/**
* Create a SHA256 hash of a string
*
* Uses the PHP mhash library to create SHA256 hashes. It's better than MD5
* and SHA1, and for small amounts of data isn't much slower.
*
* @param string $string String to hash
* @return string Hexadecimal representation of SHA256 hash
*/
function sha256($string)
{
if (!function_exists('mhash')) {
trigger_error('mhash not supported by this PHP installation');
}
return bin2hex(mhash(MHASH_SHA256, $string));
}
public function payment($data, $order_data, $auto_submit = false)
{
$data['order_id'] = $order_data['order_id'];
if ($order_data['currency_id'] != 'USD') {
throw new waPaymentException(_w('Order currency is not USD but payment gateway provide only USD transactions'));
}
$type_trans = array_flip(self::$type_trans);
if (!empty($data['type']) && !empty($type_trans[$data['type']])) {
$type = $type_trans[$data['type']];
} else {
$type = self::OPERATION_AUTH_ONLY;
}
if (empty($order_data['description_en'])) {
$order_data['description_en'] = 'Order #' . $order_data['order_id'] . ' (' . gmdate('F, d Y') . ')';
}
$c = new waContact($order_data['contact_id']);
$locale = $c->getLocale();
$form_fields = array('x_login' => $this->login, 'x_amount' => number_format($order_data['amount'], 2, '.', ''), 'x_description' => $order_data['description_en'], 'x_invoice_num' => $order_data['order_id'], 'x_fp_sequence' => rand(1, 1000), 'x_fp_timestamp' => time(), 'x_test_request' => 'false', 'x_show_form' => 'PAYMENT_FORM', 'x_type' => $type, 'x_version' => '3.1', 'x_method' => 'CC', 'x_cust_id' => $order_data['contact_id'], 'x_customer_ip' => wa()->getRequest()->server('REMOTE_ADDR'), 'x_duplicate_window' => '28800', 'x_first_name' => waLocale::transliterate($c->get('firstname'), $locale), 'x_last_name' => waLocale::transliterate($c->get('lastname'), $locale), 'x_company' => waLocale::transliterate($c->get('company'), $locale), 'x_address' => waLocale::transliterate($c->get('address:street', 'default'), $locale), 'x_city' => waLocale::transliterate($c->get('address:city', 'default'), $locale), 'x_state' => waLocale::transliterate($c->get('address:region', 'default'), $locale), 'x_zip' => waLocale::transliterate($c->get('address:zip', 'default'), $locale), 'x_country' => waLocale::transliterate($c->get('address:country', 'default'), $locale), 'x_phone' => $c->get('phone', 'default'), 'x_email' => $c->get('email', 'default'), 'x_relay_response' => isset($data['x_relay_response']) ? $data['x_relay_response'] : 'true', 'x_relay_url' => $this->getRelayUrl(), 'wa_success_url' => $this->getAdapter()->getBackUrl(waAppPayment::URL_SUCCESS, $data), 'wa_decline_url' => $this->getAdapter()->getBackUrl(waAppPayment::URL_DECLINE, $data), 'wa_cancel_url' => $this->getAdapter()->getBackUrl(waAppPayment::URL_FAIL, $data), 'wa_app_id' => $this->app_id, 'wa_merchant_id' => $this->merchant_id);
$form_fields['x_fp_hash'] = '';
// @TODO: get from common 'address' field
if (phpversion() >= '5.1.2') {
$form_fields['x_fp_hash'] = hash_hmac('md5', $this->login . "^" . $form_fields['x_fp_sequence'] . "^" . $form_fields['x_fp_timestamp'] . "^" . $form_fields['x_amount'] . "^", $this->trans_key);
} else {
$form_fields['x_fp_hash'] = bin2hex(mhash(MHASH_MD5, $this->login . "^" . $form_fields['x_fp_sequence'] . "^" . $form_fields['x_fp_timestamp'] . "^" . $form_fields['x_amount'] . "^", $this->trans_key));
}
if ($this->form_header) {
$form_fields['x_header_html_payment_form'] = $this->form_header;
}
$view = wa()->getView();
$view->assign('url', wa()->getRootUrl());
$view->assign('form_fields', $form_fields);
$view->assign('form_url', $this->getEndpointUrl());
$view->assign('auto_submit', $auto_submit);
return $view->fetch($this->path . '/templates/payment.html');
}
public function encrypt($data, $settings)
{
$cipher = $settings['cipher'] ?? 'sha256';
$key = $settings['key'] ?? PROJECT_CONFIG['key'];
$cipher = Converter::toConstant($cipher, 'MHASH_');
return base64_encode(trim(mhash($cipher, $data, $key)));
}
/**
* Generates the fingerprint for request.
