/** * RIJNDAEL 256: two-way encryption/decryption, with a URL-safe base64 wrapper. * * Falls back on XOR encryption/decryption when/if mcrypt is not possible. * * @package optimizeMember\Utilities * @since 3.5 * * @param str $string A string of data to encrypt. * @param str $key Optional. Key used for encryption. Defaults to the one configured for optimizeMember. Short of that, defaults to: ``wp_salt()``. * @param bool $w_md5_cs Optional. Defaults to true. When true, an MD5 checksum is used in the encrypted string *( recommended )*. * @return str Encrypted string. */ public static function encrypt($string = FALSE, $key = FALSE, $w_md5_cs = TRUE) { if (function_exists("mcrypt_encrypt") && in_array("rijndael-256", mcrypt_list_algorithms()) && in_array("cbc", mcrypt_list_modes())) { $string = is_string($string) ? $string : ""; $string = strlen($string) ? "~r2|" . $string : ""; /**/ $key = c_ws_plugin__optimizemember_utils_encryption::key($key); $key = substr($key, 0, mcrypt_get_key_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC)); /**/ $iv = c_ws_plugin__optimizemember_utils_strings::random_str_gen(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC), false); /**/ if (strlen($string) && is_string($e = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $string, MCRYPT_MODE_CBC, $iv)) && strlen($e)) { $e = "~r2:" . $iv . ($w_md5_cs ? ":" . md5($e) : "") . "|" . $e; } /**/ return isset($e) && is_string($e) && strlen($e) ? $base64 = c_ws_plugin__optimizemember_utils_strings::base64_url_safe_encode($e) : ""; } else { /* Fallback on XOR encryption. */ return c_ws_plugin__optimizemember_utils_encryption::xencrypt($string, $key, $w_md5_cs); } }
/** * Generates a PayPal Proxy Key, for simulated IPN responses. * * @package optimizeMember\PayPal * @since 3.5 * * @return str A Proxy Key. It's an MD5 Hash, 32 chars, URL-safe. */ public static function paypal_proxy_key_gen() { global $current_site, $current_blog; /* Multisite Networking. */ /**/ eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;'); do_action("ws_plugin__optimizemember_before_paypal_proxy_key_gen", get_defined_vars()); unset($__refs, $__v); /* Unset defined __refs, __v. */ /**/ if (is_multisite() && !is_main_site()) { $key = md5(c_ws_plugin__optimizemember_utils_encryption::xencrypt($current_blog->domain . $current_blog->path, false, false)); } else { /* Else it's a standard Proxy Key; not on a Multisite Network, or not on the Main Site anyway. */ $key = md5(c_ws_plugin__optimizemember_utils_encryption::xencrypt(preg_replace("/\\:[0-9]+\$/", "", $_SERVER["HTTP_HOST"]), false, false)); } /**/ return apply_filters("ws_plugin__optimizemember_paypal_proxy_key_gen", $key, get_defined_vars()); }
/** * Generates an API Key, for Remote Operations. * * @package optimizeMember\API_Remote_Ops * @since 110713 * * @return str An API Key. It's an MD5 Hash, 32 chars, URL-safe. */ public static function remote_ops_key_gen() { global $current_site, $current_blog; /**/ if (is_multisite() && !is_main_site()) { $key = md5(c_ws_plugin__optimizemember_utils_encryption::xencrypt($current_blog->domain . $current_blog->path, false, false)); } else { /* Else it's a standard API Key; not on a Multisite Network, or not on the Main Site anyway. */ $key = md5(c_ws_plugin__optimizemember_utils_encryption::xencrypt(preg_replace("/\\:[0-9]+\$/", "", $_SERVER["HTTP_HOST"]), false, false)); } /**/ return apply_filters("ws_plugin__optimizemember_pro_remote_ops_key", !empty($key) ? $key : ""); }
function optimizemember_xencrypt($string = FALSE, $key = FALSE, $w_md5_cs = TRUE) { return c_ws_plugin__optimizemember_utils_encryption::xencrypt($string, $key, $w_md5_cs); }
/** * Creates a File Download Key. * * Builds a hash of: ``date("Y-m-d") . $_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"] . $file``. * * @package optimizeMember\Files * @since 3.5 * * @param str $file Location of your protected file, relative to the `/optimizemember-files/` directory. * In other words, just the name of the file *(i.e. `file.zip` )*. * @param str $directive Optional. One of `ip-forever|universal|cache-compatible`. * `ip-forever` = a Download Key that never expires, tied only to a specific file and IP address. * `universal` and/or `cache-compatible` = a Download Key which never expires, and is NOT tied to any specific User. Use at your own risk. * @return str A Download Key. MD5 hash, 32 characters, URL-safe. */ public static function file_download_key($file = FALSE, $directive = FALSE) { eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;'); do_action("ws_plugin__optimizemember_before_file_download_key", get_defined_vars()); unset($__refs, $__v); /* Unset defined __refs, __v. */ /**/ $file = $file && is_string($file) && ($file = trim($file, "/")) ? $file : ""; /**/ if ($directive === "ip-forever" && c_ws_plugin__optimizemember_no_cache::no_cache_constants(true)) { $salt = $file . $_SERVER["REMOTE_ADDR"]; } else { if ($directive === "universal" || $directive === "cache-compatible" || $directive) { $salt = $file; } else { if (c_ws_plugin__optimizemember_no_cache::no_cache_constants(true)) { $salt = date("Y-m-d") . $_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"] . $file; } } } /**/ $key = !empty($salt) ? md5(c_ws_plugin__optimizemember_utils_encryption::xencrypt($salt, false, false)) : ""; /**/ return apply_filters("ws_plugin__optimizemember_file_download_key", $key, get_defined_vars()); }