/**
* This file is a part of MyWebSQL package
*
* @file: modules/splash.php
* @author Samnan ur Rehman
* @copyright (c) 2008-2012 Samnan ur Rehman
* @web http://mywebsql.net
* @license http://mywebsql.net/license
*/
function getSplashScreen($msg = '', $formCode = '')
{
if ($formCode) {
$formCode = '<div class="login"><form method="post" action="" name="dbform" id="dbform" style="text-align:center">' . $formCode . '</form></div>';
}
$scripts = "jquery";
$extraScript = "";
if (secureLoginPage()) {
$scripts = "jquery,encrypt";
$e = Session::get('auth_enc', 'e');
$d = Session::get('auth_enc', 'd');
$n = Session::get('auth_enc', 'n');
$keyLength = 128;
if (!$e || !$d || !$n) {
$enc_lib = BASE_PATH . (extension_loaded('openssl') && extension_loaded('gmp') && extension_loaded('bcmath') ? "/lib/external/jcryption.php" : "/lib/external/jcryption-legacy.php");
require_once $enc_lib;
$jCryption = new jCryption();
$keys = $jCryption->generateKeypair($keyLength);
$e = array("int" => $keys["e"], "hex" => $jCryption->dec2string($keys["e"], 16));
$d = array("int" => $keys["d"], "hex" => $jCryption->dec2string($keys["d"], 16));
$n = array("int" => $keys["n"], "hex" => $jCryption->dec2string($keys["n"], 16));
Session::set('auth_enc', 'e', $e);
Session::set('auth_enc', 'd', $d);
Session::set('auth_enc', 'n', $n);
}
$keyData = '{"e":"' . $e["hex"] . '","n":"' . $n["hex"] . '","maxdigits":"' . intval($keyLength * 2 / 16 + 3) . '"}';
$extraScript = '<script language="javascript" type="text/javascript">
$(function() {
$.jCryption.defaultOptions.getKeysURL = ' . $keyData . ';
$("#dbform").jCryption();
});
</script>';
}
$replace = array('MESSAGE' => $msg ? '<div class="msg">' . htmlspecialchars($msg) . '</div>' : '', 'FORM' => $formCode, 'APP_VERSION' => APP_VERSION, 'PROJECT_SITEURL' => PROJECT_SITEURL, 'SCRIPTS' => $scripts, 'EXTRA_SCRIPT' => $extraScript);
return view('splash', $replace);
}
}
}
//update LOG
logEvents('admin_action', 'Emails backlog', $_SESSION['user_id'], $_SESSION['login']);
echo '[{"result":"admin_email_send_backlog", ' . @sendEmail($LANG['admin_email_test_subject'], $LANG['admin_email_test_body'], $_SESSION['settings']['email_from']) . '}]';
break;
/*
* Generate exchanges encryption keys
*/
/*
* Generate exchanges encryption keys
*/
case "admin_action_generate_encrypt_keys":
require_once "../includes/libraries/jCryption/jcryption.php";
$keyLength = 1024;
$jCryption = new jCryption();
$numberOfPairs = 100;
$arrKeyPairs = array();
for ($i = 0; $i < $numberOfPairs; $i++) {
$arrKeyPairs[] = $jCryption->generateKeypair($keyLength);
}
$file = array();
$file[] = '<?php';
$file[] = '$arrKeys = ';
$file[] = var_export($arrKeyPairs, true);
$file[] = ';';
file_put_contents(SECUREPATH . "/" . $numberOfPairs . "_" . $keyLength . "_keys.inc.php", implode("\n", $file));
echo '[{"result":"generated_keys_file", "error":""}]';
break;
/*
* Correct passwords prefix
<?php
session_start();
require_once "../../jcryption.php";
$keyLength = 256;
$jCryption = new jCryption();
if (isset($_GET["generateKeypair"])) {
$keys = $jCryption->generateKeypair($keyLength);
$_SESSION["e"] = array("int" => $keys["e"], "hex" => $jCryption->dec2string($keys["e"], 16));
$_SESSION["d"] = array("int" => $keys["d"], "hex" => $jCryption->dec2string($keys["d"], 16));
$_SESSION["n"] = array("int" => $keys["n"], "hex" => $jCryption->dec2string($keys["n"], 16));
echo '{"e":"' . $_SESSION["e"]["hex"] . '","n":"' . $_SESSION["n"]["hex"] . '","maxdigits":"' . intval($keyLength * 2 / 16 + 3) . '"}';
} else {
$var = $jCryption->decrypt($_POST['jCryption'], $_SESSION["d"]["int"], $_SESSION["n"]["int"]);
echo $var;
}
//saving connection to variable
$config = new config();
$con = mysql_connect($config->getUserManagerDomain(), $config->getUserManagerUser(), $config->getUserManagerPass());
//checking to see if connection exists
if (!$con) {
die('Could not connect:' . mysql_error());
}
//connect to database
mysql_select_db($config->getUserManagerDB(), $con);
//querying the table and setting it to a variable
$result = mysql_query("SELECT * FROM UserInfo WHERE Email = '{$user}'");
if ($result) {
$row = mysql_fetch_array($result);
}
if ($row['Email'] == $user && $row['Email'] != '') {
$jCryption = new jCryption();
$var = $jCryption->decrypt($password, $_SESSION["d"]["int"], $_SESSION["n"]["int"]);
if ($row['Password'] == $var) {