*
* @param string $merchantApiLoginId
* @param string $merchantTransactionKey
* @param string $amount
* @param string $fpSequence An invoice number or random number.
* @param string $fpTimestamp
* @return string The fingerprint.
*/
public function generateRequestSign($merchantApiLoginId, $merchantTransactionKey, $amount, $currencyCode, $fpSequence, $fpTimestamp)
{
if (phpversion() >= '5.1.2') {
return hash_hmac("md5", $merchantApiLoginId . "^" . $fpSequence . "^" . $fpTimestamp . "^" . $amount . "^" . $currencyCode, $merchantTransactionKey);
}
return bin2hex(mhash(MHASH_MD5, $merchantApiLoginId . "^" . $fpSequence . "^" . $fpTimestamp . "^" . $amount . "^" . $currencyCode, $merchantTransactionKey));
}
function Cipher($textkey)
{
$this->enc = MCRYPT_RIJNDAEL_128;
$this->mode = MCRYPT_MODE_ECB;
$this->securekey = mhash(MHASH_SHA256, $textkey);
$iv_size = mcrypt_get_iv_size($this->enc, $this->mode);
$this->iv = mcrypt_create_iv($iv_size, MCRYPT_DEV_RANDOM);
}
function ComparePassword($password, $hash)
{
$hash = base64_decode(substr($hash, 6));
$original_hash = substr($hash, 0, 20);
$salt = substr($hash, 20);
$new_hash = mhash(MHASH_SHA1, $password . $salt);
return strcmp($original_hash, $new_hash);
}
public static function generatePrivateKey($s, $size)
{
if (function_exists('mhash') && defined('MHASH_SHA256')) {
return convertStringToByteArray(substr(mhash(MHASH_SHA256, $s), 0, $size));
} else {
throw new Exception('cryptoHelpers::generatePrivateKey currently requires mhash');
}
}
/**
* Проверка подписи платежа
*/
public function validateHash($validator, $values)
{
$sign = base64_encode(mhash(MHASH_SHA1, sfConfig::get('app_sentry_password') . $values['MerID'] . $values['AcqID'] . $values['OrderID']));
if ($sign === @$values['Signature']) {
return $sign;
}
throw new sfValidatorError($validator, 'Invalid.');
}
public function encrypt($data = '', $settings = array())
{
$cipher = isset($settings['cipher']) ? $settings['cipher'] : 'sha256';
$key = isset($settings['key']) ? $settings['key'] : Config::get('Encode', 'projectKey');
// MHASH_ ön eki ilave ediliyor.
