/**
*
* Fonction "formatée" de cryptage AES utilisant la fonction cryptoJsAesEncrypt()
*
* @param $data - Contenu à crypter/décrypter
* @param $key - Phrase secrète
* @param $action - Action (1:crypter/2:décrypter)
*
* @return array - array(data:json, string:contenu crypté/décrypter)
*/
function AesCryptoJsPhp($data, $key, $action)
{
$obj = array('data' => NULL, 'string' => NULL);
if ($action == 1) {
$obj['data'] = cryptoJsAesEncrypt($key, $data);
$obj['string'] = json_decode($obj['data'], true);
$obj['string'] = $obj['string']['ct'];
} elseif ($action == 2) {
$obj['data'] = cryptoJsAesDecrypt($key, $data);
$obj['string'] = $obj['data'];
}
return $obj;
}
<h2>Example to encrypt with CryptoJS on client side and decrypt on PHP side</h2>
<?php
if (isset($_POST["decrypt"])) {
include "../cryptojs-aes.php";
?>
Json value received: <input type="text" value="<?php
echo htmlentities($_POST["json"]);
?>
" size="90" disabled="disabled"/><br/>
Passphrase: <input type="text" value="<?php
echo $_POST["pass"];
?>
" size="90" disabled="disabled"/><br/>
Decrypted value: <input type="text" value="<?php
echo cryptoJsAesDecrypt($_POST["pass"], $_POST["json"]);
?>
" size="45" disabled="disabled"/><br/>
<hr/>
<br/><br/>
<?php
}
?>
<form name="d" method="post" action="">
Value to encrypt: <input type="text" name="val" value="My string - Could also be an JS array/object" class="val" size="45"/><br/>
Passphrase: <input type="text" name="pass" class="pass" value="my secret passphrase" size="45"/><br/>
CryptoJS encrypted json output: <input type="text" name="json" class="json" size="90" onclick="this.select()"/>
<input type="submit" name="decrypt" value="Send to server and decrypt"/>
</form>
die('{"ERROR" : {"CODE":"2","MESSAGE":"NOT CONNECTED TO \\"DEFAULT\\" DATABASE", "TYPE" : "' . $CCConnectionSettings[$sourceName]["Type"] . '"}}');
} else {
# Si se usa la base de datos default, simepre usa el usuario definido en el datasource
$_SESSION["CONNECTED"][$sourceName]->{"user"} = $CCConnectionSettings[$sourceName]["User"];
$_SESSION["CONNECTED"][$sourceName]->{"password"} = $CCConnectionSettings[$sourceName]["User"];
}
} else {
if (!isset($_SESSION["CONNECTED"]) or !isset($_SESSION["CONNECTED"][$sourceName])) {
die('{"ERROR" : {"CODE":"12","MESSAGE":"NOT CONNECTED TO DATABASE ' . $sourceName . '.", "TYPE" : "' . $CCConnectionSettings[$sourceName]["Type"] . '"}}');
}
}
}
## #####################################################
$BIND = CCGetParam("BIND");
//$SQL = CCGetParam("SQL");
$SQL = cryptoJsAesDecrypt($pass_phrase, CCGetParam("SQL"));
$BIND = json_decode($BIND);
#$phpcode = "";
#eval($phpcode);
#var_dump($BIND);
#var_dump($SQL);
#var_dump($phpcode);
sqlParserFromString($SQL, $BIND, $level);
$result = '';
$____error = "";
$____lastkey = "";
eval($plsqlParsed["ANONYMOUS"]->phpCode);
#var_dump($db);
#echo "ERROR ".$____error ;
if ($____error !== "") {
$____error = str_replace(array("\\", '"', "/", "\n", "\r", "\t", "\\b"), array("\\\\", '\\"', '\\/', '\\n', '', '\\t', '\\b'), $____error);