setting']['type'])) {
         // see if the setting already exists
         $setting = $this->find('first', array('conditions' => array('Setting.name' => $data['Setting']['name'], 'Setting.type' => $data['Setting']['type'])));
         if (!empty($setting)) {
             // if it does, then set the id, so that we over write instead of creating a new setting
             $data['Setting']['id'] = $setting['Setting']['id'];
         }
         if (!empty($append) && !empty($setting)) {
             $data['Setting']['value'] = $setting['Setting']['value'] . PHP_EOL . $data['Setting']['value'];
         }
     }
     // some values need to be encrypted.  We do that here (@todo put this in its own two
     // functions.  One for "encode" function, and one for which settings should be encoded,
     // so that we can specify all settings which need encryption, and reuse this instead
     // of the if (xxxx setting) thing.  And make the corresponding decode() function somehwere as well.
     if (!empty($data['Setting']['name']) && $data['Setting']['name'] == 'SMTP' && !parse_ini_string($data['Setting']['name'])) {
         $data['Setting']['value'] = 'smtp = "' . base64_encode(Security::cipher($data['Setting']['value'], Configure::read('Security.salt'))) . '"';
     }
     if (!empty($data['Query']) && $data['Setting']['name'] == 'ZUHA_DB_VERSION') {
         $data['Setting']['value'] = $data['Setting']['value'] + 0.0001;
     }
     return $data;
 }
Ejemplo n.º 10
0
 /**
  * Unciphes a string created by the secure method
  * 
  * @access public
  * @param string $param The string to be decrypted
  * @return string The original string
  */
 public static function unsecure($param)
 {
     $param = base64_decode(str_replace(array('*', '-'), array('/', '+'), $param));
     return Security::cipher(substr($param, 0, -2), substr($param, -2));
 }
Ejemplo n.º 11
0
 /**
  * Make sending email available to all controllers (AppModel calls to this function)
  *
  * @param mixed $toEmail	address to send email to
  * @param string $subject	subject of email
  * @param mixed $message	$message ['html'] in the layout will be replaced with this text
  * @param string $template	to be picked from folder for email. By default, if $mail is given in any template.
  * @param array $from		Seems to not be used.
  * @param array $attachment	list of file paths to add as email attachments
  * @return int				The return value is the number of recipients who were accepted for delivery.
  * @throws Exception
  */
 public function __sendMail($toEmail = null, $subject = null, $message = null, $template = 'default', $from = array(), $attachment = array())
 {
     $this->SwiftMailer = $this->Components->load('SwiftMailer');
     if (!defined('__SYSTEM_SMTP')) {
         throw new Exception(__('SMTP Settings not defined.'));
     }
     extract(unserialize(__SYSTEM_SMTP));
     $smtp = Security::cipher(base64_decode($smtp), Configure::read('Security.salt'));
     if (!parse_ini_string($smtp)) {
         throw new Exception(__('SMTP Ini parsing failed.'));
     }
     if (isset($toEmail['to']) && is_array($toEmail)) {
         $this->SwiftMailer->to = $toEmail['to'];
     } else {
         $this->SwiftMailer->to = $toEmail;
     }
     if (isset($toEmail['cc']) && is_array($toEmail)) {
         $this->SwiftMailer->cc = $toEmail['cc'];
     }
     if (isset($toEmail['bcc']) && is_array($toEmail)) {
         $this->SwiftMailer->bcc = $toEmail['bcc'];
     }
     if (isset($toEmail['replyTo']) && is_array($toEmail)) {
         $this->SwiftMailer->replyTo = $toEmail['replyTo'];
     }
     $this->SwiftMailer->template = $template;
     $this->SwiftMailer->attachments = $attachment;
     $this->SwiftMailer->layout = 'email';
     $this->SwiftMailer->sendAs = 'html';
     if ($message) {
         $this->SwiftMailer->content = $message . '<br /><br />' . $_SERVER['REMOTE_ADDR'];
         if (is_array($message) && isset($message['html'])) {
             $this->SwiftMailer->content = $message['html'] . '<br /><br />' . $_SERVER['REMOTE_ADDR'];
         } else {
             $message = array('html' => $message);
         }
         $this->set('message', $message);
     }
     $subject = $subject ? $subject : 'No Subject';
     return $this->SwiftMailer->send($template, $subject);
 }
Ejemplo n.º 12
0
 function login()
 {