$cipher = Convert::toConstant($cipher, 'MHASH_');
return base64_encode(trim(mhash($cipher, $data, $key)));
}
/**
* @param Metadata $metadata metadata
*
* @return string
*/
private function extractTokenFromMetadata(Metadata $metadata)
{
$phrase = $metadata->key;
if ($metadata->passphrase) {
$phrase .= ':' . $metadata->passphrase;
}
return mhash(MHASH_SHA256, $phrase);
}
function make_md4_password($password)
{
if (function_exists('hash')) {
$hash = strtoupper(hash("md4", iconv("UTF-8", "UTF-16LE", $password)));
} else {
$hash = strtoupper(bin2hex(mhash(MHASH_MD4, iconv("UTF-8", "UTF-16LE", $password))));
}
return $hash;
}
/**
* old punbb hash function
* @return string
*/
public static function punHash($str)
{
if (function_exists('sha1')) {
return sha1($str);
} elseif (function_exists('mhash')) {
return bin2hex(mhash(MHASH_SHA1, $str));
}
return md5($str);
}
public function createAuthToken()
{
$datePart = gmdate("Ymd");
$timePart = gmdate("H");
$authString = $this->securityWord . ":" . $datePart . ":" . $timePart;
$sha256 = bin2hex(mhash(MHASH_SHA256, $authString));
return strtoupper($sha256);
}
protected static function _digestMhash($algorithm, $data, $binaryOutput)
{
$constant = constant('MHASH_' . strtoupper($algorithm));
$binary = mhash($constant, $data);
if ($binaryOutput) {
return $binary;
}
return bin2hex($binary);
}
/**
* 新增
*/
function create_form($list)
{
$pname = get_class($this);
$this_script = "http://{$_SERVER['HTTP_HOST']}";
$this->add_field('v_mid', GetValue($pname . "_id"));
//商户编号
$this->add_field('v_oid', date('Ymd') . '-' . GetValue($pname . "_id") . '-' . $list['sn']);
//订单编号
$this->add_field('v_rcvname', $list['delivery_firstname'] . " " . $list['delivery_lastname']);
//收货人姓名
$this->add_field('v_rcvaddr', $list['delivery_address']);
//收货人地址
$this->add_field('v_rcvtel', $list['delivery_telephone']);
//收货人电话
$this->add_field('v_rcvpost', $list['delivery_zip']);
//收货人邮编
$this->add_field('v_amount', $list['orders_total']);
//订单总金额
//$this->add_field('v_language','en');//订单语言
$this->add_field('v_ymd', date('Ymd', $list['dateline']));
//订单产生日期
$this->add_field('v_orderstatus', 1);
//配货状态
$this->add_field('v_ordername', $list['delivery_firstname'] . " " . $list['delivery_lastname']);
//订货人姓名
$this->add_field('v_moneytype', 1);
//币种,0为人民币,1为美元,2为欧元,3为英镑,4为日元,5为韩元,6为澳大利亚元
$this->add_field('v_url', $this_script . U('Payment/payeasy_return'));
//支付动作完成后返回到该url,支付结果以GET方式发送
$this->add_field('v_md5info', bin2hex(mhash(MHASH_MD5, "1" . date('Ymd', $list['dateline']) . $list['orders_total'] . $list['delivery_firstname'] . " " . $list['delivery_lastname'] . date('Ymd') . '-' . GetValue($pname . "_id") . '-' . $list['sn'] . GetValue($pname . "_id") . $this_script . U('Payment/payeasy_return'), GetValue($pname . "_key"))));
//订单数字指纹
$this->add_field('v_shipstreet', $list['delivery_address']);
