Ejemplo n.º 1
0
 public static function decode_mime_fileurl($y_enc_msg_file, $y_ctrl_key)
 {
     //--
     $y_enc_msg_file = (string) trim((string) $y_enc_msg_file);
     if ((string) $y_enc_msg_file == '') {
         Smart::log_warning('Mail-Utils / Decode Mime File URL: Empty Message File Path has been provided. This means the URL link will be unavaliable (empty) to assure security protection.');
         return '';
     }
     //end if
     if (!SmartFileSysUtils::check_file_or_dir_name($y_enc_msg_file)) {
         Smart::log_warning('Mail-Utils / Decode Mime File URL: Invalid Message File Path has been provided. This means the URL link will be unavaliable (empty) to assure security protection. Message File: ' . $y_enc_msg_file);
         return '';
     }
     //end if
     //--
     $y_ctrl_key = (string) trim((string) $y_ctrl_key);
     if ((string) $y_ctrl_key == '') {
         Smart::log_warning('Mail-Utils / Decode Mime File URL: Empty Controller Key has been provided. This means the URL link will be unavaliable (empty) to assure security protection.');
         return '';
     }
     //end if
     if (SMART_FRAMEWORK_ADMIN_AREA === true) {
         // {{{SYNC-ENCMIMEURL-CTRL-PREFIX}}}
         $y_ctrl_key = (string) 'AdminMailUtilArea/' . $y_ctrl_key;
     } else {
         $y_ctrl_key = (string) 'IndexMailUtilArea/' . $y_ctrl_key;
     }
     //end if
     //--
     $the_sep_arr = (array) self::mime_separe_part_link($y_enc_msg_file);
     $y_enc_msg_file = (string) $the_sep_arr['msg'];
     $the_msg_part = (string) $the_sep_arr['part'];
     unset($the_sep_arr);
     //--
     $arr = array();
     // {{{SYNC-MIME-ENCRYPT-ARR}}}
     $arr['error'] = '';
     // by default, no error
     //--
     if ((string) SMART_APP_VISITOR_COOKIE == '') {
         $arr['error'] = 'WARNING: Access Forbidden ... No Visitor ID set ...!';
         return (array) $arr;
     }
     //end if
     //--
     if ((string) $the_msg_part != '') {
         $the_msg_part = strtolower(trim((string) SmartUtils::url_hex_decode((string) $the_msg_part)));
     }
     //end if
     //--
     $decoded_link = trim((string) SmartUtils::crypto_decrypt((string) $y_enc_msg_file, 'SmartFramework//MimeLink' . SMART_FRAMEWORK_SECURITY_KEY));
     $dec_arr = (array) explode("\n", trim((string) $decoded_link));
     //print_r($dec_arr);
     //--
     $arr['creation-time'] = trim((string) $dec_arr[0]);
     $arr['message-file'] = trim((string) $dec_arr[1]);
     $arr['message-part'] = trim((string) $the_msg_part);
     $arr['access-key'] = trim((string) $dec_arr[2]);
     $arr['bw-unique-key'] = trim((string) $dec_arr[3]);
     $arr['sf-robot-key'] = trim((string) $dec_arr[4]);
     //-- check if file path is valid
     if ((string) $arr['message-file'] == '') {
         $arr = array();
         $arr['error'] = 'ERROR: Empty Message Path ...';
         return (array) $arr;
     }
     //end if
     if (!SmartFileSysUtils::check_file_or_dir_name($arr['message-file'])) {
         $arr = array();
         $arr['error'] = 'ERROR: Unsafe Message Path Access ...';
         return (array) $arr;
     }
     //end if
     //--
     $browser_os_ip_identification = SmartUtils::get_os_browser_ip();
     // get browser and os identification
     //-- re-compose the access key
     $crrtime = (int) $arr['creation-time'];
     $access_key = sha1('MimeLink:' . SMART_SOFTWARE_NAMESPACE . '-' . SMART_FRAMEWORK_SECURITY_KEY . '-' . SMART_APP_VISITOR_COOKIE . ':' . $arr['message-file'] . '>' . $y_ctrl_key);
     $uniq_key = sha1('Time=' . $crrtime . '#' . SMART_SOFTWARE_NAMESPACE . '-' . SMART_FRAMEWORK_SECURITY_KEY . '-' . $access_key . '-' . SmartUtils::unique_auth_client_private_key() . ':' . $arr['message-file'] . '>' . $y_ctrl_key);
     $self_robot_key = sha1('Time=' . $crrtime . '#' . SmartAuth::get_login_id() . '*' . SMART_SOFTWARE_NAMESPACE . '-' . SMART_FRAMEWORK_SECURITY_KEY . '-' . trim($browser_os_ip_identification['signature']) . '$' . $access_key . ':' . $arr['message-file'] . '>' . $y_ctrl_key);
     //-- check access key
     if ((string) $arr['error'] == '') {
         if ((string) $access_key != (string) $arr['access-key']) {
             $arr = array();
             $arr['error'] = 'ERROR: Access Forbidden ... Invalid ACCESS KEY ...';
         }
         //end if
     }
     //end if
     //-- check the client key
     if ((string) $arr['error'] == '') {
         //--
         $ok_client_key = false;
         //--
         if ((string) $the_msg_part == '' and (string) $arr['bw-unique-key'] == (string) $uniq_key) {
             // no message part, allow only client browser
             $ok_client_key = true;
         } elseif ((string) $the_msg_part != '' and ((string) $arr['bw-unique-key'] == (string) $uniq_key or (string) $browser_os_ip_identification['bw'] == '@s#' and (string) $arr['sf-robot-key'] == (string) $self_robot_key)) {
             $ok_client_key = true;
         } else {
             $ok_client_key = false;
         }
         //end if else
         //--
         if ($ok_client_key != true) {
             $arr = array();
             $arr['error'] = 'ERROR: Access Forbidden ... Invalid CLIENT KEY ...';
         }
         //end if
         //--
     }
     //end if
     //--
     return (array) $arr;
     //--
 }