/** * Set an OAuth token in the session by type * If the encryption object is set then * encrypt the token before storing * @return void */ public function set($token, $type) { if ($type != 'request_token' && $type != 'access_token') { throw new \Dropbox\Exception("Expected a type of either 'request_token' or 'access_token', got '{$type}'"); } else { if ($this->encrypter instanceof Encrypter) { $token = $this->encrypter->encrypt($token); } $_SESSION[$this->namespace][$type] = $token; } }
/** * Decrypt a token using the Encrypter object and return it * If there is no Encrypter object, assume the token was stored * serialized and return the unserialized token object * @param stdClass $token OAuth token to encrypt * @return stdClass|string */ protected function decrypt($token) { // Decrypt the token if there is an Encrypter instance if ($this->encrypter instanceof Encrypter) { $token = $this->encrypter->decrypt($token); } // Return the unserialized token return @unserialize($token); }
public function write($sessionID, $data) { if (!is_string($sessionID)) { return false; } if (!is_string($data)) { return false; } $database = Database::getInstance(); if (!$database->isConnected()) { return false; } $encrypter = new Encrypter($this->key); $data = $database->escapeString($encrypter->encrypt($data)); $sessionID = $database->escapeString($sessionID); $time = $database->escapeString(time()); $query = "INSERT INTO session (id, variables, lastAccess, locked) VALUES ('{$sessionID}', '{$data}', '{$time}', 0) ON DUPLICATE KEY UPDATE variables='{$data}', lastAccess='{$time}', locked=0"; $result = $database->makeCustomQuery($query); if ($result == false) { return false; } return true; }
function insertReservaAfiliado($reserva_id, $total) { if (isset($_COOKIE['afiliado'])) { $afiliado_id = urldecode(Encrypter::decrypt($_COOKIE['afiliado'], 'afiliado')); if (is_numeric($afiliado_id)) { $afiliado = getAfiliado($afiliado_id); if ($afiliado) { $comision = $afiliado->comisionHotel; $comision_importe = $total * ($comision / 100); $reserva_afiliado_a = array('comision' => $comision_importe, 'porcentaje' => $comision, 'reservaId' => $reserva_id, 'afiliadoId' => $afiliado_id); $reserva_afiliado = DAOFactory::getReservaAfiliadoDAO()->prepare($reserva_afiliado_a); $reserva_afiliado_id = DAOFactory::getReservaAfiliadoDAO()->insert($reserva_afiliado); } } } }
public function validateUser($redirect = true) { if (isset($_SESSION['usuario'])) { return true; } else { if (isset($_COOKIE[$base_url])) { $userId = Encrypter::decrypt($_COOKIE[$base_url], $base_url); $user = getUsuario($userId); if ($user) { $usuario_core->setUsuario($user); return true; } } if ($redirect) { $this->loginRedirect(); } else { return false; } } }
function login() { $request = \Slim\Slim::getInstance()->request(); //json parameters $data = json_decode($request->getBody()); $con = getConnection(); $pstmt = $con->prepare("SELECT password,idusuario from usuario where username=?"); $pstmt->execute(array($data->{"USERNAME"})); $array = $pstmt->fetch(PDO::FETCH_ASSOC); if ($array["password"] != null) { $passfeliz = Encrypter::decrypt($array["password"]); if ($passfeliz == $data->{"PASSWORD"}) { //solucion temporal porque usuario puede tener muchos grupos por usuario $pstmt = $con->prepare("SELECT idgrupo from usuarioxgrupo where idusuario=? limit 1"); $pstmt->execute(array($array["idusuario"])); $grupo = $pstmt->fetch(PDO::FETCH_ASSOC); echo json_encode(array('respuesta' => 1, 'userid' => $array["idusuario"], 'grupoid' => $grupo["idgrupo"])); } else { echo json_encode(array('respuesta' => 0)); } } else { echo json_encode(array('respuesta' => 0)); } }
// echo "Session is set"; // for testing purposes header("Location: intropage.php"); } if (isset($_POST["login"])) { if (!empty($_POST['username']) && !empty($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; $query = mysql_query("SELECT * FROM cont_user WHERE username='******' AND password='******'"); $numrows = mysql_num_rows($query); if ($numrows != 0) { while ($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; $iduser = $row['id']; } if ($username == $dbusername && Encrypter::encrypt($password) == $dbpassword) { $_SESSION['session_userid'] = $iduser; $_SESSION['session_username'] = $username; /* Redirect browser */ header("Location: menu.php"); } } else { $message = "Nombre de usuario ó contraseña invalida!"; } } else { $message = "Todos los campos son requeridos!"; } } ?>