//送货街道地址
$this->add_field('v_shipcity', $list['delivery_city']);
//送货城市
//$this->add_field('v_shipstate',$_POST['']);//送货省/州
$this->add_field('v_shippost', $list['delivery_zip']);
//送货邮编
//$this->add_field('v_shipcountry','840');//送货国家
$this->add_field('v_shipphone', $list['delivery_telephone']);
//送货电话
$this->add_field('v_shipemail', $list['delivery_email']);
//送货Email
$this->form .= "<form method=\"post\" name=\"pay_form\" ";
$this->form .= "action=\"" . $this->submit_url . "\">\n";
foreach ($this->fields as $name => $value) {
$this->form .= "<input type=\"hidden\" name=\"{$name}\" value=\"{$value}\"/>\n";
}
$this->form .= "</form>\n";
if (GetValue($list['payment_module_code'] . '_autosubmit') == 1) {
$delay = GetValue($list['payment_module_code'] . '_delay');
$delay = $delay ? $delay : 5;
$this->form .= $this->submit($delay);
//是否自动提交,延迟5秒
}
return $this->form;
}
function mhashhex($hash, $data, $key = '')
{
static $mhash_loaded = null;
if ($mhash_loaded === null) {
$mhash_loaded = extension_loaded('mhash');
}
if ($mhash_loaded) {
if ($key) {
return bin2hex(mhash($hash, $data, $key));
} else {
return bin2hex(mhash($hash, $data));
}
}
switch ($hash) {
case MHASH_MD5:
if (strlen($key) == 0) {
return md5($data);
}
// Source: http://www.php.net/manual/en/function.mhash.php
// RFC 2104 HMAC implementation for php. Hacked by Lance Rushing
$b = 64;
// byte length for md5
if (strlen($key) > $b) {
$key = pack('H*', md5($key));
}
$key = str_pad($key, $b, "");
$ipad = str_pad('', $b, "6");
$opad = str_pad('', $b, "\\");
$k_ipad = $key ^ $ipad;
$k_opad = $key ^ $opad;
return md5($k_opad . pack('H*', md5($k_ipad . $data)));
case MHASH_SHA1:
if (!function_exists('sha1')) {
trigger_error(sprintf('Unsupported mhash type: %s', $hash), E_USER_WARNING);
return false;
}
if (strlen($key) == 0) {
return sha1($data);
}
$b = 64;
// byte length for sha1
// see /usr/src/mhash-0.8.17/lib/mhash.c
if (strlen($key) > $b) {
$key = pack('H*', sha1($key));
}
$key = str_pad($key, $b, "");
$ipad = str_pad('', $b, "6");
$opad = str_pad('', $b, "\\");
$k_ipad = $key ^ $ipad;
$k_opad = $key ^ $opad;
return sha1($k_opad . pack('H*', sha1($k_ipad . $data)));
default:
trigger_error(sprintf('Unsupported mhash type: %s', $hash), E_USER_WARNING);
return false;
}
}
function hash($data)
{
if ($this->__sha1Exists) {
return sha1($data);
}
if (${$this}->__mhashExists) {
return bin2hex(mhash(MHASH_SHA1, $data));
}
return md5($data);
}
/**
* Generates a fingerprint needed for a hosted order form or DPM.
*
* @param string $api_login_id Login ID.
* @param string $transaction_key API key.
* @param string $amount Amount of transaction.
* @param string $fp_sequence An invoice number or random number.
* @param string $fp_timestamp Timestamp.
* @param string $fp_currency_code Currency Code.
*
* @return string The fingerprint.