     if ($this->Session->check('mobile_user') && intval($this->Session->read('mobile_user'))) {
         $this->layout = 'mobile';
         $this->view = 'mobile_login';
     } else {
         $this->layout = 'register';
     }
     if (!empty($this->request->data)) {
         if ($this->Auth->login()) {
             if ($this->Auth->user('is_activated')) {
                 if ($this->Auth->user('type') == USER_TYPE_TENANT) {
                     if ($this->Auth->user('property_id') > 0) {
                         // If property no longer active, then we must redirect
                         $this->loadModel('Property');
                         $this->Property->contain();
                         $userProp = $this->Property->findById($this->Auth->user('property_id'));
                         if ($userProp['Property']['active'] == 0) {
                             $this->redirect(array('controller' => 'Users', 'action' => 'propertydisabled', $this->User->id));
                         }
                     } else {
                         /*
                          *  If active user with no property_id they must have been removed from property
                          */
                         $this->Session->setFlash('You are no longer assigned to a property.  Please request a new property now.', 'flash_bad');
                         $redir_id = $this->Auth->User('id');
                         $this->Auth->logout();
                         $this->redirect(array('controller' => 'Users', 'action' => 'residentsearch', Security::cipher($redir_id, Configure::read('Security.salt2'))));
                     }
                 }
                 $this->redirect($this->Auth->redirect());
             } elseif (!$this->Auth->user('is_activated') && $this->Auth->user('invitebyemail')) {
                 $this->User->id = $this->Auth->user('id');
                 $this->User->saveField('is_activated', true);
                 /*
                  * Update the unit to occupied after the invite is sent.
                  */
                 if ($this->Auth->user('unit_id') > 0) {
                     $this->loadModel('Unit');
                     $this->Unit->id = $this->Auth->user('unit_id');
                     $this->Unit->saveField('occupied', 'Yes');
                 }
                 $this->redirect($this->Auth->redirect());
             } else {
                 $view = new View($this);
                 $html = $view->loadHelper('Html');
                 $resendLink = $html->link('Click Here', array('controller' => 'Users', 'action' => 'resendactivation', $this->Auth->user('id')));
                 /*
                  * previoustenant field can have following values
                  *  - 0 not a previous tenant
                  *  - 1 a previous tenant
                  *  - 2 a previous tenant awaiting a new activation
                  */
                 if ($this->Auth->user('previoustenant') == 1 && $this->Auth->user('type') == USER_TYPE_TENANT) {
                     /*
                      * Previous tenant, currently inactive, who is trying to log back in - so need to send
                      *  to page 2 of the tenant sign up process 
                      */
                     $data = array();
                     $data['User']['id'] = $this->Auth->User('id');
                     /* Set to 2 so we can differentiate - i.e. know they came through this way already */
                     //$data['User']['previoustenant'] = '2';
                     $data['User']['property_id'] = '0';
                     $data['User']['unit_id'] = '0';
                     $data['User']['requested_unit'] = '0';
                     $data['User']['activation_key'] = $this->User->genActivationHash();
                     $this->User->set($data);
                     if ($this->User->save($data, true, array('requested_unit', 'activation_key', 'property_id', 'unit_id'))) {
                         //debug($data);
                         $redir_id = $this->Auth->User('id');
                         $this->Auth->logout();
                         $this->redirect(array('controller' => 'Users', 'action' => 'residentsearch', Security::cipher($redir_id, Configure::read('Security.salt2'))));
                     } else {
                         $this->Session->setFlash('Error Signing Up. Please contact system admin.', 'flash_bad');