<?php if (!$_POST) { require_once 'main.html.php'; } else { //ENT_QUOTES es una constante. Todas las constantes van en mayusculas. //Hay que filtrar siempre todas las entradas de datos para evitar la inyeción de código. $text = htmlspecialchars($_POST['text'], ENT_QUOTES, 'UTF-8'); $action = htmlspecialchars($_POST['action'], ENT_QUOTES, 'UTF-8'); //Si el texto es cadena vacía o la acción no es code ni decode //vuelvo a cargar el formulario. if ($text == "" || $action != "code" && $action != "decode") { require_once 'main.html.php'; } else { require_once 'libs/encrypter.php'; //Hacemos referencia o instanciamos a la clase Encrypter de esta manera //porque es un metodo estático CLASE::METODO(PARAMETRO) if ($action == "code") { $resultText = Encrypter::encrypt($text); } elseif ($action == "decode") { $resultText = Encrypter::decrypt($text); } require_once 'main.html.php'; } }
/** * Checks if password is correct * * @param $username input username * @param $password input password * @return bool true if password is correct for $usre */ private function correctPassword($username, $password) { $sql = "SELECT password FROM " . $this->DB_TABLE . " WHERE username=" . $this->pdo->quote($username); $query = $this->pdo->prepare($sql); $query->execute(); $results = $query->fetchColumn(); if ($results == Encrypter::getEncryptedPassword($password)) { return true; } else { return false; } }
<?php $action = $_POST['action']; $result = array('msg' => 'error', 'data' => 'Acción no válida'); require 'Logic/widget.php'; require 'Logic/afiliado.php'; if (strcmp($action, 'get') == 0) { if (isset($_POST['configuracion'])) { $configuracion = $_POST['configuracion']; $smarty->assign("configuracion", (object) $configuracion); $afiliado_id = $_POST['afiliado_id']; $afiliado_id_encriptado = urlencode(Encrypter::encrypt($afiliado_id, 'afiliado')); $smarty->assign("code", $afiliado_id_encriptado); $result['msg'] = 'ok'; $enlace = $base_url . '?a=' . $afiliado_id_encriptado; $smarty->assign("enlace", $enlace); if ($_POST['tipo'] == "completo") { $destinos = getAfiliadoDestinos($afiliado_id); $smarty->assign("destinos", $destinos); $widget = $smarty->fetch('admin/widget/widget.tpl'); } else { if ($_POST['tipo'] == "banner") { $rgb = Core_Util_General::hex2rgb($configuracion['backgroundBody']); $images = getAllHotelImages($_POST['hotel']); $smarty->assign('image', array_pop($images)); $hotel_h = getHotelById($_POST['hotel']); $enlace = 'http://' . $hotel_h->dominioCampania . '?a=' . $afiliado_id_encriptado; $smarty->assign("enlace", $enlace); $smarty->assign("hotel_h", $hotel_h); $destino = getDestino($hotel->destinoId); $smarty->assign("destino", $destino);
<?php class Encrypter { private static $Key = "grupospira"; public static function encrypt($input) { $output = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5(Encrypter::$Key), $input, MCRYPT_MODE_CBC, md5(md5(Encrypter::$Key)))); return $output; } public static function decrypt($input) { $output = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5(Encrypter::$Key), base64_decode($input), MCRYPT_MODE_CBC, md5(md5(Encrypter::$Key))), ""); return $output; } } $texto = "A.123456"; // Encriptamos el texto $texto_encriptado = Encrypter::encrypt($texto); echo $texto_encriptado; // Desencriptamos el texto $texto_original = Encrypter::decrypt($texto_encriptado); echo $texto_original; if ($texto == $texto_original) { echo '</br>'; echo 'Encriptación / Desencriptación realizada correctamente.'; echo '</br>'; echo sha1('1'); }