*/
public static function getFingerprint($api_login_id, $transaction_key, $amount, $fp_sequence, $fp_timestamp, $fp_currency_code = null)
{
$api_login_id = $api_login_id ? $api_login_id : (defined('AUTHORIZENET_API_LOGIN_ID') ? AUTHORIZENET_API_LOGIN_ID : "");
$transaction_key = $transaction_key ? $transaction_key : (defined('AUTHORIZENET_TRANSACTION_KEY') ? AUTHORIZENET_TRANSACTION_KEY : "");
$currency_code = !is_null($fp_currency_code) ? $fp_currency_code : "";
if (function_exists('hash_hmac')) {
return hash_hmac("md5", $api_login_id . "^" . $fp_sequence . "^" . $fp_timestamp . "^" . $amount . "^" . $currency_code, $transaction_key);
}
return bin2hex(mhash(MHASH_MD5, $api_login_id . "^" . $fp_sequence . "^" . $fp_timestamp . "^" . $amount . "^" . $currency_code, $transaction_key));
}
function registerFormSubmitted()
{
require 'include/configGlobals.php';
connectDatabase();
slashAllInputs();
//This makes sure they did not leave any fields blank
if (!$_POST['username'] | !$_POST['email'] | !$_POST['firstName'] | !$_POST['lastName']) {
die('You did not complete all of the required fields');
}
if (!isUsernameValid($_POST['username'])) {
die('Sorry, that username is invalid. Please go back and try again.');
}
// checks if the username is in use
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username = '******'") or die(mysql_error());
$check2 = mysql_num_rows($check);
//if the name exists it gives an error
if ($check2 != 0) {
die('Sorry, the username ' . $_POST['username'] . ' is already in use. Please go back and try again.');
}
$emailcheck = $_POST['email'];
$check = mysql_query("SELECT email FROM users WHERE email = '{$emailcheck}'") or die(mysql_error());
$check2 = mysql_num_rows($check);
//if the email exists it gives an error
if ($check2 != 0) {
die('Sorry, the email ' . $_POST['email'] . ' has already been registered. Please go back and try again.');
}
$tempPassword = rand_string(16);
// here we encrypt the password and add slashes if needed
$hashPassword = md5($tempPassword);
$hashUsername = md5($_POST['username']);
$hash256Password = bin2hex(mhash(MHASH_SHA256, $tempPassword));
$hash256Username = bin2hex(mhash(MHASH_SHA256, $_POST['username']));
$creationDate = date('Y-m-d');
// now we insert it into the database
$insert = "INSERT INTO users (username, pass, sha256_user, sha256_pass, fname, lname, addr1, addr2, city, state, zip, hphone, cphone, email, econtact, econtact_phone, econtact_rel, creation) VALUES (\n '" . $_POST['username'] . "',\n '" . $hashPassword . "',\n\t\t '" . $hash256Username . "',\n\t\t '" . $hash256Password . "',\n '" . $_POST['firstName'] . "',\n '" . $_POST['lastName'] . "',\n '" . $_POST['address1'] . "',\n '" . $_POST['address2'] . "',\n '" . $_POST['city'] . "',\n '" . $_POST['state'] . "',\n '" . $_POST['zipCode'] . "',\n '" . $_POST['homePhone'] . "',\n '" . $_POST['cellPhone'] . "',\n '" . $_POST['email'] . "',\n '" . $_POST['econtact'] . "',\n '" . $_POST['econtactPhone'] . "',\n '" . $_POST['econtactRel'] . "',\n '" . $creationDate . "'\n )";
$add_member = mysql_query($insert);
$to = $_POST['email'];
$from = $email_Administrator;
$subject = 'Registered on ' . $club_Abbr . ' Online Registration Site';
$message = "--{$mime_boundary}\n";
$message .= "Content-Type: text/plain; charset=UTF-8\r\n";
$message .= "Content-Transfer-Encoding: 8bit\r\n";
$message .= 'Thank you for registering on the ' . $club_Abbr . ' Online Registration site.' . "\n" . "\n" . 'Your username is: [ ' . $usercheck . " ]\n" . 'Your temporary password is: [ ' . $tempPassword . " ]\n" . "\n" . 'Login at ' . $http_Logout . ' to change your password and register for events.' . "\n" . "\n" . 'Thank you!' . "\n" . '- ' . $club_Abbr . ' Administration' . "\n";
$message .= "--{$mime_boundary}--\n\n";
if (sendEmail($to, $from, $subject, $message) != false) {
echo "<h1>Registered</h1>\n";
echo "Thank you, you have registered. An email has been sent to " . $to . " \n";
echo "with your username and temporary password. Depending on internal server traffic, this may take some time.<br><br>\n";
