print "AES-192 otv decrypted is ok: " . bool_str(Base16::encode($aes192tvd) == "00112233445566778899aabbccddeeff") . "<br/>\n";
print "AES-192 (CBC mode) encrypted in UTF-8: " . Base16::encode($aes192e) . "<br/>\n";
print "AES-192 (CBC mode) decrypted in UTF-8: " . $aes192d . "<br/><br/>\n";
/**
* Test AES-256 with one official test vector and custom input.
* Vectors from: http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf
*/
$aes256tvk = pack("c*", 0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xa, 0xb, 0xc, 0xd, 0xe, 0xf, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f);
$aes256tvt = pack("c*", 0x0, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff);
$aes256tve = AES::encrypt($aes256tvk, $aes256tvt);
// ECB mode, no padding needed.
$aes256tvd = AES::decrypt($aes256tvk, $aes256tve);
// ECB mode, no padding needed.
//
$aes256i = "1234567890123456";
$aes256k = "12345678901234561234567890123456";
$aes256e = AES::encrypt($aes256k, PKCS7::pad($input, 16), "ctr", $aes256i);
// Needs padding.
$aes256d = PKCS7::unpad(AES::decrypt($aes256k, $aes256e, "ctr", $aes256i));
// Needs unpadding.
//
print "AES-256 otv encrypted is ok: " . bool_str(Base16::encode($aes256tve) == "8ea2b7ca516745bfeafc49904b496089") . "<br/>\n";
print "AES-256 otv decrypted is ok: " . bool_str(Base16::encode($aes256tvd) == "00112233445566778899aabbccddeeff") . "<br/>\n";
print "AES-256 (CTR mode) encrypted in UTF-8: " . Base16::encode($aes256e) . "<br/>\n";
print "AES-256 (CTR mode) decrypted in UTF-8: " . $aes256d . "<br/><br/>\n";
?>
</div>
</body>
</html>
function aesPasswords()
{
require_once $_SESSION['site']['root'] . "/classes/AES.class.php";
$aes = new AES($_SESSION['site']['AESkey']);
$this->oPassword = $aes->encrypt($this->oPassword);
$this->nPassword = $aes->encrypt($this->nPassword);
return;
}
public static function encrypt($plaintext, $key)
{
// Set up encryption parameters.
$plaintext_utf8 = utf8_encode($plaintext);
$inputData = cryptoHelpers::convertStringToByteArray($plaintext);
$keyAsNumbers = cryptoHelpers::toNumbers(bin2hex($key));
$keyLength = count($keyAsNumbers);
$iv = cryptoHelpers::generateSharedKey(16);
$encrypted = AES::encrypt($inputData, AES::modeOfOperation_CBC, $keyAsNumbers, $keyLength, $iv);
// Set up output format (space delimeted "plaintextsize iv cipher")
$retVal = $encrypted['originalsize'] . " " . cryptoHelpers::toHex($iv) . " " . cryptoHelpers::toHex($encrypted['cipher']);
return $retVal;
}
/**
* 撤销二维码
*
*/
public function cancel($info)
{
require_once str_replace("\\", '/', dirname(__FILE__)) . '/AES.class.php';
$xml = "<?xml version='1.0' encoding='utf-8'?>\n <business_trans>\n \t<request_type>cancel_order</request_type>\n \t<req_seq>" . $info['req_seq'] . "</req_seq>\n \t<order>\n \t\t<cancel_num>1</cancel_num>\n \t</order>\n </business_trans>";
//xml的aes加密
$aes = new AES($this->secret_key);
$xml_aes = $aes->encrypt($xml);
$xml_aes_str = base64_encode($xml_aes);
//组织参数
$paramters = array('organization' => $this->organization, 'xml' => $xml_aes_str);
$result = $this->simulation_post($this->send_url, $paramters);
