public function index() { // handle POST from FoxyCart API transaction if (isset($_POST["FoxyData"]) or isset($_POST['FoxySubscriptionData'])) { $FoxyData_encrypted = isset($_POST["FoxyData"]) ? urldecode($_POST["FoxyData"]) : urldecode($_POST["FoxySubscriptionData"]); $FoxyData_decrypted = rc4crypt::decrypt(FoxyCart::getStoreKey(), $FoxyData_encrypted); self::handleDataFeed($FoxyData_encrypted, $FoxyData_decrypted); // extend to allow for additional integrations with Datafeed $this->extend('addIntegrations', $FoxyData_encrypted); return 'foxy'; } else { return "No FoxyData or FoxySubscriptionData received."; } }
function decryptAndSplit($string) { $weekiwaawoo = "d0ntw0rryab0utit"; $source = pack("H*", $string); $decrypted = rc4crypt::decrypt($weekiwaawoo, $source); parse_str($decrypted, $valueArray); return $valueArray; $testString = substr($decoded, 0, strrpos($decoded, "&")); //check that the dataString is legimate if ($valueArray["nonce"] == md5($testString)) { //the data string has not been tampered with return $valueArray; } else { //the data string has failed the integrity check, abort output('<result success="false" error="INVALID" />', true); } }
public function actionWebhook() { $this->requirePostRequest(); craft()->log->removeRoute('WebLogRoute'); craft()->log->removeRoute('ProfileLogRoute'); if (isset($_POST["FoxyData"]) || isset($_POST['FoxySubscriptionData'])) { $encrypted = isset($_POST["FoxyData"]) ? urldecode($_POST["FoxyData"]) : urldecode($_POST["FoxySubscriptionData"]); $decrypted = \rc4crypt::decrypt($this->apikey, $encrypted); $xml = new \SimpleXMLElement($decrypted); $feedType = isset($_POST['FoxySubscriptionData']) ? "subscription" : "transaction"; if (craft()->foxyCart->processWebhook($xml, $feedType)) { $message = 'foxy'; } else { $message = 'Error processing webhook. Please consult your Craft logs'; } } else { $message = "No FoxyData or FoxySubscriptionData received."; } exit($message); }
/** * Decryption, recall encryption * * @param string $pwd Key to decrypt with (can be binary of hex) * @param string $data Content to be decrypted * @param bool $ispwdHex Key passed is in hexadecimal or not * @access public * @return string */ function decrypt($pwd, $data, $ispwdHex = 0) { return rc4crypt::encrypt($pwd, $data, $ispwdHex); }
\t\t\t\t\t\t</shipto_custom_field> \t\t\t\t\t\t<shipto_custom_field> \t\t\t\t\t\t\t<shipto_custom_field_name>More_Custom_Info</shipto_custom_field_name> \t\t\t\t\t\t\t<shipto_custom_field_value>more of john's stuff</shipto_custom_field_value> \t\t\t\t\t\t</shipto_custom_field> \t\t\t\t\t</shipto_custom_fields> \t\t\t\t</shipto_address> \t\t\t</shipto_addresses> \t\t</transaction> \t</transactions> </foxydata> XML; // ====================================================================================== // ENCRYPT YOUR XML // Modify the include path to go to the rc4crypt file. // ====================================================================================== include 'class.rc4crypt.php'; $XMLOutput_encrypted = rc4crypt::encrypt($myKey, $XMLOutput); $XMLOutput_encrypted = urlencode($XMLOutput_encrypted); // ====================================================================================== // POST YOUR XML TO YOUR SITE // Do not modify. // ====================================================================================== $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $myURL); curl_setopt($ch, CURLOPT_POSTFIELDS, array("FoxyData" => $XMLOutput_encrypted)); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $response = curl_exec($ch); curl_close($ch); header("content-type:text/plain"); print $response;