echo "When you receive your temporary password you may <a href=\"index.php\">login</a> to continue.\n";
} else {
echo "<h1>Internal Email Error. Please contact administrator at " . $email_Administrator . "</h1>\n";
}
}
function hash_sha256($string)
{
if (function_exists('hash')) {
return hash('sha256', $string, true);
}
if (function_exists('mhash')) {
return mhash(MHASH_SHA256, $string);
}
// insert native php implementation of sha256 here
throw new Exception('Too lazy to fallback when the guy who configured php was lazy too');
}
/**
* Creates authentication token
*
* @param string $secWord LR API secret word
* @return <authentication token>
*/
private function createAuthToken($secWord)
{
$datePart = gmdate("Ymd");
$timePart = gmdate("H");
$authString = $secWord . ":" . $datePart . ":" . $timePart;
if (!extension_loaded('mhash')) {
$hash = strtoupper(hash('sha256', $authString));
} else {
$hash = strtoupper(bin2hex(mhash(MHASH_SHA256, $authString)));
}
return $hash;
}
function build_form($order, $payment_config)
{
$loginID = $this->loginid;
$transactionKey = $this->_key;
$amount = number_format($order['amount'], 2);
$description = $order['subject'];
$label = "pay with SIM";
// The is the label on the 'submit' button
$testMode = "true";
// 是否开启测试功能, 如果开启,则网上付款都是测试,paypal也有此功能,只是方式不一样
$url = "https://test.authorize.net/gateway/transact.dll";
// 这个是测试地址,实际付款地址为: $url = "https://secure.authorize.net/gateway/transact.dll"
$invoice = date('YmdHis');
// a sequence number is randomly generated
$sequence = rand(1, 1000);
// a timestamp is generated
$timeStamp = time();
if (phpversion() >= '5.1.2') {
$fingerprint = hash_hmac("md5", $loginID . "^" . $sequence . "^" . $timeStamp . "^" . $amount . "^", $transactionKey);
} else {
$fingerprint = bin2hex(mhash(MHASH_MD5, $loginID . "^" . $sequence . "^" . $timeStamp . "^" . $amount . "^", $transactionKey));
}
$dt = '<div>';
$dt .= "Amount: {$amount} <br />";
$dt .= "Description: {$description} <br />";
// 创建html 表单,里面包含了必须的SIM 内容
$dt .= "<FORM method='post' action='{$url}' target='_blank' >";
$oid = $order['order_id'];
$rurl = $payment_config['return_url'];
// Additional fields can be added here as outlined in the SIM integration guide
// at: http://developer.authorize.net
$dt .= " <INPUT type='hidden' name='x_login' value='{$loginID}' />";
// ID
$dt .= " <INPUT type='hidden' name='x_amount' value='{$amount}' />";
// 付款金额
$dt .= " <INPUT type='hidden' name='x_description' value='{$description}' />";
// 描述
$dt .= " <INPUT type='hidden' name='x_invoice_num' value='{$invoice}' />";
$dt .= " <INPUT type='hidden' name='x_fp_sequence' value='{$sequence}' />";
$dt .= " <INPUT type='hidden' name='x_fp_timestamp' value='{$timeStamp}' />";
$dt .= " <INPUT TYPE=HIDDEN NAME='x_cust_id' VALUE='{$oid}'>";
//order id
$dt .= " <INPUT type='hidden' name='x_fp_hash' value='{$fingerprint}' />";
$dt .= " <INPUT type='hidden' name='x_test_request' value='{$testMode}' />";
$dt .= " <INPUT type='hidden' name='x_show_form' value='PAYMENT_FORM' />";
$dt .= " <INPUT type='hidden' name='x_relay_response' value='TRUE' />";
$dt .= " <INPUT type='hidden' name='x_relay_url' value='{$rurl}' />";
$dt .= " <input type='submit' value='{$label}' style='margin:5px 0;'/>";
$dt .= "</FORM>";
$dt .= '</div>';
return $dt;
}
/**
* nv_Crypt::hash()
*
* @param mixed $data
* @param bool $is_salt
* @return
*/
public function hash($data, $is_salt = false)
{
$inner = pack('H32', call_user_func($this->_func, $this->_ipad . $data));
$digest = call_user_func($this->_func, $this->_opad . $inner);
if (!$is_salt) {
return $digest;
}
$mhast = constant('MHASH_' . strtoupper($this->_func));
$salt = substr(str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789"), 0, 8);
$salt = mhash_keygen_s2k($mhast, $digest, substr(pack('h*', md5($salt)), 0, 8), 4);
$hash = strtr(base64_encode(mhash($mhast, $digest . $salt) . $salt), '+/=', '-_,');
return $hash;
}
/**
* Create a hash from string using given method. Fallback on next available method.