$xml_result = $aes->decrypt(base64_decode($result));
return $xml_result;
}
function paramEncrypt($x)
{
$Cipher = new AES();
// kunci enkripsi (Anda bisa memodifikasi kuncinya)
$key_128bit = '2b7e151628aed2a6abf7158809cf4f3c';
// membagi panjang string yang akan dienkripsi dengan panjang 16 karakter
$n = ceil(strlen($x) / 16);
$encrypt = "";
for ($i = 0; $i <= $n - 1; $i++) {
// mengenkripsi setiap 16 karakter
$cryptext = $Cipher->encrypt($Cipher->stringToHex(substr($x, $i * 16, 16)), $key_128bit);
// menggabung hasil enkripsi setiap 16 karakter menjadi satu string enkripsi utuh
$encrypt .= $cryptext;
}
return $encrypt;
}
function encoder($x)
{
$value = new hash_encryption($keypass1);
$first = $value->encrypt($x);
$first_output = '';
$count = 0;
while ($count < strlen($encrypted)) {
$enc_output .= substr($first, $count, 80) . "<br>";
$count += 80;
}
$Cipher = new AES();
$key_256bit = $keypass;
$n = ceil(strlen($first) / 16);
$encrypt = "";
for ($i = 0; $i <= $n - 1; $i++) {
$cryptext = $Cipher->encrypt($Cipher->stringToHex(substr($first, $i * 16, 16)), $key_256bit);
$encrypt .= $cryptext;
}
return $encrypt;
}
/**
* Convert a private key to the appropriate format.
*
* @access private
* @see setPrivateKeyFormat()
* @param String $RSAPrivateKey
* @return String
*/
function _convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients)
{
$signed = $this->privateKeyFormat != self::PRIVATE_FORMAT_XML;
$num_primes = count($primes);
$raw = array('version' => $num_primes == 2 ? chr(0) : chr(1), 'modulus' => $n->toBytes($signed), 'publicExponent' => $e->toBytes($signed), 'privateExponent' => $d->toBytes($signed), 'prime1' => $primes[1]->toBytes($signed), 'prime2' => $primes[2]->toBytes($signed), 'exponent1' => $exponents[1]->toBytes($signed), 'exponent2' => $exponents[2]->toBytes($signed), 'coefficient' => $coefficients[2]->toBytes($signed));
// if the format in question does not support multi-prime rsa and multi-prime rsa was used,
// call _convertPublicKey() instead.
switch ($this->privateKeyFormat) {
case self::PRIVATE_FORMAT_XML:
if ($num_primes != 2) {
return false;
}
return "<RSAKeyValue>\r\n" . ' <Modulus>' . base64_encode($raw['modulus']) . "</Modulus>\r\n" . ' <Exponent>' . base64_encode($raw['publicExponent']) . "</Exponent>\r\n" . ' <P>' . base64_encode($raw['prime1']) . "</P>\r\n" . ' <Q>' . base64_encode($raw['prime2']) . "</Q>\r\n" . ' <DP>' . base64_encode($raw['exponent1']) . "</DP>\r\n" . ' <DQ>' . base64_encode($raw['exponent2']) . "</DQ>\r\n" . ' <InverseQ>' . base64_encode($raw['coefficient']) . "</InverseQ>\r\n" . ' <D>' . base64_encode($raw['privateExponent']) . "</D>\r\n" . '</RSAKeyValue>';
break;
case self::PRIVATE_FORMAT_PUTTY:
if ($num_primes != 2) {
return false;
}
$key = "PuTTY-User-Key-File-2: ssh-rsa\r\nEncryption: ";
$encryption = !empty($this->password) || is_string($this->password) ? 'aes256-cbc' : 'none';
$key .= $encryption;
$key .= "\r\nComment: " . $this->comment . "\r\n";
$public = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($raw['publicExponent']), $raw['publicExponent'], strlen($raw['modulus']), $raw['modulus']);
