/** * Decrypt the data when taking it out of the database * @Developer brandon * @Date May 18, 2010 */ public function __get($key) { $value = parent::__get($key); if (in_array($key, array('content', 'title'))) { if ($value) { $encrypt = new Encrypt(); $value = $encrypt->decode($value); } } return $value; }
public function send() { $c = new Encrypt(); $message = $c->encode(json_encode($this->attributes)); $q = MessageQueue::Get($account); try { $q->send($this->queue, $message); return TRUE; } catch (AWSException $ex) { return FALSE; } }
public function __construct() { $this->cookie_name = Lemon::config('session.name') . '_data'; if (Lemon::config('session.encryption')) { $this->encrypt = Encrypt::instance(); } }
public function __construct() { // Load configuration $config = Kohana::config('session'); if ( ! empty($config['encryption'])) { // Load encryption $this->encrypt = Encrypt::instance(); } if (is_array($config['storage'])) { if ( ! empty($config['storage']['group'])) { // Set the group name $this->db = $config['storage']['group']; } if ( ! empty($config['storage']['table'])) { // Set the table name $this->table = $config['storage']['table']; } } // Load database $this->db = Database::instance($this->db); Kohana::log('debug', 'Session Database Driver Initialized'); }
/** * 确认注册【设定密码】 * @method registerAction * @return [type] [description] * @author NewFuture */ public function registerAction() { $msg = '信息注册失败!'; if ($regInfo = Session::get('reg')) { Session::del('reg'); if (Input::post('password', $password, 'trim') === false) { /*密码未md5*/ $this->error('密码错误', '/'); } elseif (!$password) { /*未设置密码*/ $password = $regInfo['password']; } $regInfo['password'] = Encrypt::encryptPwd($password, $regInfo['number']); if ($id = UserModel::insert($regInfo)) { /*注册成功*/ $regInfo['id'] = $id; $token = Auth::token($regInfo); Cookie::set('token', [$id => $token]); unset($regInfo['password']); Session::set('user', $regInfo); $msg = '信息注册成功!'; } } $this->jump('/', $msg); }
/** * Verify the Facebook credentials. * * @throws Kohana_Exception * @param string the service name * @return boolean */ public function verify($service = MMI_API::SERVICE_FACEBOOK) { $access_token = NULL; if (!array_key_exists('fragment', $_GET)) { $this->_convert_fragment_to_parameter(); } else { $fragment = urldecode(Security::xss_clean($_GET['fragment'])); parse_str($fragment, $parms); $access_token = Arr::get($parms, 'access_token'); unset($parms); } // Ensure the access token is set if (empty($access_token)) { MMI_Log::log_error(__METHOD__, __LINE__, 'Access token parameter missing'); throw new Kohana_Exception('Access token parameter missing in :method.', array(':method' => __METHOD__)); } // Load existing data from the database $auth_config = $this->_auth_config; $username = Arr::get($auth_config, 'username'); $model; if (!empty($username)) { $model = Model_MMI_API_Tokens::select_by_service_and_username($service, $username, FALSE); } else { $consumer_key = Arr::get($auth_config, 'api_key'); $model = Model_MMI_API_Tokens::select_by_service_and_consumer_key($service, $consumer_key, FALSE); } $success = FALSE; $previously_verified = FALSE; if ($model->loaded()) { // Check if the credentials were previously verified $previously_verified = $model->verified; $success = $previously_verified; } if (!$previously_verified) { // Create an access token $token = new OAuthToken($access_token, $service . '-' . time()); // Update the token credentials in the database $svc = MMI_API::factory($service); if (isset($token) and $svc->is_valid_token($token)) { $encrypt = Encrypt::instance(); $model->service = $service; $model->consumer_key = 'consumer-' . $service; $model->consumer_secret = $encrypt->encode($service . '-' . time()); $model->token_key = $token->key; $model->token_secret = $encrypt->encode($token->secret); unset($encrypt); $model->verified = 1; $model->verification_code = $service . '-' . time(); $model->username = $username; if (array_key_exists('expires_in', $_GET)) { $model->attributes = array('expires_in' => urldecode(Security::xss_clean($_GET['expires_in']))); } $success = MMI_Jelly::save($model, $errors); if (!$success and $this->_debug) { MMI_Debug::dead($errors); } } } return $success; }