//$sessionid = uniqid();
//$UserId = $row['UserId'];
//$clientIp = $_SERVER['REMOTE_ADDR'];
//mysql_query("DELETE FROM Session WHERE UserId='$UserId' AND ClientIp='$clientIp'");
//mysql_query("INSERT INTO Session (UserId, ClientIp, SessionKey) VALUES ('$UserId', '$clientIp', '$sessionid')");
echo 'Logged in!';
//create session here
} else {
echo "User found but password incorrect.";
}
} else {
echo "User not found.";
}
private function getAuthCustom()
{
$server = $this->getDefaultServer();
$username = $password = '';
if (secureLoginPage() && isset($_POST['mywebsql_auth'])) {
$enc_lib = BASE_PATH . (extension_loaded('openssl') && extension_loaded('gmp') ? "/lib/external/jcryption.php" : "/lib/external/jcryption-legacy.php");
require_once $enc_lib;
$jCryption = new jCryption();
$d = Session::get('auth_enc', 'd');
$n = Session::get('auth_enc', 'n');
if (!isset($d['int']) || !isset($n['int'])) {
return $this->setError('Invalid Credentials');
}
$decoded = $jCryption->decrypt($_POST['mywebsql_auth'], $d['int'], $n['int']);
if (!$decoded) {
return $this->setError('Invalid Credentials');
}
parse_str($decoded, $info);
$server = $this->getServer(v($info['server']));
$username = v($info['auth_user']);
$password = v($info['auth_pwd']);
} else {
if (isset($_POST['auth_user']) && isset($_POST['auth_pwd'])) {
$server = $this->getServer(v($_POST['server']));
$username = v($_POST['auth_user']);
$password = v($_POST['auth_pwd']);
}
}
return $this->custom_auth->authenticate($username, $password, $server);
return false;
}
<?php
session_start();
require_once "../../jcryption.php";
$keyLength = 1024;
$jCryption = new jCryption();
if (isset($_GET["generateKeypair"])) {
require_once "../../100_1024_keys.inc.php";
$keys = $arrKeys[mt_rand(0, 100)];
$_SESSION["e"] = array("int" => $keys["e"], "hex" => $jCryption->dec2string($keys["e"], 16));
$_SESSION["d"] = array("int" => $keys["d"], "hex" => $jCryption->dec2string($keys["d"], 16));
$_SESSION["n"] = array("int" => $keys["n"], "hex" => $jCryption->dec2string($keys["n"], 16));
echo '{"e":"' . $_SESSION["e"]["hex"] . '","n":"' . $_SESSION["n"]["hex"] . '","maxdigits":"' . intval($keyLength * 2 / 16 + 3) . '"}';
} else {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Result</title>
<style type="text/css">
html,body {
margin:0;
padding:0;
font-family:Tahoma;
font-size:12px;
}
</style>
</head>
<body>
public function ShowLogin($is_https, &$msg)
{
$timedout = UIBase::GrabInput('get', 'timedout', 'int');
$logoff = UIBase::GrabInput('get', 'logoff', 'int');
$msg = '';
if ($timedout == 1 || $logoff == 1) {
$this->clear();
if ($timedout == 1) {
$msg = DMsg::Err('err_sessiontimeout');
} else {
$msg = DMsg::Err('err_loggedoff');
}
} else {
if ($this->IsValid()) {
return FALSE;
}
}
$userid = NULL;
$pass = NULL;
if (isset($_POST['jCryption'])) {
$jCryption = new jCryption();
$var = $jCryption->decrypt($_POST['jCryption'], $_SESSION['d_int'], $_SESSION['n_int']);
unset($_SESSION['d_int']);
unset($_SESSION['n_int']);
parse_str($var, $result);
$userid = $result['userid'];
$pass = $result['pass'];
} else {
if ($is_https && isset($_POST['userid'])) {
$userid = UIBase::GrabGoodInput('POST', 'userid');
$pass = UIBase::GrabInput('POST', 'pass');
}
}
if ($userid != NULL) {
if ($this->authenticate($userid, $pass) === TRUE) {
return FALSE;
} else {
$msg = DMsg::Err('err_login');
}
}
return TRUE;
}
$e_hex = RSAKeyImport::dec2string($e_int, 16);
$n_hex = RSAKeyImport::dec2string($n_int, 16);
$mykeys = array('e_hex' => $e_hex, 'n_hex' => $n_hex, 'd_int' => $d_int, 'n_int' => $n_int);
return $mykeys;
}
}
## main
# openssl genrsa -out key.pem 512
$mykeys = NULL;
if (isset($argv[1])) {
$pemfile = $argv[1];
$mykeys = RSAKeyImport::import_and_convert($pemfile);
}
if ($mykeys == FALSE) {
echo "Using php to generate keys, please be patient ... \n";
$keyLength = 512;
$jCryption = new jCryption();
$keys = $jCryption->generateKeypair($keyLength);
$e_hex = $jCryption->dec2string($keys['e'], 16);
$n_hex = $jCryption->dec2string($keys['n'], 16);
$mykeys = array('e_hex' => $e_hex, 'n_hex' => $n_hex, 'd_int' => $keys['d'], 'n_int' => $keys['n']);
}
$keyfile = '../conf/jcryption_keypair';
$serialized_str = serialize($mykeys);
$result = file_put_contents($keyfile, $serialized_str);
chmod($keyfile, 0600);
if ($result == TRUE) {
exit(0);
} else {
exit(1);
}