$source = pack('Na*Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($encryption), $encryption, strlen($this->comment), $this->comment, strlen($public), $public);
$public = base64_encode($public);
$key .= "Public-Lines: " . (strlen($public) + 63 >> 6) . "\r\n";
$key .= chunk_split($public, 64);
$private = pack('Na*Na*Na*Na*', strlen($raw['privateExponent']), $raw['privateExponent'], strlen($raw['prime1']), $raw['prime1'], strlen($raw['prime2']), $raw['prime2'], strlen($raw['coefficient']), $raw['coefficient']);
if (empty($this->password) && !is_string($this->password)) {
$source .= pack('Na*', strlen($private), $private);
$hashkey = 'putty-private-key-file-mac-key';
} else {
$private .= Random::string(16 - (strlen($private) & 15));
$source .= pack('Na*', strlen($private), $private);
$sequence = 0;
$symkey = '';
while (strlen($symkey) < 32) {
$temp = pack('Na*', $sequence++, $this->password);
$symkey .= pack('H*', sha1($temp));
}
$symkey = substr($symkey, 0, 32);
$crypto = new AES();
$crypto->setKey($symkey);
$crypto->disablePadding();
$private = $crypto->encrypt($private);
$hashkey = 'putty-private-key-file-mac-key' . $this->password;
}
$private = base64_encode($private);
$key .= 'Private-Lines: ' . (strlen($private) + 63 >> 6) . "\r\n";
$key .= chunk_split($private, 64);
$hash = new Hash('sha1');
$hash->setKey(pack('H*', sha1($hashkey)));
$key .= 'Private-MAC: ' . bin2hex($hash->hash($source)) . "\r\n";
return $key;
default:
// eg. self::PRIVATE_FORMAT_PKCS1
$components = array();
foreach ($raw as $name => $value) {
$components[$name] = pack('Ca*a*', self::ASN1_INTEGER, $this->_encodeLength(strlen($value)), $value);
}
$RSAPrivateKey = implode('', $components);
if ($num_primes > 2) {
$OtherPrimeInfos = '';
for ($i = 3; $i <= $num_primes; $i++) {
// OtherPrimeInfos ::= SEQUENCE SIZE(1..MAX) OF OtherPrimeInfo
//
// OtherPrimeInfo ::= SEQUENCE {
// prime INTEGER, -- ri
// exponent INTEGER, -- di
// coefficient INTEGER -- ti
// }
$OtherPrimeInfo = pack('Ca*a*', self::ASN1_INTEGER, $this->_encodeLength(strlen($primes[$i]->toBytes(true))), $primes[$i]->toBytes(true));
$OtherPrimeInfo .= pack('Ca*a*', self::ASN1_INTEGER, $this->_encodeLength(strlen($exponents[$i]->toBytes(true))), $exponents[$i]->toBytes(true));
$OtherPrimeInfo .= pack('Ca*a*', self::ASN1_INTEGER, $this->_encodeLength(strlen($coefficients[$i]->toBytes(true))), $coefficients[$i]->toBytes(true));
$OtherPrimeInfos .= pack('Ca*a*', self::ASN1_SEQUENCE, $this->_encodeLength(strlen($OtherPrimeInfo)), $OtherPrimeInfo);
}
$RSAPrivateKey .= pack('Ca*a*', self::ASN1_SEQUENCE, $this->_encodeLength(strlen($OtherPrimeInfos)), $OtherPrimeInfos);
}
$RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
if ($this->privateKeyFormat == self::PRIVATE_FORMAT_PKCS8) {
$rsaOID = pack('H*', '300d06092a864886f70d0101010500');
// hex version of MA0GCSqGSIb3DQEBAQUA
$RSAPrivateKey = pack('Ca*a*Ca*a*', self::ASN1_INTEGER, "", $rsaOID, 4, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
$RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
if (!empty($this->password) || is_string($this->password)) {
$salt = Random::string(8);
$iterationCount = 2048;
$crypto = new DES();
$crypto->setPassword($this->password, 'pbkdf1', 'md5', $salt, $iterationCount);
$RSAPrivateKey = $crypto->encrypt($RSAPrivateKey);
$parameters = pack('Ca*a*Ca*N', self::ASN1_OCTETSTRING, $this->_encodeLength(strlen($salt)), $salt, self::ASN1_INTEGER, $this->_encodeLength(4), $iterationCount);
$pbeWithMD5AndDES_CBC = "*†H†÷\r";
$encryptionAlgorithm = pack('Ca*a*Ca*a*', self::ASN1_OBJECT, $this->_encodeLength(strlen($pbeWithMD5AndDES_CBC)), $pbeWithMD5AndDES_CBC, self::ASN1_SEQUENCE, $this->_encodeLength(strlen($parameters)), $parameters);
$RSAPrivateKey = pack('Ca*a*Ca*a*', self::ASN1_SEQUENCE, $this->_encodeLength(strlen($encryptionAlgorithm)), $encryptionAlgorithm, self::ASN1_OCTETSTRING, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
$RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
$RSAPrivateKey = "-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n" . chunk_split(base64_encode($RSAPrivateKey), 64) . '-----END ENCRYPTED PRIVATE KEY-----';
} else {
$RSAPrivateKey = "-----BEGIN PRIVATE KEY-----\r\n" . chunk_split(base64_encode($RSAPrivateKey), 64) . '-----END PRIVATE KEY-----';
}
return $RSAPrivateKey;
}
if (!empty($this->password) || is_string($this->password)) {
$iv = Random::string(8);
$symkey = pack('H*', md5($this->password . $iv));
// symkey is short for symmetric key
$symkey .= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8);
$des = new TripleDES();
$des->setKey($symkey);
$des->setIV($iv);
$iv = strtoupper(bin2hex($iv));
$RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" . "Proc-Type: 4,ENCRYPTED\r\n" . "DEK-Info: DES-EDE3-CBC,{$iv}\r\n" . "\r\n" . chunk_split(base64_encode($des->encrypt($RSAPrivateKey)), 64) . '-----END RSA PRIVATE KEY-----';
} else {
$RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" . chunk_split(base64_encode($RSAPrivateKey), 64) . '-----END RSA PRIVATE KEY-----';
}
return $RSAPrivateKey;
}
}
private static function generateTAN_old_old_old ($key) {
$imputText = bcadd (self::num ($key), self::randomPrimeNumber());
$imputKey = $key;
$blockSize = 256;
$aes = new AES($imputText, $imputKey, $blockSize);
$enc = $aes->encrypt();
return $enc;
}
$error = 'Sorry, you didn’t fill out an email address. Please <a href="/">go back</a> and fill out your email address.';
} else {
$email = $_POST['email'];
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error = 'Sorry, your email address is invalid. Please <a href="/">go back</a> and enter a valid email address.';
} else {
// gets the aes key.
$aesKeyFilePath = BASEDIR . '../mailinglist/aes-key.txt';
$fh = fopen($aesKeyFilePath, 'r');
$aesKey = fread($fh, filesize($aesKeyFilePath));
fclose($fh);
// set the aes block size.
$aesBlockSize = 256;
// encrypt the email address, cause Jamie is paranoid about privacy.
$aes = new AES($email, $aesKey, $aesBlockSize);
$encryptedEmail = $aes->encrypt();
// where the mailing list text file is located.
