$encrypt_id = isset($_REQUEST['encrypt_id']) ? (int) $_REQUEST['encrypt_id'] : 0;
$existing_value = isset($_REQUEST['value']) ? html_entity_decode(@base64_decode($_REQUEST['value'])) : '';
$encrypt = module_encrypt::get_encrypt($encrypt_id);
$encryption_keys = module_encrypt::get_encrypt_keys();
if ($encrypt && $encrypt['encrypt_key_id'] && isset($encryption_keys[$encrypt['encrypt_key_id']])) {
$encryption_key = $encryption_keys[$encrypt['encrypt_key_id']];
} else {
$encryption_key = isset($encryption_keys[$encrypt_field['encrypt_key_id']]) ? $encryption_keys[$encrypt_field['encrypt_key_id']] : false;
}
// if there is no "encrypt_id" it means we're adding a new encrypted value here.
// there is no need to ask for the password if we're adding a new value to the system.
// we can encrypt this value with the public key.
$adding_new_blank_field = !($encrypt_id > 0);
if ($encrypt_id) {
// log an "attempt" status against this field.
module_encrypt::log_access($encrypt_id, 'attempt');
}
// we will have our "secured_private_key" within the encryption keys array.
// this is encrypted with AES using our "master" password.
// we unlock this private key using our "master" password that is entered in the do_crypt() function.
// if this do_crypt() function successfully unlocks the "secured_private_key" we can
// if we're encrypting a new value then we can simply encrypt it against the free text public key.
?>
<script language="JavaScript" type="text/javascript" src="<?php
echo full_link('includes/plugin_encrypt/js/json2.js');
?>
?ver=<?php
echo _SCRIPT_VERSION;
?>
"></script>
public function process()
{
switch ($_REQUEST['_process']) {
case 'save_encrypt':
$data = $_REQUEST;
if (isset($data['encrypt_key_id']) && !$data['encrypt_key_id']) {
unset($data['encrypt_key_id']);
} else {
if (isset($data['encrypt_key_id']) && $data['encrypt_key_id'] && isset($data['encrypt_field_id']) && $data['encrypt_field_id']) {
// change our key over to this new one.
// only really used in dev. if someone did this irl they would loose all encryption.
//update_insert('encrypt_field_id',(int)$data['encrypt_field_id'],'encrypt_field',array('encrypt_key_id'=>$data['encrypt_key_id']));
}
}
$encrypt_id = update_insert('encrypt_id', (int) $_REQUEST['encrypt_id'], 'encrypt', $data);
echo json_encode(array('encrypt_id' => $encrypt_id));
exit;
break;
case 'save_encrypt_key':
$encrypt_key_id = update_insert('encrypt_key_id', (int) $_REQUEST['encrypt_key_id'], 'encrypt_key', $_REQUEST);
// update the field info to say we are using this key.
if (isset($_REQUEST['encrypt_field_id']) && (int) $_REQUEST['encrypt_field_id'] > 0) {
update_insert('encrypt_field_id', (int) $_REQUEST['encrypt_field_id'], 'encrypt_field', array('encrypt_key_id' => $encrypt_key_id));
}
echo 'Saved!';
exit;
break;
case 'encrypt_successful':
$encrypt_field_id = isset($_REQUEST['encrypt_field_id']) ? (int) $_REQUEST['encrypt_field_id'] : 0;
$encrypt_id = isset($_REQUEST['encrypt_id']) ? (int) $_REQUEST['encrypt_id'] : 0;
if ($encrypt_id && $encrypt_field_id) {
module_encrypt::log_access($encrypt_id, 'success');
}
echo 'Saved!';
exit;
break;
}
}
