/**
* RIJNDAEL 256: two-way encryption/decryption, with a URL-safe base64 wrapper.
*
* Falls back on XOR encryption/decryption when/if mcrypt is not possible.
*
* @package optimizeMember\Utilities
* @since 3.5
*
* @param str $string A string of data to encrypt.
* @param str $key Optional. Key used for encryption. Defaults to the one configured for optimizeMember. Short of that, defaults to: ``wp_salt()``.
* @param bool $w_md5_cs Optional. Defaults to true. When true, an MD5 checksum is used in the encrypted string *( recommended )*.
* @return str Encrypted string.
*/
public static function encrypt($string = FALSE, $key = FALSE, $w_md5_cs = TRUE)
{
if (function_exists("mcrypt_encrypt") && in_array("rijndael-256", mcrypt_list_algorithms()) && in_array("cbc", mcrypt_list_modes())) {
$string = is_string($string) ? $string : "";
$string = strlen($string) ? "~r2|" . $string : "";
/**/
$key = c_ws_plugin__optimizemember_utils_encryption::key($key);
$key = substr($key, 0, mcrypt_get_key_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC));
/**/
$iv = c_ws_plugin__optimizemember_utils_strings::random_str_gen(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC), false);
/**/
if (strlen($string) && is_string($e = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $string, MCRYPT_MODE_CBC, $iv)) && strlen($e)) {
$e = "~r2:" . $iv . ($w_md5_cs ? ":" . md5($e) : "") . "|" . $e;
}
/**/
return isset($e) && is_string($e) && strlen($e) ? $base64 = c_ws_plugin__optimizemember_utils_strings::base64_url_safe_encode($e) : "";
} else {
/* Fallback on XOR encryption. */
return c_ws_plugin__optimizemember_utils_encryption::xencrypt($string, $key, $w_md5_cs);
}
}
/**
* Generates a PayPal Proxy Key, for simulated IPN responses.
*
* @package optimizeMember\PayPal
* @since 3.5
*
* @return str A Proxy Key. It's an MD5 Hash, 32 chars, URL-safe.
*/
public static function paypal_proxy_key_gen()
{
global $current_site, $current_blog;
/* Multisite Networking. */
/**/
eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
do_action("ws_plugin__optimizemember_before_paypal_proxy_key_gen", get_defined_vars());
unset($__refs, $__v);
/* Unset defined __refs, __v. */
/**/
if (is_multisite() && !is_main_site()) {
$key = md5(c_ws_plugin__optimizemember_utils_encryption::xencrypt($current_blog->domain . $current_blog->path, false, false));
} else {
/* Else it's a standard Proxy Key; not on a Multisite Network, or not on the Main Site anyway. */
$key = md5(c_ws_plugin__optimizemember_utils_encryption::xencrypt(preg_replace("/\\:[0-9]+\$/", "", $_SERVER["HTTP_HOST"]), false, false));
}
/**/
return apply_filters("ws_plugin__optimizemember_paypal_proxy_key_gen", $key, get_defined_vars());
}
/**
* Generates an API Key, for Remote Operations.
*
* @package optimizeMember\API_Remote_Ops
* @since 110713
*
* @return str An API Key. It's an MD5 Hash, 32 chars, URL-safe.
*/
public static function remote_ops_key_gen()
{
global $current_site, $current_blog;
/**/
if (is_multisite() && !is_main_site()) {
$key = md5(c_ws_plugin__optimizemember_utils_encryption::xencrypt($current_blog->domain . $current_blog->path, false, false));
} else {
/* Else it's a standard API Key; not on a Multisite Network, or not on the Main Site anyway. */
$key = md5(c_ws_plugin__optimizemember_utils_encryption::xencrypt(preg_replace("/\\:[0-9]+\$/", "", $_SERVER["HTTP_HOST"]), false, false));
}
/**/
return apply_filters("ws_plugin__optimizemember_pro_remote_ops_key", !empty($key) ? $key : "");
}
function optimizemember_xencrypt($string = FALSE, $key = FALSE, $w_md5_cs = TRUE)
{
return c_ws_plugin__optimizemember_utils_encryption::xencrypt($string, $key, $w_md5_cs);
}
/**
* Creates a File Download Key.
*
* Builds a hash of: ``date("Y-m-d") . $_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"] . $file``.
*
* @package optimizeMember\Files
* @since 3.5
*
* @param str $file Location of your protected file, relative to the `/optimizemember-files/` directory.
* In other words, just the name of the file *(i.e. `file.zip` )*.
* @param str $directive Optional. One of `ip-forever|universal|cache-compatible`.
* `ip-forever` = a Download Key that never expires, tied only to a specific file and IP address.
* `universal` and/or `cache-compatible` = a Download Key which never expires, and is NOT tied to any specific User. Use at your own risk.
* @return str A Download Key. MD5 hash, 32 characters, URL-safe.
*/
public static function file_download_key($file = FALSE, $directive = FALSE)
{
eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
do_action("ws_plugin__optimizemember_before_file_download_key", get_defined_vars());
unset($__refs, $__v);
/* Unset defined __refs, __v. */
/**/
$file = $file && is_string($file) && ($file = trim($file, "/")) ? $file : "";
/**/
if ($directive === "ip-forever" && c_ws_plugin__optimizemember_no_cache::no_cache_constants(true)) {
$salt = $file . $_SERVER["REMOTE_ADDR"];
} else {
if ($directive === "universal" || $directive === "cache-compatible" || $directive) {
$salt = $file;
} else {
if (c_ws_plugin__optimizemember_no_cache::no_cache_constants(true)) {
$salt = date("Y-m-d") . $_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"] . $file;
}
}
}
/**/
$key = !empty($salt) ? md5(c_ws_plugin__optimizemember_utils_encryption::xencrypt($salt, false, false)) : "";
/**/
return apply_filters("ws_plugin__optimizemember_file_download_key", $key, get_defined_vars());
}
