die('Unable to encrypt this field. Sorry'); } // ready to create our field! // for now we just create an entry in the db ready to go. $encrypt_field_id = update_insert('encrypt_field_id', 0, 'encrypt_field', array('page_name' => $page_name, 'field_name' => $encrypt_field_name, 'encrypt_key_id' => 0)); } if (!$encrypt_field_id) { die('no encrypt field id'); } $encrypt_field = module_encrypt::get_encrypt_field($encrypt_field_id); //if(!$encrypt_field||$encrypt_field['encrypt_field_id']!=$encrypt_field_id)die('invalid field specified'); $callback_id = isset($_REQUEST['callback_id']) ? $_REQUEST['callback_id'] : ''; $encrypt_id = isset($_REQUEST['encrypt_id']) ? (int) $_REQUEST['encrypt_id'] : 0; $existing_value = isset($_REQUEST['value']) ? html_entity_decode(@base64_decode($_REQUEST['value'])) : ''; $encrypt = module_encrypt::get_encrypt($encrypt_id); $encryption_keys = module_encrypt::get_encrypt_keys(); if ($encrypt && $encrypt['encrypt_key_id'] && isset($encryption_keys[$encrypt['encrypt_key_id']])) { $encryption_key = $encryption_keys[$encrypt['encrypt_key_id']]; } else { $encryption_key = isset($encryption_keys[$encrypt_field['encrypt_key_id']]) ? $encryption_keys[$encrypt_field['encrypt_key_id']] : false; } // if there is no "encrypt_id" it means we're adding a new encrypted value here. // there is no need to ask for the password if we're adding a new value to the system. // we can encrypt this value with the public key. $adding_new_blank_field = !($encrypt_id > 0); if ($encrypt_id) { // log an "attempt" status against this field. module_encrypt::log_access($encrypt_id, 'attempt'); } // we will have our "secured_private_key" within the encryption keys array. // this is encrypted with AES using our "master" password.