function getReservaByLocalizador($localizador, $withCardData = false) { try { $reservas = DAOFactory::getReservaDAO()->queryByLocalizador($localizador); if (!$reservas || !count($reservas)) { return false; } $reserva = $reservas[count($reservas) - 1]; $idReserva = $reserva->id; $reserva->productos = DAOFactory::getReservaProductoDAO()->queryByReservaId($idReserva); $reserva->usuario = getUsuario($reserva->usuarioId); $reserva->pagos = DAOFactory::getReservaPagoDAO()->queryByReservaId($idReserva); if ($reserva->pagos) { $clave = getClaveByHotel($reserva->hotelId); foreach ($reserva->pagos as $pago) { if ($pago->formaPago == 'tarjeta') { if (!$withCardData) { $pago->tarjetaNumero = false; $reserva->cardData = true; } else { if ($pago->tarjetaNumero && strlen(trim($pago->tarjetaNumero))) { $pago->tarjetaNumero = Encrypter::decrypt($pago->tarjetaNumero, $clave); } } if (!$withCardData) { $pago->cvv = false; } else { if ($pago->cvv && strlen(trim($pago->cvv))) { $pago->cvv = Encrypter::decrypt($pago->cvv, $clave); } } } } } $reserva->alojamiento = array(); $reserva->extras = array(); foreach ($reserva->productos as $kp => $p) { if (strcmp($p->tipo, 'apartamento') == 0) { $p->noches = ceil((strtotime($p->final) - strtotime($p->inicio)) / (24 * 60 * 60)); if (strpos($p->nombre, '(')) { $n = explode('(', $p->nombre); $pax = trim($n[count($n) - 1]); $reserva->productos[$kp]->pax = substr($pax, 0, strlen($pax) - 1); } array_push($reserva->alojamiento, $p); } else { if ($p->eventoTpv && strlen($p->eventoTpv)) { $p->eventoTpv = json_decode($p->eventoTpv); } if ($p->entradas) { $p->entradasList = json_decode($p->entradas); $cant = 0; foreach ($p->entradasList as $entrada) { $cant += $entrada->entradas; } $p->tickets = $cant; } array_push($reserva->extras, $p); } } if ($reserva->monedaId) { $reserva->moneda = DAOFactory::getMonedaDAO()->load($reserva->monedaId); } if ($reserva->idiomaId) { $reserva->idioma = DAOFactory::getIdiomaDAO()->load($reserva->idiomaId); } if ($reserva->cartId) { $reserva->cart = DAOFactory::getShoppingCartDAO()->load($reserva->cartId); $reserva->cart->apto = json_decode($reserva->cart->apartamento); } return $reserva; } catch (Exception $e) { return false; } }
<?php include_once __DIR__ . '/Middleware.php'; $url = array_slice(preg_split('/\\//', $_GET["_url"]), 1); $parametros = array_slice($url, 3); $middleware = new Middleware($url[0], $url[1], $url[2]); //echo $middleware->send(); //print_r($parametros); include_once __DIR__ . '/util/Encrypter.php'; echo Encrypter::decrypt($middleware->send($parametros));
public function sendMail() { $siteEmail = SITE_EMAIL; $variableEngine = VariableEngine::getInstance(); $smtpServer = $variableEngine->getVariable('smtpServer'); if ($smtpServer === false) { return false; } $smtpPort = $variableEngine->getVariable('smtpPort'); if ($smtpPort === false) { return false; } $smtpUserName = $variableEngine->getVariable('smtpUserName'); if ($smtpUserName === false) { return false; } $smtpPassword = $variableEngine->getVariable('smtpPassword'); if ($smtpPassword === false) { return false; } $smtpUseEncryption = $variableEngine->getVariable('smtpUseEncryption'); if ($smtpUseEncryption === false) { return false; } $smtpUseEncryption = $smtpUseEncryption->getValue(); if ($smtpUseEncryption === 'false') { $encryption = ""; } else { $encryption = "tls"; } $toSend = new PHPMailer(); $toSend->isSMTP(); $toSend->Host = $smtpServer->getValue(); $toSend->SMTPAuth = true; $toSend->Username = $smtpUserName->getValue(); $enc = new Encrypter(); $toSend->Password = $enc->decrypt($smtpPassword->getValue()); $toSend->SMTPSecure = $encryption; $toSend->Port = intval($smtpPort->getValue()); $toSend->From = $siteEmail; $toSend->FromName = $this->senderName; $toSend->addReplyTo($this->senderEmail, $this->senderName); $toSend->isHTML(true); $toSend->Subject = $this->subject; if ($this->isBulkMail) { foreach ($this->recipients as $recipient) { $toSend->addBCC($recipient); } $toSend->Body = $this->body; $toSend->AltBody = strip_tags($this->body); if (!$toSend->send()) { $this->errors[] = $toSend->ErrorInfo; return false; } return true; } $sent = true; foreach ($this->recipients as $recipient) { $body = $this->doReplacement($recipient); $altBody = strip_tags($body); $toSend->clearAddresses(); $toSend->addAddress($recipient); $toSend->Body = $body; $toSend->AltBody = $altBody; if (!$toSend->send()) { $this->errors = $toSend->ErrorInfo; $sent = false; } } return $sent; }