*
* @param string $string String to hash.
* @param string $type Method to use (sha1/sha256/md5, or any method supported
* by the `hash()` function).
* @param string $salt
* @return string Hash.
*/
public static function hash($string, $type = null, $salt = null)
{
$string = $salt . $string;
switch (true) {
case ($type == 'sha1' || !$type) && function_exists('sha1'):
return sha1($string);
case $type == 'sha256' && function_exists('mhash'):
return bin2hex(mhash(MHASH_SHA256, $string));
case function_exists('hash'):
return hash($type, $string);
default:
}
return md5($string);
}
function sha1_smf($str)
{
// If we have mhash loaded in, use it instead!
if (function_exists('mhash') && defined('MHASH_SHA1')) {
return bin2hex(mhash(MHASH_SHA1, $str));
}
$nblk = (strlen($str) + 8 >> 6) + 1;
$blks = array_pad(array(), $nblk * 16, 0);
for ($i = 0; $i < strlen($str); $i++) {
$blks[$i >> 2] |= ord($str[$i]) << 24 - $i % 4 * 8;
}
$blks[$i >> 2] |= 0x80 << 24 - $i % 4 * 8;
return sha1_core($blks, strlen($str) * 8);
}
private function _validateHash($options)
{
$originalHash = array_pop($options);
if (isset($options['x_currency_code'])) {
$options['x_currency_code'] = self::CURRENCY;
}
$data = implode('^', array_values($options));
$realHash = bin2hex(mhash(MHASH_MD5, $data, $this->key));
if ($originalHash !== $realHash) {
return false;
} else {
return true;
}
}
function ValidatePassword($password, $hash)
{
$hash = base64_decode(substr($hash, 6));
$original_hash = substr($hash, 0, 20);
$salt = substr($hash, 20);
$new_hash = mhash(MHASH_SHA1, $password . $salt);
if (strcmp($original_hash, $new_hash) == 0) {
// senha correta
return 1;
} else {
// senha incorreta
return 0;
}
}
function _xwb_hash_hmac_compact_mhash($algo, $base_string, $key, $raw = false)
{
if (empty($algo)) {
return false;
}
switch ($algo) {
case 'md5':
return mhash(MHASH_MD5, $base_string, $key);
break;
case 'sha1':
return mhash(MHASH_SHA1, $base_string, $key);
break;
}
}
function NTLMHash($Input)
{
// Convert the password from UTF8 to UTF16 (little endian)
$Input = iconv('UTF-8', 'UTF-16LE', $Input);
// Encrypt it with the MD4 hash
$MD4Hash = bin2hex(mhash(MHASH_MD4, $Input));
// You could use this instead, but mhash works on PHP 4 and 5 or above
// The hash function only works on 5 or above
//$MD4Hash=hash('md4',$Input);
// Make it uppercase, not necessary, but it's common to do so with NTLM hashes
$NTLMHash = strtoupper($MD4Hash);
// Return the result
return $NTLMHash;
}
function openld_hash($str)
{
if (function_exists('sha1')) {
// Only in PHP 4.3.0+
return sha1($str);
} else {
if (function_exists('mhash')) {
// Only if Mhash library is loaded
return bin2hex(mhash(MHASH_SHA1, $str));
} else {
return md5($str);
}
}
}