                     }
                 } else {
                     $this->Auth->logout();
                     $this->Session->setFlash('Sorry, your account is not yet activated.', 'flash_bad');
                     $this->redirect($this->Auth->redirect());
                 }
             }
         } else {
             $this->Session->setFlash('Invalid username or password.', 'flash_bad');
         }
     }
 }
Ejemplo n.º 13
0
 /**
  * Encrypts $value using public $type method in Security class
  *
  * @param string $value Value to encrypt
  *
  * @return string Encoded values
  */
 protected function _encrypt($value)
 {
     if (is_array($value)) {
         $value = $this->_implode($value);
     }
     if (!$this->_encrypted) {
         return $value;
     }
     $prefix = "Q2FrZQ==.";
     if ($this->_type === 'rijndael') {
         $cipher = Security::rijndael($value, $this->key, 'encrypt');
     }
     if ($this->_type === 'cipher') {
         $cipher = Security::cipher($value, $this->key);
     }
     if ($this->_type === 'aes') {
         $cipher = Security::encrypt($value, $this->key);
     }
     return $prefix . base64_encode($cipher);
 }
Ejemplo n.º 14
0
 function importData($id)
 {
     $this->Project->id = $id;
     if (!$this->Project->exists()) {
         throw new NotFoundException(__('Invalid proyect'));
     }
     //!$this->Project->exists()
     if ($this->request->is('post') || $this->request->is('put')) {
         $this->autoRender = false;
         if ($this->request->data['Project']['File']['size'] > 0) {
             $file = new File($this->request->data['Project']['File']['tmp_name']);
             $contents = $file->read();
             $contents = Security::cipher($contents, Configure::read('Security.salt'));
             $data = json_decode($contents, true);
             if (!empty($data)) {
                 $this->Session->delete('confrontationResult');
                 $this->Session->delete('confrontationSettingsData');
                 $this->Session->delete('confrontationDualResult');
                 $this->Session->delete('confrontationPostedData');
                 $this->Session->write('confrontationResult', $data['confrontationResult']);
                 $this->Session->write('confrontationSettingsData', $data['confrontationSettingsData']);
                 $this->Session->write('confrontationDualResult', $data['confrontationDualResult']);
                 $this->Session->write('confrontationPostedData', $data['confrontationPostedData']);
                 $redirect = null;
                 switch ($data['tableToLoad']) {
                     case 'confrontationMultiRound':
                         $redirect = "confrontationMultiRound";
                         break;
                     case 'confrontationMultiUser':
                         $redirect = "confrontationMultiUser";
                         break;
                     case 'confrontationDual':
                         $redirect = "confrontationDual";
                         break;
                     case 'FScore2Users':
                         $redirect = "confrontationFscoreUsers";
                         break;
                     case 'FScore2Rounds':
                         $redirect = "confrontationFscoreRounds";
                         break;
                     default:
                         throw new Exception("Error Processing Request, error: " . $data['tableToLoad'], 1);
                 }
                 if ($redirect == null) {
                     $this->Session->setFlash('This file is to load the table: ' . $data['tableToLoad']);
                     $this->redirect(array('controller' => 'projects', 'action' => 'loadTable', $this->Project->id));
                 } else {
                     $this->redirect(array('controller' => 'projects', 'action' => $redirect));
                 }
             }
         } else {
             $this->Session->setFlash('Please select file');
             $this->redirect(array('controller' => 'projects', 'action' => 'importData', $this->Project->id));
         }
         $this->Session->setFlash('This file is corrupted');
         $this->redirect(array('controller' => 'projects', 'action' => 'index'));
     }
     $this->set('project_id', $this->Project->id);
 }
Ejemplo n.º 15
0
 /**
  * testCipherEmptyKey method
  *