include XOOPS_ROOT_PATH . "/footer.php"; return; } echo "<script language=javascript>\n function mailbox(num) {\n\tformname = 'inbox' + num;\n\twindow.document.forms[formname].submit();\n }\n </script>"; $count = 0; if ($action == "list") { OpenTable(); echo "<center><b>" . _MD_WEBMAIL_MAILBOXESFOR . " {$username}</b></center>"; echo "<br /><table border=\"1\" align=\"center\" width=\"80%\">" . "<tr class='bg2'><td bgcolor=\"{$bgcolor2}\" width=\"33%\"> <b>" . _MD_WEBMAIL_ACCOUNT . "</b></td><td bgcolor=\"{$bgcolor2}\" width=\"33%\" align=\"center\"> <b>" . _MD_WEBMAIL_EMAILS . "</b></td><td bgcolor=\"{$bgcolor2}\" width=\"33%\" align=\"center\"> <b>" . _MD_WEBMAIL_TOTALSIZE . "</b></td></tr>"; while ($row = $xoopsDB->fetchArray($result)) { $count++; $server = $row[popserver]; $port = $row[port]; $apop = $row[apop]; $username = $row[uname]; $rc4 = new rc4crypt(); $password = $rc4->endecrypt($username, $row[passwd], "de"); $account = $row[account]; $serverid = $row[id]; $pop3 = new POP3($server, $username, $password, $port, $apop); if ($pop3->Open()) { $stats = $pop3->Stats(); $mailsum = $stats["message"]; $mailmem = round($stats["size"] / 1024) . " Kbytes"; $pop3->Close(); } else { $mailsum = "Not Connectable!"; $mailmem = "N/A"; } echo "<tr>" . "<td align=\"left\"> " . "<a href='inbox.php?id={$serverid}'>{$account}</a></td>" . "<td align=\"center\">{$mailsum}</td>" . "<td align=\"center\">{$mailmem}</td></tr>"; }
$_SESSION['role'] = $role; $_SESSION['lastlogin'] = $lastlogin; $_SESSION['nrlogins'] = $nrlogins; $sql = "SELECT * FROM {$dbase}." . $table_prefix . "user_roles where id=" . $role . ";"; $rs = mysql_query($sql); $row = mysql_fetch_assoc($rs); $_SESSION['permissions'] = $row; if ($_SESSION['permissions']['frames'] != 1) { // $location = "../index.php?a=8"; $location = "../../"; header("Location: " . $location); } $cookieName = $site_id; $_POST['rememberme'] = 1; if ($_POST['rememberme'] == 1) { $rc4 = new rc4crypt(); $username = $_POST['username']; $keyPhrase = "cryptocipher"; $thestring = $rc4->endecrypt($keyPhrase, $username); setcookie($cookieName, $thestring, time() + 604800, "/", "", 0); } else { setcookie($cookieName, "", time() - 604800, "/", "", 0); } // include the logger and add an audit trail entry unless logging is disabled if ($use_mgr_logging != 0) { include_once "../includes/log.class.inc.php"; $log = new logHandler(); $log->initAndWriteLog("Logged in", $_SESSION['internalKey'], $_SESSION['shortname'], "58", "-", "Etomite"); } $location = $_POST['location'] != "" ? $_POST['location'] : "../index.php"; header("Location: " . $location);
/** * Encrypt the given value using the mcrypt library function. * * If the mcrypt functions do not exist, we fallback to the RC4 implementation which is shipped with Zikula. * * @param string $value The value we wish to decrypt. * @param string $key The encryption key to use (optional) (default=null). * @param string $alg The encryption algirthm to use (only used with mcrypt functions) (optional) (default=null, signifies MCRYPT_RIJNDAEL_128). * @param boolean $encoded Whether or not the value is base64 encoded (optional) (default=true). * * @return string The encrypted value. */ public static function encrypt($value, $key = null, $alg = null, $encoded = true) { $res = false; $key = $key ? $key : 'ZikulaEncryptionKey'; if (function_exists('mcrypt_create_iv') && function_exists('mcrypt_decrypt')) { $alg = $alg ? $alg : MCRYPT_RIJNDAEL_128; $iv = mcrypt_create_iv(mcrypt_get_iv_size($alg, MCRYPT_MODE_ECB), crc32($key)); $res = mcrypt_encrypt($alg, $key, $value, MCRYPT_MODE_CBC); } else { require_once ZLOADER . '/vendor/encryption/rc4crypt.class.php'; $res = rc4crypt::encrypt($key, $value); } return $encoded && $res ? self::encode($res) : $res; }