public function encode($data) { // Set the rand type if it has not already been set if (Encrypt::$_rand === NULL) { $is_windows = DIRECTORY_SEPARATOR === '\\'; if ($is_windows) { // Windows only supports the system random number generator Encrypt::$_rand = MCRYPT_RAND; } else { if (defined('MCRYPT_DEV_URANDOM')) { // Use /dev/urandom Encrypt::$_rand = MCRYPT_DEV_URANDOM; } elseif (defined('MCRYPT_DEV_RANDOM')) { // Use /dev/random Encrypt::$_rand = MCRYPT_DEV_RANDOM; } else { // Use the system random number generator Encrypt::$_rand = MCRYPT_RAND; } } } if (Encrypt::$_rand === MCRYPT_RAND) { // The system random number generator must always be seeded each // time it is used, or it will not produce true random results mt_srand(); } // Create a random initialization vector of the proper size for the current cipher $iv = mcrypt_create_iv($this->_iv_size, Encrypt::$_rand); // Encrypt the data using the configured options and generated iv $data = mcrypt_encrypt($this->_cipher, $this->_key, $data, $this->_mode, $iv); // Use base64 encoding to convert to a string return base64_encode($iv . $data); }
public static function initialise() { if (NULL === self::$_instance) { self::$_instance = new self(); } return self::$_instance; }
/** * Verify the Flickr credentials. * * @throws Kohana_Exception * @return boolean */ public function verify() { // Set the service $service = $this->_service; if (empty($service)) { MMI_Log::log_error(__METHOD__, __LINE__, 'Service not set'); throw new Kohana_Exception('Service not set in :method.', array(':method' => __METHOD__)); } // Ensure the frob is set $frob = NULL; if (array_key_exists('frob', $_GET)) { $frob = urldecode(Security::xss_clean($_GET['frob'])); } if (empty($frob)) { MMI_Log::log_error(__METHOD__, __LINE__, 'Frob parameter missing'); throw new Kohana_Exception('Frob parameter missing in :method.', array(':method' => __METHOD__)); } // Load existing data from the database $auth_config = $this->_auth_config; $username = Arr::get($auth_config, 'username'); $model; if (!empty($username)) { $model = Model_MMI_API_Tokens::select_by_service_and_username($service, $username, FALSE); } else { $model = Jelly::factory('MMI_API_Tokens'); } $success = FALSE; if ($model->loaded()) { // Check if the credentials were previously verified $previously_verified = $model->verified; if ($previously_verified) { $success = TRUE; } else { // Create a dummy verification code $verification_code = $service . '-' . time(); } // Do database update if (!$previously_verified) { // Get an access token $svc = MMI_API::factory($service); $token = $svc->get_access_token($verification_code, array('token_key' => $frob, 'token_secret' => $service . '-' . time())); // Update the token credentials in the database if (isset($token) and $svc->is_valid_token($token)) { $model->token_key = $token->key; $model->token_secret = Encrypt::instance()->encode($token->secret); $model->verified = 1; $model->verification_code = $verification_code; if (!empty($token->attributes)) { $model->attributes = $token->attributes; } $success = MMI_Jelly::save($model, $errors); if (!$success and $this->_debug) { MMI_Debug::dead($errors); } } } } return $success; }
public function __construct() { $this->cookie_name = Eight::config('session.name') . '_data'; if (Eight::config('session.encryption')) { $this->encrypt = Encrypt::instance(); } Eight::log('debug', 'Session Cookie Driver Initialized'); }
public function __construct() { $this->cookie_name = Kohana::config('session.name') . '_data'; if (Kohana::config('session.encryption')) { $this->encrypt = Encrypt::instance(); } Kohana_Log::add('debug', 'Session Cookie Driver Initialized'); }
