/** * singleton method used to instantiate class object * @access public * @return \EE_Encryption */ public static function instance() { // check if class object is instantiated if (!self::$_instance instanceof EE_Encryption) { self::$_instance = new self(); } return self::$_instance; }
/** * @attempt to get IP address of current visitor from server * @access public * @return string */ private function _save_session_to_db() { do_action('AHEE_log', __FILE__, __FUNCTION__, ''); if (!EE_Registry::instance()->REQ instanceof EE_Request_Handler || !(EE_Registry::instance()->REQ->is_espresso_page() || EE_Registry::instance()->REQ->front_ajax)) { return FALSE; } // first serialize all of our session data $session_data = serialize($this->_session_data); // encrypt it if we are using encryption $session_data = $this->_use_encryption ? $this->encryption->encrypt($session_data) : $session_data; // we're using the Transient API for storing session data, cuz it's so damn simple -> set_transient( transient ID, data, expiry ) return set_transient('ee_ssn_' . $this->_sid, $session_data, $this->_lifespan) ? TRUE : FALSE; }
/** * _save_session_to_db * * @access public * @return string */ private function _save_session_to_db() { if (!EE_Registry::instance()->REQ instanceof EE_Request_Handler || !(EE_Registry::instance()->REQ->is_espresso_page() || EE_Registry::instance()->REQ->front_ajax)) { return FALSE; } // first serialize all of our session data $session_data = serialize($this->_session_data); // encrypt it if we are using encryption $session_data = $this->_use_encryption ? $this->encryption->encrypt($session_data) : $session_data; // maybe save hash check if (apply_filters('FHEE__EE_Session___perform_session_id_hash_check', WP_DEBUG)) { set_transient(EE_Session::hash_check_prefix . $this->_sid, md5($session_data), $this->_lifespan); } // we're using the Transient API for storing session data, cuz it's so damn simple -> set_transient( transient ID, data, expiry ) return set_transient(EE_Session::session_id_prefix . $this->_sid, $session_data, $this->_lifespan); }
/** * @get encryption key * @access public * @return string */ public function get_encryption_key() { // if encryption key has not been set if (empty(self::$_encryption_key)) { // retrieve encryption_key from db self::$_encryption_key = get_option('ee_encryption_key'); // WHAT?? No encryption_key in the db ?? if (self::$_encryption_key == FALSE) { // let's make one. And md5 it to make it just the right size for a key $new_key = md5(self::generate_random_string()); // now save it to the db for later add_option('ee_encryption_key', $new_key); // here's the key - FINALLY ! self::$_encryption_key = $new_key; } } return self::$_encryption_key; }
/** * process_bot_trap * * @access public * @return void */ public static function process_bot_trap() { // what's your email address Mr. Bot ? $empty_trap = isset($_REQUEST['tkt-slctr-request-processor-email']) && $_REQUEST['tkt-slctr-request-processor-email'] == '' ? true : false; // get encrypted timestamp for when the form was originally displayed $bot_trap_timestamp = isset($_REQUEST['tkt-slctr-request-processor-token']) ? sanitize_text_field($_REQUEST['tkt-slctr-request-processor-token']) : ''; // decrypt and convert to absolute integer if (EE_Registry::instance()->CFG->registration->use_encryption) { EE_Registry::instance()->load_core('EE_Encryption'); $bot_trap_timestamp = absint(EE_Encryption::instance()->decrypt($bot_trap_timestamp)); } else { $bot_trap_timestamp = absint($bot_trap_timestamp); } // ticket form submitted too impossibly fast ( after now ) or more than an hour later ??? $suspicious_timing = $bot_trap_timestamp > time() || $bot_trap_timestamp < time() - HOUR_IN_SECONDS ? true : false; // are we human ? if ($empty_trap && !$suspicious_timing) { return; } // UH OH... $redirect_url = add_query_arg(array('ee' => 'ticket_selection_received'), EE_Registry::instance()->CFG->core->reg_page_url()); if ($suspicious_timing) { $redirect_url = add_query_arg(array('ee-notice' => urlencode(__('We\'re sorry, but your ticket selections could not be processed due to a server timing error. Please hit the back button on your browser and try again.', 'event_espresso'))), $redirect_url); } wp_safe_redirect(apply_filters('FHEE__EED_Bot_Trap__process_bot_trap__redirect_url', $redirect_url)); exit; }