function decrypt($string) { global $secretkey; if (empty($string)) { return ''; } if (empty($secretkey) || $secretkey == 'UijSY5wjP1Ii') { return html_error("Value for \$secretkey is empty or use default secretkey value, please create a random one (56 chars max) in your configs/config.php!", 0); } require_once 'class.pcrypt.php'; /* MODE: MODE_ECB or MODE_CBC ALGO: BLOWFISH KEY: Your secret key :) (max lenght: 56) */ $crypt = new pcrypt(MODE_CBC, "BLOWFISH", "{$secretkey}"); // Return decrypted string return $crypt->decrypt($string); }
function decrypt($string) { global $secretkey; if (!$secretkey) { return html_error('Value for $secretkey is empty, please create a random one (56 chars max) in accounts.php!'); } require_once 'class.pcrypt.php'; /* MODE: MODE_ECB or MODE_CBC ALGO: BLOWFISH KEY: Your secret key :) (max lenght: 56) */ $crypt = new pcrypt(MODE_CBC, 'BLOWFISH', "{$secretkey}"); // to decrypt $decrypted = $crypt->decrypt($string); return $decrypted; }
<?php // if the action is not purchase, we don't need to continue. if ($_POST['action'] !== 'purchase') { return; } // if the purchases functionality has not been enabled, we do not need to continue. if ($mybb->settings['lock_purchases_enabled'] != true) { return; } $key = $mybb->settings['lock_key']; // include the pcrypt class, so we can decrypt the sent info. require_once __DIR__ . '/../pcrypt.php'; $pcrypt = new pcrypt(MODE_ECB, "BLOWFISH", $key); // convert the sent info back into json data $json = $pcrypt->decrypt(base64_decode($_POST['info'])); // if the data is indeed json data if ($info = json_decode($json)) { // if the data has been successfully turned back into an object. if (is_object($info)) { // if the cost and post id are not numbers, return an error. if (!is_numeric($info->cost) || !is_numeric($info->pid)) { error("Something went wrong: NaN"); } // check whether the current user has already unlocked the content $query = $db->write_query("SELECT uid,unlocked FROM " . TABLE_PREFIX . "posts WHERE pid='{$info->pid}'"); $post = $db->fetch_array($query); $allowed = explode(',', $post['unlocked']); if (!is_array($allowed)) { $allowed = array(); }