/** * Necessary override to enable per-column encryption. * @param String $column * @return mixed */ public function __get($column) { if (in_array($column, $this->_encrypted_compressed_columns)) { return gzuncompress(Encrypt::instance()->decode(parent::__get($column))); } if (in_array($column, $this->_encrypted_columns)) { return Encrypt::instance()->decode(parent::__get($column)); } return parent::__get($column); }
/** * Get or set our $_COOKIE var via . sperated array access * * @param key string A period seperated string of array keys and values * @param value string The value to be set * * @return string */ static function cookie($key, $value = null) { $key = ID . '_' . $key; if (!is_null($value)) { //set the cookie expirey to 24 hours time setcookie($key, Encrypt::encrypt($value), time() + 3600 * 24); return; } return Encrypt::decrypt($_COOKIE[$key]); }
/** * 获取用户真实手机 * GET /user/1/email * @method GET_infoAction * @param integer $id [description] * @author NewFuture */ public function GET_emailAction($id = 0) { $pid = $this->authPrinter(); if (TaskModel::where('use_id', $id)->where('pri_id', $pid)->get('id')) { $email = UserModel::where('id', '=', $id)->get('email'); $email = $email ? Encrypt::decryptEmail($email) : null; $this->response(1, $email); } else { $this->response(0, '此同学未在此打印过'); } }
public function get($name, $dec = true, $encKey = '') { $enValue = isset($_COOKIE[$name]) ? $_COOKIE[$name] : false; if (!$enValue) { return false; } if ($dec) { $encKey = $encKey ?: $this->encCode; $deValue = Encrypt::auth($enValue, $encKey, 'DECODE'); } else { $deValue = $value; } return $deValue ?: false; }
/** * Decrypts the packets received from the client on the first connection */ public function firstDecrypt($client, $data) { $firstClientKey = self::$clients[(int) UltimaPHP::$conf['server']['client']['major'] . (int) UltimaPHP::$conf['server']['client']['minor'] . (int) UltimaPHP::$conf['server']['client']['revision']][0]; $secondClientKey = self::$clients[(int) UltimaPHP::$conf['server']['client']['major'] . (int) UltimaPHP::$conf['server']['client']['minor'] . (int) UltimaPHP::$conf['server']['client']['revision']][1]; $len = strlen($data); for ($i = 0; $i < $len; $i++) { $data[$i] = self::$currentKey0 ^ $data[$i]; $oldkey0 = self::$currentKey0; $oldkey1 = self::$currentKey1; self::$currentKey0 = ($oldkey0 >> 1 | $oldkey1 << 31) ^ $secondClientKey; self::$currentKey1 = ((($oldkey1 >> 1 | $oldkey0 << 31) ^ $firstClientKey - 1) >> 1 | $oldkey0 << 31) ^ $firstClientKey; } return $data; }
public function action_company() { $visitor_data = Arr::get($_POST, 'data') ? unserialize(Encrypt::instance('statistics')->decode($_POST['data'])) : NULL; $company = ORM::factory('service', $this->request->param('id')); if (!$company->loaded() or !$visitor_data) { return FALSE; } $request = Request::factory(Route::get('company_info')->uri(array('id' => $company->id, 'company_type' => Model_Service::$type_urls[$company->type]))); // Если URI не совпадает или истекло время if ($request->uri() != $visitor_data['uri'] or strtotime(Date::formatted_time()) - $visitor_data['time_created'] > 60) { return FALSE; } $visit_data = array('date' => Date::formatted_time(), 'uri' => $request->uri(), 'directory' => $request->directory(), 'controller' => $request->controller(), 'action' => $request->action(), 'params' => json_encode($request->get_params()), 'client_ip' => $visitor_data['client_ip'], 'referrer' => $visitor_data['referrer']); ORM::factory('visit')->save_visit($visit_data); }
/** * [isTokenIllegal description] * @param Request $Request [description] * @return boolean [description] */ public function isTokenIllegal(Request $Request) { $data = array(); $token = ""; $Request->exportForAccessibilityCheck($data); $token = $Request->getToken(); ksort($data); $str = ""; foreach ($data as $key => $value) { $str .= $value; } $str .= $this->_public_key; if (!Encrypt::match($str, $token)) { return true; } return false; }