CloseTable(); echo "<br />"; $port = 110; $show = 20; $checkbox = ""; $acc_count = 0; $showflag = true; $userid = $xoopsUser->uid(); $apop = 0; $query = "select * FROM " . $xoopsDB->prefix('webmail_popsettings') . " where uid = {$userid}"; if (!($result = $xoopsDB->query($query))) { echo "ERROR"; } if ($xoopsDB->getRowsNum($result) > 0) { $acc_count = $xoopsDB->getRowsNum($result); $rc = new rc4crypt(); while ($row = $xoopsDB->fetchArray($result)) { $id = $row[id]; $account = $row[account]; $popserver = $row[popserver]; $port = $row[port]; $uname = $row[uname]; $apop = $row[apop]; $sname = $row[sname]; $smail = $row[smail]; $passwd = $rc->endecrypt($uname, $row[passwd], "de"); $delete = $row[deletefromserver]; $show = $row[numshow]; if ($delete == "Y") { $checkbox = "checked"; }
*/ function mapAddressToDB($address_fields, $prefix = OSCommerce::ADDRESS_BOOK) { $rtn = array(); foreach (FoxydataUtils::$CustomerAddressFieldMap as $feed_field => $db_field) { $rtn[$prefix . $db_field] = $address_fields[$feed_field]; } $country = $this->osc->findCountryByCode($address_fields['country']); $rtn[$prefix . 'country_id'] = $country['countries_id']; $zone = $this->osc->findZoneByNameAndCountryID($address_fields['state'], $rtn[$prefix . 'country_id']); $rtn[$prefix . 'zone_id'] = $zone['zone_id']; return $rtn; } } $utils = new FoxydataUtils($osc); $decryptor = new rc4crypt(); $FoxyData = $decryptor->decrypt(DATAFEED_KEY, urldecode($_POST["FoxyData"])); $data = new XMLParser($FoxyData); // Parse that XML. $data->Parse(); /** * Wrapper class to make retrieving name / value pairs from an XML feed much * more concise. Create with an XMLTag (the result of parsing an XML * file), then retrieve properties with, e.g., $wrapper->customers_email_address. */ class PropertyWrapper { public function __construct(XMLTag $data) { $this->data = $data; }
$_SESSION = array(); @session_destroy(); startCMSSession(); include_once "browsercheck.inc.php"; if (isset($manager_language)) { include_once "lang/" . $manager_language . ".inc.php"; } else { include_once "lang/english.inc.php"; } $cookieName = $site_id; include_once "crypt.class.inc.php"; if (isset($_COOKIE[$cookieName])) { $cookieSet = 1; $username = $_COOKIE[$cookieName]; } $rc4 = new rc4crypt(); $keyPhrase = "cryptocipher"; $uid = $rc4->endecrypt($keyPhrase, $username, 'de'); ?> <html> <head> <title>Etomite</title> <meta http-equiv="content-type" content="text/html; charset=<?php echo $etomite_charset; ?> " /> <meta name="robots" content="noindex, nofollow" /> <link type="text/css" rel="StyleSheet" href="../manager/media/style/style.css" /> <script type="text/javascript" src="media/script/ieemu.js"></script>