  * @expectedException PHPUnit_Framework_Error
  * @return void
  */
 public function testCipherEmptyKey()
 {
     $txt = 'some_text';
     $key = '';
     Security::cipher($txt, $key);
 }
Ejemplo n.º 16
0
 /**
  * convert url 
  * 
  */
 public function index($hasp = null)
 {
     if (empty($hasp)) {
         $this->user_id = $this->User->getUserIdByAPIToken(@$this->request->data['api_token']);
         if (!empty($this->user_id)) {
             $str = $this->randomString();
             $authHash = $this->safe_b64encode(Security::cipher($this->user_id . self::PREFIX . $str, Configure::read('Security.salt')));
             $result = $this->getContentEmail($authHash);
             return $this->responseOk($result);
         } else {
             return $this->responseNg();
         }
     } else {
         $authLogin = explode(self::PREFIX, Security::cipher(base64_decode($hasp), Configure::read('Security.salt')));
         $client_ip = $this->getIPadress();
         if (count($authLogin) > 1) {
             $user_id = $authLogin[0];
             $ret = $this->User->find('first', array('conditions' => array('id' => $user_id)));
             if (empty($ret)) {
                 return $this->redirect(self::APP_STORE);
             }
             $user_share = $this->UserShare->find("first", array("conditions" => array("user_id" => $user_id, "client_ip" => $client_ip)));
             if (!empty($client_ip) && empty($user_share)) {
                 $this->UserShare->create();
                 $dataSave = array("user_id" => $user_id, "client_ip" => $client_ip);
                 $this->UserShare->save($dataSave);
             }
         }
         return $this->redirect(self::APP_STORE);
     }
 }
Ejemplo n.º 17
0
 /**
  * Initialize component
  *
  * @param Object $controller reference to controller
  * @access Public
  */
 public function __construct(ComponentCollection $collection, $settings = array())
 {
     $this->_controller = $collection->getController();
     if (defined('__SYSTEM_SMTP')) {
         extract(unserialize(__SYSTEM_SMTP));
         $smtp = base64_decode($smtp);
         $smtp = Security::cipher($smtp, Configure::read('Security.salt'));
         if (@($smtp = parse_ini_string($smtp))) {
             $this->smtpUsername = !empty($smtp['smtpUsername']) ? $smtp['smtpUsername'] : $this->smtpUsername;
             $this->smtpPassword = !empty($smtp['smtpPassword']) ? $smtp['smtpPassword'] : $this->smtpPassword;
             $this->smtpHost = !empty($smtp['smtpHost']) ? $smtp['smtpHost'] : $this->smtpHost;
             $this->smtpPort = !empty($smtp['smtpPort']) ? $smtp['smtpPort'] : $this->smtpPort;
             $this->from = !empty($smtp['from']) ? $smtp['from'] : $this->from;
             $this->fromName = !empty($smtp['fromName']) ? $smtp['fromName'] : $this->fromName;
             // debug($this->smtpUsername);
             // debug($this->smtpPassword);
             // debug($this->smtpHost);
             // debug($this->smtpPort);
             // debug($this->from);
             // debug($this->fromName);
             // exit;
         } else {
             return false;
         }
     } else {
         return false;
     }
     parent::__construct($collection, $settings);
 }
Ejemplo n.º 18
0
 /**
  * testCipher method
  *
  * @access public
  * @return void
  */
 function testCipher()
 {
     $length = 10;
     $txt = '';
     for ($i = 0; $i < $length; $i++) {
         $txt .= mt_rand(0, 255);
     }
     $key = 'my_key';
     $result = Security::cipher($txt, $key);
     $this->assertEqual(Security::cipher($result, $key), $txt);
     $txt = '';
     $key = 'my_key';
     $result = Security::cipher($txt, $key);
     $this->assertEqual(Security::cipher($result, $key), $txt);
     $txt = 'some_text';
     $key = '';
     $result = Security::cipher($txt, $key);
     $this->assertError();
     $this->assertIdentical($result, '');
 }
 /**
  * Decrypt value
  *
  * @param string $value Value to decrypt
  * @param array $settings Config settings
  * @return string Decrypted value
  */
 public function decrypt($value, $settings)
 {
     if ($settings['cipher'] == 'cake') {
         return Security::cipher($value, $settings['key']);
     }
     return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($settings['key']), base64_decode($value), MCRYPT_MODE_CBC, md5(md5($settings['key']))), "");
 }