public function _getUser() { // 解密cas server传来的原始数据 $encKey = $this->cfg['encKey']; if ($encVal = Encrypt::auth(phpCAS::getUser(), $encKey, 'DECODE')) { $encVal = json_decode($encVal, true); if ($this->isAdmin) { // 获取redis权限 $redis = new \Redis(); $redis->connect($this->cfg['redis']['host'], $this->cfg['redis']['port']); $redis->select($this->cfg['redis']['dbname']); $res = unserialize($redis->get('group' . $encVal['ugroup'] . '_' . $this->cfg['siteid'])); $encVal['permMenu'] = unserialize($redis->get('group' . $encVal['ugroup'] . '_' . $this->cfg['siteid'])); } } return $encVal ?: false; }
public function ChangeSSPwd() { $result = array('error' => 1, 'message' => '修改失败'); $uid = trim($_GET['uid']); $user_cookie = explode('\\t', Encrypt::decode(base64_decode($_COOKIE['auth']), COOKIE_KEY)); $sspwd = trim($_GET['sspwd']); if ('' == $sspwd || null == $sspwd) { $sspwd = Util::GetRandomPwd(); } if ($uid == $user_cookie[0]) { $user = UserModel::GetUserByUserId($uid); $user->sspwd = $sspwd; $user->updateUser(); $result = array('error' => 1, 'message' => '修改SS连接密码成功'); } echo json_encode($result); exit; }
public function identifyUser() { $whereQuery = array(); $i = 0; foreach ($this->auth->userCredentials as $key => $value) { if ($i === 0) { $whereQuery[$key . ' ='] = $value; $this->username = $value; } if ($i == 2 || $key == 'status') { $whereQuery["{$key} ="] = $value; } $i++; } try { $userCredentials = $this->auth->where($whereQuery)->findAll(); } catch (\Exception $ex) { throw new \Exception($ex->getMessage()); } if (($this->auth->rowCount() && count($userCredentials)) > 0) { if (Encrypt::instance()->decode($userCredentials[0]->password) == $this->auth->userCredentials['password']) { $credentials['isLoggedIn'] = true; $credentials['flashMsg'] = ucfirst($this->username) . ' ' . $this->msg; $this->sessionDetails = $this->auth->getSessionConfig(); foreach ($this->sessionDetails['value'] as $key => $val) { $credentials[$val] = $userCredentials[0]->{$val}; unset($userCredentials[0]->{$val}); } $isSessionExists = Session::instance()->save($this->sessionDetails['key'], $credentials); //show($isSessionExists); $this->setUserDetails($credentials); return $isSessionExists == true ? true : false; } else { return false; } // password validation end } else { return false; } // row count end }
function add($loginId, $password, $name, $email) { global $database, $db, $event; if (empty($loginId) || empty($password) || empty($name) || empty($email)) { return false; } $loginId = $db->escape($loginId); $mpassword = $db->escape(Encrypt::hmac($loginId, md5(md5($password)))); $name = $db->escape($name); $email = $db->escape($email); $is_accepted = (Settings::get('restrictJoin') == 'y') ? 'n' : 'y'; $input = array('loginid'=>$loginId, 'password'=>$password, 'name'=>$name, 'email'=>$email, 'is_accepted'=>Validator::getBool($is_accepted)); if ($event->on('User.add', $input) === false) return false; if (!$db->execute('INSERT INTO '.$database['prefix'].'Users (loginid, name, password, email, created, is_accepted) VALUES ("'.$loginId.'","'.$name.'","'.$mpassword.'","'.$email.'",UNIX_TIMESTAMP(),"'.$is_accepted.'")')) { $event->on('User.add.rollback'); return false; } return true; }
/** * 打印店登录 * @method loginAction * @return [type] [description] * @author NewFuture */ public function POST_indexAction() { $response['status'] = 0; if (!Input::post('account', $account, Config::get('regex.account'))) { $response['info'] = '账号格式错误'; } elseif (!Input::post('password', $password, 'isMd5')) { $response['info'] = '密码未加密处理'; } elseif (!Safe::checkTry('printer_auth_' . $account)) { $response['info'] = '尝试次数过多账号临时封禁,稍后重试或者联系我们'; } elseif (!($Printer = PrinterModel::where('account', $account)->field('id,sch_id,password,status,name')->find())) { $response['info'] = '账号错误'; } elseif (Encrypt::encryptPwd($password, $account) != $Printer['password']) { $response['info'] = '密码错误'; } else { Safe::del('printer_auth_' . $account); unset($Printer['password']); $sid = Session::start(); Session::set('printer', ['id' => $Printer['id'], 'sch_id' => $Printer['sch_id']]); $response['status'] = 1; $response['info'] = ['sid' => $sid, 'printer' => $Printer]; } $this->response = $response; }