public function sendEmailRecuperaPassword() { $mensaje = ""; $correcto = false; try { $email = $_POST["email"]; $this->load->model('sesion_model'); $user = $this->sesion_model->existeEmail($email); if (isset($user)) { $this->load->library("email"); //ejemplo $enlace = $this->config->site_url() . 'RecuperaPass?username='******'protocol' => $this->config->item('protocol_email'), 'smtp_host' => $this->config->item('smtp_host_email'), 'smtp_port' => $this->config->item('smtp_port_email'), 'smtp_user' => $this->config->item('smtp_user_email'), 'smtp_pass' => $this->config->item('smtp_pass_email'), 'mailtype' => $this->config->item('mailtype'), 'charset' => $this->config->item('charset_email'), 'newline' => $this->config->item('newline_email')); $this->email->initialize($config); $this->email->set_newline("\r\n"); $this->email->from('Administrador'); $this->email->to($email); $this->email->subject('Instrucciones de recuperación de contraseña, Convivir'); $this->email->message('<p>Hemos recibido su solicitud de recuperación de contraseña. ' . 'Si hace click en el enlace, le enviaremos a una página en donde ' . 'podrá cambiar o recuperar su contraseña.</p> ' . '<p>Si el enlace no funciona, copie y pegue el enlace en la barra ' . 'de direcciones de su navegador.</p> ' . '<p>Enlace: <a href="' . $enlace . '">' . $enlace . '</a></p><br><br>'); if ($this->email->send()) { $correcto = true; $mensaje = "El correo fué enviado. Favor verifique y siga las instrucciones."; } else { $mensaje = "El correo electrónico no pudo ser enviado, intente más tarde."; //show_error($this->email->print_debugger()); //DEJAR PARA DEBUG EN CASO DE FALLA } } else { $mensaje = "Email no registrado. Favor verifique."; } } catch (Expection $e) { $mensaje = 'Ha ocurrido un error al tratar de enviar el email. Favor intente más tarde.'; } $obj = (object) array('Correcto' => $correcto, 'Mensaje' => $mensaje); echo json_encode($obj); }
private function CreateDataBaseFile($DataBaseName) { $RoutFile = filter_input(INPUT_SERVER, "DOCUMENT_ROOT"); /* /var/services/web */ if (!file_exists("{$RoutFile}/Config/{$DataBaseName}/")) { if (!($mkdir = mkdir("{$RoutFile}/Config/{$DataBaseName}", 0777, true))) { XML::XmlResponse("Error", 0, "<p><b>Error</b> al crear el directorio base de la nueva empresa </p><br>Detalles:<br><br>{$mkdir}"); return 0; } } if (!($File = fopen("{$RoutFile}/Config/{$DataBaseName}/BD.ini", "w"))) { XML::XmlResponse("Error", 0, "<p><b>Error</b> al abrir el archivo config de BD</p>"); return 0; } if (strcasecmp($DataBaseName, "Manager") == 0) { $Password_ = "Admcs1234567"; $DataBaseName = "CSDOCS_CFDI"; $User_ = "Manager"; } else { $Password_ = "12345"; $User_ = $DataBaseName; } $localhost = Encrypter::encrypt("localhost"); $Port = Encrypter::encrypt("3306"); $User = Encrypter::encrypt($User_); $Password = Encrypter::encrypt($Password_); $DataBaseName_ = Encrypter::encrypt($DataBaseName); fwrite($File, 'Host="' . $localhost . '"' . PHP_EOL); fwrite($File, 'Port="' . $Port . '"' . PHP_EOL); fwrite($File, 'User="******"' . PHP_EOL); fwrite($File, 'Password="******"' . PHP_EOL); fwrite($File, 'Schema="' . $DataBaseName_ . '"' . PHP_EOL); fclose($File); return 1; }
public function setEncryptedObject($inObjectName, $inObject, $overwrite = false) { $encrypter = new Encrypter(); $inObject = $encrypter->encrypt(serialize($inObject)); return $this->setObject($inObjectName, $inObject, $overwrite); }
/** * Seleccionar el producto. * * @param int $idproducto = id producto. * @return Array atributos del producto. */ public function cargarProducto($idproducto) { $idproducto = Encrypter::decrypt($idproducto); $query = 'SELECT nombreprod, precioprod, medidas, descripcionprod, rutaimagen, categoria_idcategoria FROM producto ' . "WHERE idproducto = '{$idproducto}'"; $result = $this->connection->query($query); $this->logger->getLogger($query); switch ($result[0]["categoria_idcategoria"]) { case 1: $result[0]["categoria_idcategoria"] = "Arrimo"; break; case 2: $result[0]["categoria_idcategoria"] = "Juego de terraza"; break; case 3: $result[0]["categoria_idcategoria"] = "Mesa centro"; break; case 4: $result[0]["categoria_idcategoria"] = "Mesa lateral"; break; case 5: $result[0]["categoria_idcategoria"] = "Sillón"; break; case 6: $result[0]["categoria_idcategoria"] = "Sitial"; break; case 7: $result[0]["categoria_idcategoria"] = "Sofá"; break; case 8: $result[0]["categoria_idcategoria"] = "Juego comedor"; break; case 