die('Unable to encrypt this field. Sorry');
}
// ready to create our field!
// for now we just create an entry in the db ready to go.
$encrypt_field_id = update_insert('encrypt_field_id', 0, 'encrypt_field', array('page_name' => $page_name, 'field_name' => $encrypt_field_name, 'encrypt_key_id' => 0));
}
if (!$encrypt_field_id) {
die('no encrypt field id');
}
$encrypt_field = module_encrypt::get_encrypt_field($encrypt_field_id);
//if(!$encrypt_field||$encrypt_field['encrypt_field_id']!=$encrypt_field_id)die('invalid field specified');
$callback_id = isset($_REQUEST['callback_id']) ? $_REQUEST['callback_id'] : '';
$encrypt_id = isset($_REQUEST['encrypt_id']) ? (int) $_REQUEST['encrypt_id'] : 0;
$existing_value = isset($_REQUEST['value']) ? html_entity_decode(@base64_decode($_REQUEST['value'])) : '';
$encrypt = module_encrypt::get_encrypt($encrypt_id);
$encryption_keys = module_encrypt::get_encrypt_keys();
if ($encrypt && $encrypt['encrypt_key_id'] && isset($encryption_keys[$encrypt['encrypt_key_id']])) {
$encryption_key = $encryption_keys[$encrypt['encrypt_key_id']];
} else {
$encryption_key = isset($encryption_keys[$encrypt_field['encrypt_key_id']]) ? $encryption_keys[$encrypt_field['encrypt_key_id']] : false;
}
// if there is no "encrypt_id" it means we're adding a new encrypted value here.
// there is no need to ask for the password if we're adding a new value to the system.
// we can encrypt this value with the public key.
$adding_new_blank_field = !($encrypt_id > 0);
if ($encrypt_id) {
// log an "attempt" status against this field.
module_encrypt::log_access($encrypt_id, 'attempt');
}
// we will have our "secured_private_key" within the encryption keys array.
// this is encrypted with AES using our "master" password.