/** * 登录函数 * @method login * @access private * @author NewFuture[newfuture@yunyin.org] * @param [string] $password [md5密码] * @return [bool/int] [用户id] */ private function login($number, $password, $sch_id = null) { $conditon = ['number' => $number]; //指定学校 $sch_id and $conditon['sch_id'] = $sch_id; $users = UserModel::where($conditon)->select('id,password,sch_id,name'); if (empty($users)) { /*未注册*/ return null; } else { /*验证结果*/ $password = Encrypt::encryptPwd($password, $number); $reg_schools = []; foreach ($users as &$user) { if ($user['password'] == $password) { /*登录成功*/ $user['number'] = $number; $token = Auth::token($user); $sessionid = Session::start(); unset($user['password']); Session::set('user', $user); Cookie::set('token', $token); // $user['school'] = SchoolModel::getName($user['sch_id']); $result = ['sid' => $sessionid, 'user' => $user, 'msg' => '登录成功!', 'token' => $token]; $this->response(1, $result); return true; } else { /*验证失败*/ $sid = $user['sch_id']; $reg_schools[$sid] = School::getAbbr($sid); } } $this->reg_schools = $reg_schools; return false; } }
/** * Proxy for the mcrypt_create_iv function - to allow mocking and testing against KAT vectors * * @return string the initialization vector or FALSE on error */ protected function _create_iv() { /* * Silently use MCRYPT_DEV_URANDOM when the chosen random number generator * is not one of those that are considered secure. * * Also sets Encrypt::$_rand to MCRYPT_DEV_URANDOM when it's not already set */ if (Encrypt::$_rand !== MCRYPT_DEV_URANDOM and Encrypt::$_rand !== MCRYPT_DEV_RANDOM) { Encrypt::$_rand = MCRYPT_DEV_URANDOM; } // Create a random initialization vector of the proper size for the current cipher return mcrypt_create_iv($this->_iv_size, Encrypt::$_rand); }
public function action_unsubscribe() { $email_encoded = $this->request->param('id'); $user = new Model_User(); //mail encoded if ($email_encoded !== NULL) { //decode emails $email_encoded = Base64::fix_from_url($email_encoded); $encrypt = new Encrypt(Core::config('auth.hash_key'), MCRYPT_MODE_NOFB, MCRYPT_RIJNDAEL_128); $email = $encrypt->decode($email_encoded); if (Valid::email($email, TRUE)) { //check we have this email in the DB $user = new Model_User(); $user = $user->where('email', '=', $email)->limit(1)->find(); } else { Alert::set(Alert::INFO, __('Not valid email.')); } } elseif (Auth::instance()->logged_in()) { $user = Auth::instance()->get_user(); } //lets unsubscribe the user if ($user->loaded()) { $user->subscriber = 0; $user->last_modified = Date::unix2mysql(); try { $user->save(); Alert::set(Alert::SUCCESS, __('You have successfuly unsubscribed')); } catch (Exception $e) { //throw 500 throw HTTP_Exception::factory(500, $e->getMessage()); } } else { Alert::set(Alert::INFO, __('Pleae login to unsubscribe.')); } //smart redirect if (Auth::instance()->logged_in()) { $this->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'edit'))); } else { $this->redirect(Route::url('default')); } }
/** * * @param string $path * @return string */ public static function decode_path($path) { return Encrypt::instance()->decode($path); }
/** * Loads the session data. * * @param string session id * @return void */ public function read($id = NULL) { if (is_string($data = $this->_read($id))) { try { if ($this->_encrypted) { // Decrypt the data using the default key $data = Encrypt::instance($this->_encrypted)->decode($data); } else { // Decode the base64 encoded data $data = base64_decode($data); } // Unserialize the data $data = unserialize($data); } catch (Exception $e) { // Ignore all reading errors } } if (is_array($data)) { // Load the data locally $this->_data = $data; } }