9: $result[0]["categoria_idcategoria"] = "Mesa piedra pizarra"; break; case 10: $result[0]["categoria_idcategoria"] = "Mesa vidrio"; break; case 11: $result[0]["categoria_idcategoria"] = "Piso"; break; case 12: $result[0]["categoria_idcategoria"] = "Silla"; break; case 13: $result[0]["categoria_idcategoria"] = "Banqueta"; break; case 14: $result[0]["categoria_idcategoria"] = "Brasero"; break; case 15: $result[0]["categoria_idcategoria"] = "Escaño"; break; case 16: $result[0]["categoria_idcategoria"] = "Reposera"; break; case 17: $result[0]["categoria_idcategoria"] = "Toldos"; break; case 18: $result[0]["categoria_idcategoria"] = "Cojín"; break; //default: { $dirCat = arrimos; break; } } return $result; }
<?php include_once __DIR__ . '/app/util/Encrypter.php'; $text = "kim funciona!!! pd. Puedes ir por jawitas"; echo $text . "<br>"; $texto_encriptado = Encrypter::encrypt($text); echo $texto_encriptado . "<br>"; $texto_desencriptado = Encrypter::decrypt($texto_encriptado); echo $texto_desencriptado;
function enviarMensajeGU($username, $password, $CORREO_INSTITUCIONAL, $NOMBRES, $APELLIDOS, $CORREO_ALTERNO) { $PASS = Encrypter::decrypt($password); $ESPACIO = ' '; $USER = $NOMBRES . $ESPACIO . $APELLIDOS; $MENSAJE = 'Estimado ' . $USER . "\r\n" . ' Acaba de ser registrado como un nuevo miembro del Proyecto ProCal-ProSer' . "\r\n" . ' Para poder ingresar al sistema debera hacer uso de los siguientes datos:' . "\r\n" . ' USUARIO: ' . $username . "\r\n" . ' PASSWORD: '******'Mail.php'; $recipients = $CORREO_INSTITUCIONAL; $headers['From'] = '*****@*****.**'; $headers['To'] = $recipients; $headers['Subject'] = 'ProCal-ProSer - Registro de Nuevo Miembro'; $body = $MENSAJE; $smtpinfo["host"] = "smtp.gmail.com"; $smtpinfo["port"] = "587"; $smtpinfo["auth"] = true; $smtpinfo["username"] = "******"; $smtpinfo["password"] = "******"; $mail_object =& Mail::factory("smtp", $smtpinfo); $mail_object->send($recipients, $headers, $body); }
<link href="../css/style1.css" rel="stylesheet"> </head> <body> <div class="container" role="main"> <div class="col-md-2"></div> <div class="col-md-8"> <?php $conexion = new mysqli('localhost', 'root', 'root', 'cont_dinamico'); $sql = "SELECT * FROM cont_resetpass WHERE token = '{$token}' "; $resultado = $conexion->query($sql); if ($resultado->num_rows > 0) { $usuario = $resultado->fetch_assoc(); if (sha1($usuario['iduser'] === $idusuario)) { if ($password1 === $password2) { $sql = "UPDATE cont_user SET password = '******' WHERE id = " . $usuario['iduser']; $resultado = $conexion->query($sql); if ($resultado) { $sql = "DELETE FROM cont_resetpass WHERE token = '{$token}';"; $resultado = $conexion->query($sql); ?> <p> La contraseña se actualizó con exito. </p> <?php } else { ?> <p> Ocurrió un error al actualizar la contraseña, intentalo más tarde </p> <?php } } else { ?> <p> Las contraseñas no coinciden </p>
function doConfigureContent() { if (!isset($_SESSION['configureComplete'])) { header('Location: install.php?action=configure'); return; } if (!isset($_POST['siteName'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!isset($_POST['siteEmail'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!isset($_POST['nonSecureURL'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!isset($_POST['secureURL'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!isset($_POST['webDirectory'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!isset($_POST['timeZone'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!isset($_POST['username'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!isset($_POST['firstName'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!isset($_POST['lastName'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!isset($_POST['email'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!isset($_POST['password1'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!isset($_POST['password2'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if ($_POST['password1'] != $_POST['password2']) { unset($_SESSION['configureComplete']); $_SESSION['errors'][] = 'The inputted passwords for the first account don\'t match.'; header('Location: install.php?action=configure'); return; } if (!isset($_POST['smtpServer'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!isset($_POST['smtpPort'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!is_numeric($_POST['smtpPort'])) { unset($_SESSION['configureComplete']); $_SESSION['errors'][] = 'Please enter a valid port for the SMTP Server.'; header('Location: install.php?action=configure'); return; } if (!isset($_POST['smtpUserName'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!isset($_POST['smtpPassword1'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if (!isset($_POST['smtpPassword2'])) { unset($_SESSION['configureComplete']); header('Location: install.php?action=configure'); return; } if ($_POST['smtpPassword1'] != $_POST['smtpPassword2']) { unset($_SESSION['configureComplete']); $_SESSION['errors'][] = 'The inputted passwords for the SMTP account don\'t match.'; header('Location: install.php?action=configure'); return; } $siteName = strip_tags(trim($_POST['siteName'])); $siteEmail = strip_tags(trim($_POST['siteEmail'])); $nonSecureURL = strip_tags(trim($_POST['nonSecureURL'])); $secureURL = strip_tags(trim($_POST['secureURL'])); $webDirectory = strip_tags(trim($_POST['webDirectory'])); $timeZone = strip_tags(trim($_POST['timeZone'])); $username = strip_tags(trim($_POST['username'])); $firstName = strip_tags(trim($_POST['firstName'])); $lastName = strip_tags(trim($_POST['lastName'])); $email = strip_tags(trim($_POST['email'])); $password = $_POST['password1']; $smtpServers = strip_tags(trim($_POST['smtpServer'])); $smtpPort = intval($_POST['smtpPort']); $smtpUserName = strip_tags(trim($_POST['smtpUserName'])); $enc = new Encrypter(); $smtpPassword = $enc->encrypt(trim($_POST['smtpPassword1'])); $smtpUseEncryption = isset($_POST['smtpUseEncryption']); $emailValidator = new emailValidator(); if (!$emailValidator->validate($siteEmail)) { unset($_SESSION['configureComplete']); $_SESSION['errors'][] = 'The site email isn\'t a valid email address.'; header('Location: install.php?action=configure'); return; } if (!$emailValidator->validate($email)) { unset($_SESSION['configureComplete']); $_SESSION['errors'][] = 'The email address for the first user isn\'t valid.'; header('Location: install.php?action=configure'); return; } unset($emailValidator); $urlValidator = new urlValidator(); $options = array('noDirectories', 'mightBeIP'); $nonSecureOptions = array_merge($options, array('httpOnly')); $secureOptions = array_merge($options, array('httpsOnly')); if (!$urlValidator->validate($nonSecureURL, $nonSecureOptions)) { unset($_SESSION['configureComplete']); $_SESSION['errors'][] = 'The non-secure URL isn\'t valid. Please try again.'; header('Location: install.php?action=configure'); return; } if (!$urlValidator->validate($secureURL, $secureOptions)) { unset($_SESSION['configureComplete']); $_SESSION['errors'][] = 'The secure URL isn\'t valid. Please try again.'; header('Location: install.php?action=configure'); return; } unset($urlValidator); if ($webDirectory[0] != '/') { unset($_SESSION['configureComplete']); $_SESSION['errors'][] = 'I couldn\'t validate the web directory. Please try again.'; header('Location: install.php?action=configure'); return; } $timeZoneValidator = new phpTimeZoneValidator(); if (!$timeZoneValidator->validate($timeZone)) { unset($_SESSION['configureComplete']); $_SESSION['errors'][] = 'I couldn\'t validate the selected time zone. Please try again.'; header('Location: install.php?action=configure'); return; } unset($timeZoneValidator); $password = Hasher::generateHash($password); if ($password == false) { unset($_SESSION['configureComplete']); $_SESSION['errors'][] = 'I couldn\'t properly hash your password. Please try again.'; header('Location: install.php?action=configure'); return; } $database = Database::getInstance(); $database->connect(); if (!$database->isConnected()) { unset($_SESSION['configureComplete']); $_SESSION['errors'][] = 'I couldn\'t establish a connection to the database. Please try again. If you keep receiving this error, please delete the site/config.xml and start the installer again.'; header('Location: install.php?action=configure'); return; } if ($smtpUseEncryption == 'tls') { $smtpEncryption = 'true'; } else { $smtpEncryption = 'false'; } if ($webDirectory !