$encrypt_id = isset($_REQUEST['encrypt_id']) ? (int) $_REQUEST['encrypt_id'] : 0; $existing_value = isset($_REQUEST['value']) ? html_entity_decode(@base64_decode($_REQUEST['value'])) : ''; $encrypt = module_encrypt::get_encrypt($encrypt_id); $encryption_keys = module_encrypt::get_encrypt_keys(); if ($encrypt && $encrypt['encrypt_key_id'] && isset($encryption_keys[$encrypt['encrypt_key_id']])) { $encryption_key = $encryption_keys[$encrypt['encrypt_key_id']]; } else { $encryption_key = isset($encryption_keys[$encrypt_field['encrypt_key_id']]) ? $encryption_keys[$encrypt_field['encrypt_key_id']] : false; } // if there is no "encrypt_id" it means we're adding a new encrypted value here. // there is no need to ask for the password if we're adding a new value to the system. // we can encrypt this value with the public key. $adding_new_blank_field = !($encrypt_id > 0); if ($encrypt_id) { // log an "attempt" status against this field. module_encrypt::log_access($encrypt_id, 'attempt'); } // we will have our "secured_private_key" within the encryption keys array. // this is encrypted with AES using our "master" password. // we unlock this private key using our "master" password that is entered in the do_crypt() function. // if this do_crypt() function successfully unlocks the "secured_private_key" we can // if we're encrypting a new value then we can simply encrypt it against the free text public key. ?> <script language="JavaScript" type="text/javascript" src="<?php echo full_link('includes/plugin_encrypt/js/json2.js'); ?> ?ver=<?php echo _SCRIPT_VERSION; ?> "></script>
public function process() { switch ($_REQUEST['_process']) { case 'save_encrypt': $data = $_REQUEST; if (isset($data['encrypt_key_id']) && !$data['encrypt_key_id']) { unset($data['encrypt_key_id']); } else { if (isset($data['encrypt_key_id']) && $data['encrypt_key_id'] && isset($data['encrypt_field_id']) && $data['encrypt_field_id']) { // change our key over to this new one. // only really used in dev. if someone did this irl they would loose all encryption. //update_insert('encrypt_field_id',(int)$data['encrypt_field_id'],'encrypt_field',array('encrypt_key_id'=>$data['encrypt_key_id'])); } } $encrypt_id = update_insert('encrypt_id', (int) $_REQUEST['encrypt_id'], 'encrypt', $data); echo json_encode(array('encrypt_id' => $encrypt_id)); exit; break; case 'save_encrypt_key': $encrypt_key_id = update_insert('encrypt_key_id', (int) $_REQUEST['encrypt_key_id'], 'encrypt_key', $_REQUEST); // update the field info to say we are using this key. if (isset($_REQUEST['encrypt_field_id']) && (int) $_REQUEST['encrypt_field_id'] > 0) { update_insert('encrypt_field_id', (int) $_REQUEST['encrypt_field_id'], 'encrypt_field', array('encrypt_key_id' => $encrypt_key_id)); } echo 'Saved!'; exit; break; case 'encrypt_successful': $encrypt_field_id = isset($_REQUEST['encrypt_field_id']) ? (int) $_REQUEST['encrypt_field_id'] : 0; $encrypt_id = isset($_REQUEST['encrypt_id']) ? (int) $_REQUEST['encrypt_id'] : 0; if ($encrypt_id && $encrypt_field_id) { module_encrypt::log_access($encrypt_id, 'success'); } echo 'Saved!'; exit; break; } }