/** * sends an email using our configs * @param string/array $to array(array('name'=>'chema','email'=>'chema@'),) * @param [type] $to_name [description] * @param [type] $subject [description] * @param [type] $body [description] * @param [type] $reply [description] * @param [type] $replyName [description] * @param [type] $file [description] * @return boolean */ public static function send($to, $to_name = '', $subject, $body, $reply, $replyName, $file = NULL) { require_once Kohana::find_file('vendor', 'php-mailer/phpmailer', 'php'); $body = Text::nl2br($body); //get the unsubscribe link $email_encoded = NULL; //is sent to a single user get hash to auto unsubscribe if (!is_array($to) or count($to) == 1) { //from newsletter sent if (isset($to[0]['email'])) { $email_encoded = $to[0]['email']; } else { $email_encoded = $to; } //encodig the email for extra security $encrypt = new Encrypt(Core::config('auth.hash_key'), MCRYPT_MODE_NOFB, MCRYPT_RIJNDAEL_128); $email_encoded = Base64::fix_to_url($encrypt->encode($email_encoded)); } $unsubscribe_link = Route::url('oc-panel', array('controller' => 'auth', 'action' => 'unsubscribe', 'id' => $email_encoded)); //get the template from the html email boilerplate $body = View::factory('email', array('title' => $subject, 'content' => $body, 'unsubscribe_link' => $unsubscribe_link))->render(); //sendign via elasticemail if (Core::config('email.elastic_active') == TRUE) { return self::ElasticEmail($to, $to_name, $subject, $body, core::config('email.notify_email'), "no-reply " . core::config('general.site_name')); } else { $mail = new PHPMailer(); $mail->CharSet = Kohana::$charset; if (core::config('email.smtp_active') == TRUE) { require_once Kohana::find_file('vendor', 'php-mailer/smtp', 'php'); $mail->IsSMTP(); //SMTP HOST config if (core::config('email.smtp_host') != "") { $mail->Host = core::config('email.smtp_host'); // sets custom SMTP server } //SMTP PORT config if (core::config('email.smtp_port') != "") { $mail->Port = core::config('email.smtp_port'); // set a custom SMTP port } //SMTP AUTH config if (core::config('email.smtp_auth') == TRUE) { $mail->SMTPAuth = TRUE; // enable SMTP authentication $mail->Username = core::config('email.smtp_user'); // SMTP username $mail->Password = core::config('email.smtp_pass'); // SMTP password if (core::config('email.smtp_ssl') == TRUE) { $mail->SMTPSecure = "ssl"; // sets the prefix to the server } } } $mail->From = core::config('email.notify_email'); $mail->FromName = "no-reply " . core::config('general.site_name'); $mail->Subject = $subject; $mail->MsgHTML($body); if ($file !== NULL) { $mail->AddAttachment($file['tmp_name'], $file['name']); } $mail->AddReplyTo($reply, $replyName); //they answer here if (is_array($to)) { foreach ($to as $contact) { $mail->AddBCC($contact['email'], $contact['name']); } } else { $mail->AddAddress($to, $to_name); } $mail->IsHTML(TRUE); // send as HTML if (!$mail->Send()) { //to see if we return a message or a value bolean Alert::set(Alert::ALERT, "Mailer Error: " . $mail->ErrorInfo); return FALSE; } else { return TRUE; } } return FALSE; }
/** * Initialize and return the OAuth credentials data. * * @param Jelly_Model the exisiting model * @return Jelly_Model */ protected function _init_model($model) { $consumer = $this->_consumer; $username = $this->_username; if (!$model instanceof Jelly_Model) { $model = Jelly::factory('MMI_API_Tokens'); } if ($model instanceof Jelly_Model) { $model->service = $this->_service; $model->consumer_key = $consumer->key; $model->consumer_secret = Encrypt::instance()->encode($consumer->secret); if (!empty($username)) { $model->username = $username; } } return $model; }