== "/") { $webDirectory .= '/'; } $variables = array('cleanURLsEnabled' => 'false', 'educaskVersion' => EDUCASK_VERSION, 'guestRoleID' => '1', 'maintenanceMode' => 'false', 'siteEmail' => $siteEmail, 'siteTheme' => 'default', 'siteTimeZone' => $timeZone, 'siteTitle' => $siteName, 'siteWebAddress' => $nonSecureURL, 'siteWebAddressSecure' => $secureURL, 'siteWebDirectory' => $webDirectory, 'smtpServer' => $smtpServers, 'smtpPort' => $smtpPort, 'smtpUserName' => $smtpUserName, 'smtpPassword' => $smtpPassword, 'smtpUseEncryption' => $smtpEncryption, 'lastCronRun' => '2015-01-01 21:15:53', 'cronRunning' => 'false', 'cronFrequency' => '10 minutes', 'minimumPasswordLength' => '5', 'lockoutPeriod' => '10', 'numberOfAttemptsBeforeLockout' => '3', 'maxSessionIdAge' => '600'); foreach ($variables as $name => $value) { $name = $database->escapeString($name); $value = $database->escapeString($value); if (!$database->insertData('variable', 'variableName, variableValue', "'{$name}', '{$value}'")) { $_SESSION['errors'][] = "I wasn't able to insert the variable {$name} with a value of {$value} into the variable table. You may want to manually add this row to the variable table in the database. For help on this, please see <a href=\"https://www.educask.com\" target=\"_blank\">this page</a>."; //@ToDo: make the link point to actual help continue; } } $database->updateTable('variable', 'readOnly=1', "variableName='educaskVersion'"); $sqlScript = EDUCASK_ROOT . '/core/sql/defaultRolesInstallSafe.sql'; if (!is_file($sqlScript)) { unset($_SESSION['configureComplete']); $_SESSION['errors'][] = 'I couldn\'t find the SQL script to create the needed roles. Please make sure that ' . $sqlScript . ' exists and is readable by PHP.'; header('Location: install.php?action=configure'); return; } $sql = file_get_contents($sqlScript); if (!$sql) { unset($_SESSION['configureComplete']); $_SESSION['errors'][] = 'I couldn\'t read the SQL script in order to create the needed roles. Please make sure PHP can read the file ' . $sqlScript; header('Location: install.php?action=configure'); return; } $sqlStatements = explode(';', $sql); foreach ($sqlStatements as $sqlStatement) { $sqlStatement = trim($sqlStatement); if ($sqlStatement == '') { continue; } $database->makeCustomQuery($sqlStatement); } $username = $database->escapeString($username); $firstName = $database->escapeString($firstName); $lastName = $database->escapeString($lastName); $email = $database->escapeString($email); $password = $database->escapeString($password); $success = $database->insertData('user', 'userID, userName, firstName, lastName, email, password, roleID', "0, 'anonGuest', 'Anonymous', 'Guest', '*****@*****.**', '', 1"); $success = $success && $database->updateTable("user", "userID=0", "userID=1"); $success = $success && $database->insertData('user', 'userID, userName, firstName, lastName, email, password, roleID', "1, '{$username}', '{$firstName}', '{$lastName}', '{$email}', '{$password}', 4"); if (!$success) { unset($_SESSION['configureComplete']); $_SESSION['errors'][] = 'I couldn\'t create the new user account. Please try again. For help on this, please see <a href="https://www.educask.com" target="_blank">this page</a>.'; //@ToDo: make the link point to actual help header('Location: install.php?action=configure'); return; } $database->makeCustomQuery("ALTER TABLE user AUTO_INCREMENT=2"); header('Location: install.php?action=install'); }
<?php require_once "includes/connection.php"; include "includes/header.php"; include "includes/encriptar.php"; ?> <?php if (isset($_POST["register"])) { if (!empty($_POST['firstname']) && !empty($_POST['lastname']) && !empty($_POST['email']) && !empty($_POST['username']) && !empty($_POST['password'])) { $firstname = $_POST['firstname']; $lastname = $_POST['lastname']; $email = $_POST['email']; $username = $_POST['username']; $password = Encrypter::encrypt($_POST['password']); $query = mysql_query("SELECT * FROM cont_user WHERE username='******'"); $numrows = mysql_num_rows($query); if ($numrows == 0) { $sql = "INSERT INTO cont_user\n\t\t\t(username, firstname, lastname, email, password) \n\t\t\tVALUES('" . $username . "','" . $firstname . "','" . $lastname . "','" . $email . "','" . $password . "')"; $result = mysql_query($sql); if ($result) { $message = "Usuario Creado"; } else { $message = "El usuario no fue creado"; } } else { $message = "El usuario ya existe"; } } else { $message = "Es necesario rellenar todos los campos";