$listFilePath = BASEDIR . '../mailinglist/list.txt';
// save.
file_put_contents($listFilePath, $encryptedEmail . "\n", FILE_APPEND);
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Mailing List \ Processing.org</title>
<link rel="icon" href="/favicon.ico" type="image/x-icon" />
/**
* @param stdClass $params
* @return array
*/
public function closeEncounter(stdClass $params)
{
$aes = new AES($_SESSION['site']['AESkey']);
$pass = $aes->encrypt($params->signature);
$uid = $_SESSION['user']['id'];
$data['close_date'] = $params->close_date;
$data['close_uid'] = $_SESSION['user']['id'];
$this->setSQL("SELECT username FROM users WHERE id = '{$uid}' AND password = '******' AND authorized = '1' LIMIT 1");
$count = $this->rowCount();
if ($count != 0) {
$sql = $this->sqlBind($data, "form_data_encounter", "U", "eid='" . $params->eid . "'");
$this->setSQL($sql);
$this->execLog();
return array('success' => true);
} else {
return array('success' => false);
}
}
function wplc_encrypt_msg($plaintext)
{
$wplc_pro_settings = get_option("WPLC_PRO_SETTINGS");
if (isset($wplc_pro_settings['wplc_enable_encryption']) && $wplc_pro_settings['wplc_enable_encryption'] == 1) {
$api_key = get_option('wplc_api_key');
if ($api_key != '') {
$api_key = substr($api_key, 0, 10);
$plaintext_utf8 = utf8_encode($plaintext);
$inputData = cryptoHelpers::convertStringToByteArray($plaintext);
$keyAsNumbers = cryptoHelpers::toNumbers(bin2hex($api_key));
$keyLength = count($keyAsNumbers);
$iv = cryptoHelpers::generateSharedKey(16);
$encrypted = AES::encrypt($inputData, AES::modeOfOperation_CBC, $keyAsNumbers, $keyLength, $iv);
$retVal = $encrypted['originalsize'] . " " . cryptoHelpers::toHex($iv) . " " . cryptoHelpers::toHex($encrypted['cipher']);
$message = array('e' => 1, 'm' => $retVal);
return maybe_serialize($message);
} else {
$message = array('e' => 0, 'm' => $plaintext);
return maybe_serialize($message);
}
} else {
$message = array('e' => 0, 'm' => $plaintext);
return maybe_serialize($message);
}
}
<?php
include "./AES.class.php";
$z = "abcdefgh01234567";
// 128-bit key
//$z = "abcdefghijkl012345678901"; // 192-bit key
//$z = "abcdefghijuklmno0123456789012345"; // 256-bit key
$aes = new AES($z);
$data = file_get_contents("./example.txt");
$start = microtime(true);
//echo "\n\nCipher-Text:\n" . $aes->encrypt($data) . "\n";
echo "\n\nPlain-Text:\n" . $aes->decrypt($aes->encrypt($data)) . "\n";
$end = microtime(true);
echo "\n\nExecution time: " . ($end - $start);
<?php
include "./AES.class.php";
$z = "abcdefgh01234567";
// 128-bit key
//$z = "abcdefghijkl012345678901"; // 192-bit key
//$z = "abcdefghijuklmno0123456789012345"; // 256-bit key
$aes = new AES($z);
$data = file_get_contents("./example.txt");
print_r($aes->encrypt($data));
function adminUser()
{
require_once "classes/AES.class.php";
$admin = $this->adminUser;
$aes = new AES($this->AESkey);
$ePass = $aes->encrypt($this->adminPass);
$this->conn->exec("INSERT INTO users\n\t\t\t\t\t\t\t \t SET username \t='" . $admin . "',\n\t\t\t\t\t\t\t \t fname\t\t='Adminstrator',\n\t\t\t\t\t\t\t \t \t password \t='" . $ePass . "',\n\t\t\t\t\t\t\t \t authorized \t='1'");
return $this->displayError();
}
function AESencrypt($text, $password)
{
require_once "phpAES/AES.class.php";