*/ $Use_Custom_Field = true; $Custom_Field = 'Subscribe'; // Name of the custom "Opt In" field during checkout. $Custom_Field_Value = 'yes'; // The value of the custom field that indicates the customer's agreement. $key = 'CHANGE THIS TEXT to your own datafeed keyphrase'; isset($_POST['FoxyData']) or die("error"); // Make sure we got passed some FoxyData function fatal_error_handler($errno, $errstr, $errfile, $errline, $errcontext) { die($errstr); return true; } set_error_handler('fatal_error_handler'); $FoxyData = rc4crypt::decrypt($key, urldecode($_POST["FoxyData"])); $data = new XMLParser($FoxyData); // Parse that XML. $data->Parse(); foreach ($data->document->transactions[0]->transaction as $tx) { $subscribe = !$Use_Custom_Field; if ($Use_Custom_Field) { foreach ($tx->custom_fields[0]->custom_field as $field) { $subscribe = $subscribe || $field->custom_field_name[0]->tagData == $Custom_Field && $field->custom_field_value[0]->tagData == $Custom_Field_Value; } } if ($subscribe) { subscribe_user_to_list(array('first_name' => $tx->customer_first_name[0]->tagData, 'last_name' => $tx->customer_last_name[0]->tagData, 'email' => $tx->customer_email[0]->tagData), $ListName, $ConstantContact_Auth); } } print "foxy";
<?php defined('_JEXEC') or die('Restricted access'); //echo 'ok'; //echo require_once dirname(__FILE__) . '/rc4.php'; //$crypt = new Crypt_RC4(); //$rc4 = new rc4crypt(); //echo 'ok2'; //$data = "m=12&f=3&type=subscribe&email=test1@nweb.it&idl=3&ts=20120601120324"; $data = "EventDate=20120601120324&IdConsole=a6457&IdList=1&Groups=3,6&EventType=SUBSCRIBE&Email=bonetto_andrea@libero.it"; echo $data; echo "<br><br>"; $pwd = 'provaprova'; $data = rc4crypt::encrypt($pwd, $data); $data = base64_encode($data); echo $data; //echo rc4crypt::encrypt($pwd, $data);
function getServer($id) { global $xoopsDB, $xoopsUser, $user, $server, $port, $username, $password, $numshow, $apop; if (!$id) { output_err("Error: Invalid Parameter"); } $userid = $xoopsUser->uid(); $query = "Select * from " . $xoopsDB->prefix('webmail_popsettings') . " where id='{$id}' AND uid='{$userid}'"; if (($res = $xoopsDB->query($query)) && $xoopsDB->getRowsNum($res) > 0) { $row = $xoopsDB->fetchArray($res); $uid = $row[uid]; $server = $row[popserver]; $port = $row[port]; $apop = $row[apop]; $username = $row[uname]; $rc4 = new rc4crypt(); $password = $rc4->endecrypt($username, $row[passwd], "de"); $numshow = $row[numshow]; } else { output_err("Error: POP Server not set properly"); } }
} die("foxy"); } else { if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'process') { $order_id = $_REQUEST['order']; $find_order = $couchdb->send("/{$order_id}"); $order = $find_order->getBodyAsObject(); if (!$order->error) { try { $order->errors = array(); $order->processed = isset($order->processed) ? $order->processed : array(); foreach ($preferences->processors as $processor) { $processor_name = $processor->name; $order_processed = isset($order->processed->{$processor_name}) && !$order->processed->{$processor_name}->error; if (!$order_processed) { $XMLOutput_encrypted = urlencode(rc4crypt::encrypt($preferences->shared_secret, $order->raw_xml->data)); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $processor->endpoint); curl_setopt($ch, CURLOPT_POSTFIELDS, array("FoxyData" => $XMLOutput_encrypted)); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $response_body = curl_exec($ch); $response = curl_getinfo($ch); curl_close($ch); if ($response["http_code"] != 200 || $response_body != 'foxy') { $order->errors[] = array("response_code" => $response['http_code'], "message" => "Expected 200 response and 'foxy' reply, got {$response['http_code']}", "response_body" => $response_body, "processor" => $processor_name); } else { $order->errors = null; $order->processed = array($processor_name => array("processed_at" => time(), "processor_response_body" => $response_body)); } } }