$img1 = $_POST['img1']; $img2 = $_POST['img2']; $img3 = $_POST['img3']; $url = $_POST['url']; $plantilla = $_POST['plantilla']; $pregunta = $_POST['pregunta']; $grupos = $_POST['nrogrupos']; $retro = $_POST['retro']; $resp = $_POST['resp']; $gruposel = $_POST['grupsel']; } $query2 = mysql_query("select id from cont_user where username like '" . $_SESSION["session_username"] . "'"); while ($row = mysql_fetch_assoc($query2)) { $iduser = $row['id']; } $idunico = Encrypter::encrypt($iduser . $titulo . time()); $registroplantilla = "INSERT INTO cont_plantillas (userid, fecha_creacion, plantilla, url, titulo, idunico) \n VALUES ('" . $iduser . "','" . time() . "','" . $plantilla . "','" . $url . "','" . $titulo . "','" . $idunico . "')"; if (mysql_query($registroplantilla) === TRUE) { $ultimoid = mysql_insert_id(); $registropreg = "INSERT INTO cont_preguntas (idplantilla, pregunta) VALUES (" . $ultimoid . ", '" . utf8_encode($pregunta) . "')"; mysql_query($registropreg); $query3 = mysql_query("select id from cont_preguntas where idplantilla like '" . $ultimoid . "'"); if ($row = mysql_fetch_assoc($query3)) { $idpreg = $row['id']; } for ($i = 0; $i < count($grupos); $i++) { $registrogrupos = "INSERT INTO cont_grupos (idpregunta, idplantilla, grupo, retroalimentacion) \n VALUES ('" . $idpreg . "','" . $ultimoid . "','" . utf8_encode($grupos[$i]) . "','" . utf8_encode($retro[$i]) . "')"; mysql_query($registrogrupos); } for ($k = 0; $k < count($resp); $k++) { $query4 = mysql_query("select id from cont_grupos where idplantilla like '" . $ultimoid . "' and grupo like '" . utf8_encode($gruposel[$k]) . "'");
function getClaveByHotel($idHotel) { try { $hotel = DAOFactory::getHotelDAO()->load($idHotel); /* if(!$hotel->clave || !strlen($hotel->clave)) { $h = DAOFactory::getHotelDAO()->prepare(array('clave'=>Encrypter::encrypt(uniqid(), $idHotel)), $idHotel); DAOFactory::getHotelDAO()->update($h); $hotel = DAOFactory::getHotelDAO()->load($idHotel); }*/ return Encrypter::decrypt($hotel->clave, $idHotel); } catch (Exception $e) { return false; } }
//$end_url .= '/l:' . $_REQUEST['l']; } elseif (isset($_SESSION['lang'])) { $smarty->assign('lang', $_SESSION['lang']); $lang_set = $_SESSION['lang']; } else { $lang_set = 'en'; if ($hotel->idiomaId) { $lang_set = getIdioma($hotel->idiomaId)->codigo; } $smarty->assign('lang', $lang_set); $_SESSION['lang'] = $lang_set; } $smarty->configLoad($lang_set . '.conf'); setlocale(LC_ALL, Core_Util_General::getLocaleName($lang_set)); if ($_REQUEST['a']) { $afiliado_id = urldecode(Encrypter::decrypt($_REQUEST['a'], 'afiliado')); if (is_numeric($afiliado_id)) { $month = 2592000 + time(); setcookie('afiliado', $_REQUEST['a'], $month, "/", "." . $smarty->getConfigVariable('sistema_nombre_web')); } } /* if(isset($_REQUEST['m'])) { $smarty->assign('money', $_REQUEST['m']); $end_url .= '/m:' . $_REQUEST['m']; $smarty->assign('currency', getMonedaByCodigo($_REQUEST['m'])->simbolo); $money = $_REQUEST['m']; } else { $smarty->assign('money', 'EUR'); $smarty->assign('currency', getMonedaByCodigo('EUR')->simbolo); }*/
// echo "<p>inválido</p>"; // //$xml = simplexml_load_file($ScriptsPath.'/_root/cfdia0000000008.xml'); // // //$array = $read->detalle("$ScriptsPath/_root/", "cfdia0000000008.xml"); ////var_dump($array); //$Full = ''; //$full = GetNodes($array, $Full); // //echo $full; // //function GetNodes($array,$Full) //{ // foreach ($array as $value) // { // // if(is_array($value)) // { // $Full = GetNodes($value,$Full); // } // else // $Full.=$value.", "; // } // // return $Full; //} require_once 'php/Encrypter.php'; echo $Salida = Encrypter::encrypt('20'); echo "<br><br>" . Encrypter::decrypt("gRUIZG3qpPuPRxoyjsOBvHb02WiJTuM4sXDcVuzfl9I=");
/** * Envia Mensaje mediante el produce * * @return void * @author yourname */ function send($params) { $this->produce($params); include_once __DIR__ . '/util/Encrypter.php'; return Encrypter::encrypt(json_encode($this->result)); }