$aes = new AES($password);
return base64_encode($aes->encrypt($text));
}
/**
* 获取用于支付的信息
* @param array $arr
* @return string
*/
public function getPayInfo($Info)
{
$encrypted = '';
$front_baseUrl = $this->config->item('front_base_url');
if ($Info) {
$trans = array('Debug' => '0', 'Source' => 'yizhan', 'SourceID' => $Info['order_num'], 'SourceDesc' => $Info['name'], 'TransTotal' => $Info['total'] * 100, 'Method' => array('express', 'alipay'), 'Return' => base_url() . 'inns/cashin', 'Notify' => $front_baseUrl . 'rpc/dyhtranscallback');
require_once APPPATH . 'libraries/class_aes.php';
$aes = new AES('doyouhikerocks!!');
$encrypted = base64_encode($aes->encrypt(serialize($trans)));
}
return $encrypted;
}
public function verifyUserPass($pass)
{
$aes = new AES($_SESSION['site']['AESkey']);
$pass = $aes->encrypt($pass);
$uid = $_SESSION['user']['id'];
$this->db->setSQL("SELECT username FROM users WHERE id = '{$uid}' AND password = '******' AND authorized = '1' LIMIT 1");
$count = $this->db->rowCount();
return $count != 0 ? 1 : 2;
}
<?php
header("Content-type: text/html; charset=utf-8");
class AES
{
private static $key = "set_key_here";
private static $iv = "setup_gIv_here11";
public static function encrypt($string)
{
$encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, self::$key, $string, MCRYPT_MODE_CBC, self::$iv);
return base64_encode($encrypted);
}
public static function decrypt($string)
{
$encryptedData = base64_decode($string);
$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, self::$key, $encryptedData, MCRYPT_MODE_CBC, self::$iv);
return $decrypted;
}
}
if (isset($_GET['data'])) {
//解密客户端数据
$decode_str = AES::decrypt($_GET['data']);
//处理客户端数据
$decode_str = trim($decode_str) . " append another data";
//返回处理结果
echo AES::encrypt($decode_str);
}
function admin_login()
{
global $conn;
$username = strip_tags($_POST['username']);
$password = pass_md5($_POST['password']);
$sql = "select id from blog_admin where ba_username='******' and ba_password='******'";
$re = mysqli_query($conn, $sql);
$num = mysqli_num_rows($re);
if ($num) {
/*
* 存储token
*/
$row = mysqli_fetch_array($re);
$user_id = $row['id'];
$time = time();
$token = pass_md5($time . $user_id);
$END_date = date('Y-m-d', strtotime('+30 day'));
$sql_insert = " insert into blog_token ( bt_token, bt_start, bt_end,bt_user) VALUES ('{$token}',NOW(),'{$END_date}','{$user_id}')";
mysqli_query($conn, $sql_insert);
setcookie("token", $token, time() + 3600 * 24 * 7 * 30, "/");
$username_md5 = md5("username");
$aes = new AES("abcdefgh12345678");
$username_string = $aes->encrypt($username);
setcookie($username_md5, $username_string, time() + 3600 * 24 * 7 * 30, "/");
echo 1;
} else {
echo 0;
}
}
$row['password'] = $aes->decrypt($row['password']);
$row['pwd_history1'] = $aes->decrypt($row['pwd_history1']);
$row['pwd_history2'] = $aes->decrypt($row['pwd_history2']);
$row['fullname'] = fullname($row['fname'], $row['mname'], $row['lname']);
$user_id = $row['id'];
$mitos_db->setSQL("SELECT role_id FROM acl_user_roles WHERE user_id = {$user_id} ");
$rec = $mitos_db->fetch();
$row['role_id'] = $rec['role_id'];
array_push($rows, $row);
}
print_r(json_encode(array('totals' => $total, 'row' => $rows)));
exit;
case 'POST':
$role['role_id'] = $data['role_id'];
unset($data['id'], $data['role_id'], $data['fullname']);
$data['password'] = $aes->encrypt($data['password']);
$data['authorized'] = $data['authorized'] == 'on' ? 1 : 0;
$data['active'] = $data['active'] == 'on' ? 1 : 0;
$data['calendar'] = $data['calendar'] == 'on' ? 1 : 0;
if ($data['taxonomy'] == "") {
unset($data['taxonomy']);
}
$sql = $mitos_db->sqlBind($data, "users", "I");
$mitos_db->setSQL($sql);
$ret = $mitos_db->execLog();
$role['user_id'] = $mitos_db->lastInsertId;
$sql = $mitos_db->sqlBind($role, "acl_user_roles", "I");
$mitos_db->setSQL($sql);
$ret = $mitos_db->execLog();
if ($ret[2]) {
echo '{ success: false, errors: { reason: "' . $ret[2] . '" }}';
function paramEncrypt($x)
{
$first_output = '';
$count = 0;
$Cipher = new AES();
$key_256bit = keypass();
$n = ceil(strlen($x) / 16);
$encrypt = "";
for ($i = 0; $i <= $n - 1; $i++) {
$cryptext = $Cipher->encrypt($Cipher->stringToHex(substr($x, $i * 16, 16)), $key_256bit);
$encrypt .= $cryptext;
}
return $encrypt;
}
//多业务模式的配置
$json_multi = <<<EOT
{
"sl" : "{$serviceList}",
"list" : [{
"al" : "f,1,这里全是|f,3,自定义|t,,,,|o,10,啦啦啦,,1",
"ap" : "求你了,点自动续费"
}, {
"al" : "f,2,哇卡卡|f,4,哇擦|f,12,在干嘛,年费哦,1|o",
"ap" : "点一下自动续费行么"
}]
}
EOT;
$aes = new AES($aesKey);
//生成单业务模式的链接
$encrypted = bin2hex($aes->encrypt($json_single));
$params_single = array('m' => 'buy', 'c' => $code, 'aid' => 'test', 'pf' => 'xixiong', 'ru' => rawurlencode('http://www.qq.com/'), 'pu' => rawurlencode('history.back'), 'configs' => $encrypted);
$p = array();
foreach ($params_single as $key => $value) {
array_push($p, $key . '=' . $value);
}
$url_single = 'http://pay.qq.com/h5/index.shtml?' . implode('&', $p);
if ($serviceList) {
//生成单业务模式的链接
$encrypted = bin2hex($aes->encrypt($json_multi));
$params_multi = array('m' => 'buy', 'c' => $code, 'aid' => 'test', 'pf' => 'xixiong', 'ru' => rawurlencode('http://www.qq.com/'), 'pu' => rawurlencode('history.back'), 'configs' => $encrypted);
$p = array();
foreach ($params_multi as $key => $value) {
array_push($p, $key . '=' . $value);
}
$url_multi = 'http://pay.qq.com/h5/index.shtml?' . implode('&', $p);
public function _run($context)
{
$key = $context['key'];
$data = $context['data'];
$keyCrypt = false;
foreach (explode(' ', $key) as $hex) {
$keyCrypt .= pack('C', hexdec($hex));
}
require_once 'AES.class.php';
$aes = new \AES($keyCrypt);
return $aes->encrypt($data);
}
public static function aes_encrypt_2_base64($key, $str)
{
$aes = new AES($key);
return base64_encode($aes->encrypt($str));
}
/**
* @param stdClass $params
* @return int
*/
public function login(stdClass $params)
{
//-------------------------------------------
// Check that the username do not pass
// the maximum limit of the field.
//
// NOTE:
// If this condition is met, the user did not
// use the logon form. Possible hack.
//-------------------------------------------
if (strlen($params->authUser) >= 26) {
return array('success' => false, 'error' => 'Possible hack, please use the Logon Screen.');
}
//-------------------------------------------
// Check that the username do not pass
// the maximum limit of the field.
//
// NOTE:
// If this condition is met, the user did not
// use the logon form. Possible hack.
//-------------------------------------------
if (strlen($params->authPass) >= 11) {
return array('success' => false, 'error' => 'Possible hack, please use the Logon Screen.');
}
//-------------------------------------------
// Simple check username
//-------------------------------------------
if (!$params->authUser) {
return array('success' => false, 'error' => 'The username field can not be in blank. Try again.');
}
//-------------------------------------------
// Simple check password
//-------------------------------------------
if (!$params->authPass) {
return array('success' => false, 'error' => 'The password field can not be in blank. Try again.');
}
//-------------------------------------------
// Find the AES key in the selected site
// And include the rest of the remaining
// variables to connect to the database.
//-------------------------------------------
$_SESSION['site']['site'] = $params->choiseSite;
$fileConf = "../sites/" . $_SESSION['site']['site'] . "/conf.php";
if (file_exists($fileConf)) {
/** @noinspection PhpIncludeInspection */
include_once $fileConf;
$mitos_db = new dbHelper();
$err = $mitos_db->getError();
if (!is_array($err)) {
return array('success' => false, 'error' => 'For some reason, I can\'t connect to the database.');
}
// Do not stop here!, continue with the rest of the code.
} else {
return array('success' => false, 'error' => 'No configuration file found on the selected site.<br>Please contact support.');
}
//-------------------------------------------
// Convert the password to AES and validate
//-------------------------------------------
$aes = new AES($_SESSION['site']['AESkey']);
$ret = $aes->encrypt($params->authPass);
//-------------------------------------------
// Username & password match
//-------------------------------------------
$mitos_db->setSQL("SELECT id, username, fname, mname, lname, email\n FROM users\n \t\t WHERE username = '******'\n \t\t AND password = '******'\n \t\t AND authorized = '1'\n \t\t LIMIT 1");
$rec = $mitos_db->fetch();
if ($rec['username'] == null) {
return array('success' => false, 'error' => 'The username or password you provided is invalid.');
} else {
//-------------------------------------------
// Change some User related variables and go
//-------------------------------------------
$_SESSION['user']['name'] = $rec['title'] . " " . $rec['lname'] . ", " . $rec['fname'] . " " . $rec['mname'];
$_SESSION['user']['id'] = $rec['id'];
$_SESSION['user']['email'] = $rec['email'];
$_SESSION['user']['auth'] = true;
//-------------------------------------------
// Also fetch the current version of the
// Application & Database
//-------------------------------------------
$sql = "SELECT * FROM version LIMIT 1";
$mitos_db->setSQL($sql);
$rec = $mitos_db->fetch();
$_SESSION['ver']['codeName'] = $rec['v_tag'];
$_SESSION['ver']['major'] = $rec['v_major'];
$_SESSION['ver']['rev'] = $rec['v_patch'];
$_SESSION['ver']['minor'] = $rec['v_minor'];
$_SESSION['ver']['database'] = $rec['v_database'];
$_SESSION['lang']['code'] = $params->lang;
return array('success' => true);
}
}
$loggedIn = true;
}
} else {
if ($openid->mode) {
if ($openid->mode == 'cancel') {
$loggedIn = false;
} elseif ($openid->validate()) {
$data = $openid->getAttributes();
$userEmail = $data['contact/email'];
$userFirstname = $data['namePerson/first'];
$userLastname = $data['namePerson/last'];
for ($u = 0; $u < count($adminUserList); $u++) {
if ($adminUserList[$u] == $userEmail) {
$loggedIn = true;
// save the userdata in encrypted cookie
setcookie("redbox_auth", AES::encrypt(json_encode(array("email" => $userEmail, "first" => $userFirstname, "last" => $userLastname)), $cookiePasswd));
}
}
}
} else {
$loggedIn = false;
$openid->identity = 'https://www.google.com/accounts/o8/id';
$openid->required = array('namePerson/first', 'namePerson/last', 'contact/email');
$openid->returnUrl = "http://www.kammerath.com/redbox/";
$authUrl = $openid->authUrl();
}
}
?>
<!DOCTYPE html>
<html>
<head>
