public function setVDMCryption() { // make sure we have the correct file if (isset($this->componentData->whmcs_key) && ComponentbuilderHelper::checkString($this->componentData->whmcs_key)) { // Get the basic encription. $basickey = ComponentbuilderHelper::getCryptKey('basic'); // Get the encription object. $basic = new FOFEncryptAes($basickey, 128); if (!empty($this->componentData->whmcs_key) && $basickey && !is_numeric($this->componentData->whmcs_key) && $this->componentData->whmcs_key === base64_encode(base64_decode($this->componentData->whmcs_key, true))) { // basic decript data whmcs_key. $this->componentData->whmcs_key = rtrim($basic->decryptString($this->componentData->whmcs_key), ""); // set the needed string to connect to whmcs $key["kasier"] = $this->componentData->whmcs_url; $key["geheim"] = $this->componentData->whmcs_key; $key["onthou"] = 1; // prep the call info $theKey = base64_encode(serialize($key)); // set the script $encrypt[] = "/**"; $encrypt[] = "* " . $this->setLine(__LINE__) . "VDM Class "; $encrypt[] = "**/"; $encrypt[] = "\nclass VDM"; $encrypt[] = "{"; $encrypt[] = "\tpublic \$_key = false;"; $encrypt[] = "\tpublic \$_is = false;"; $encrypt[] = "\t"; $encrypt[] = "\tpublic function __construct(\$Vk5smi0wjnjb)"; $encrypt[] = "\t{"; $encrypt[] = "\t\t// get the session"; $encrypt[] = "\t\t\$session = JFactory::getSession();"; $encrypt[] = "\t\t\$V2uekt2wcgwk = \$session->get(\$Vk5smi0wjnjb, null);"; $encrypt[] = "\t\t\$h4sgrGsqq = \$this->get(\$Vk5smi0wjnjb,\$V2uekt2wcgwk);"; $encrypt[] = "\t\tif (isset(\$h4sgrGsqq['nuut']) && \$h4sgrGsqq['nuut'] && (isset(\$h4sgrGsqq['status']) && 'Active' == \$h4sgrGsqq['status']) && isset(\$h4sgrGsqq['eiegrendel']) && strlen(\$h4sgrGsqq['eiegrendel']) > 300)"; $encrypt[] = "\t\t{"; $encrypt[] = "\t\t\t\$session->set(\$Vk5smi0wjnjb, \$h4sgrGsqq['eiegrendel']);"; $encrypt[] = "\t\t}"; $encrypt[] = "\t\tif ((isset(\$h4sgrGsqq['status']) && 'Active' == \$h4sgrGsqq['status']) && isset(\$h4sgrGsqq['md5hash']) && strlen(\$h4sgrGsqq['md5hash']) == 32 && isset(\$h4sgrGsqq['customfields']) && strlen(\$h4sgrGsqq['customfields']) > 4)"; $encrypt[] = "\t\t{"; $encrypt[] = "\t\t\t\$this->_key = md5(\$h4sgrGsqq['customfields']);"; $encrypt[] = "\t\t}"; $encrypt[] = "\t\tif ((isset(\$h4sgrGsqq['status']) && 'Active' == \$h4sgrGsqq['status']) && isset(\$h4sgrGsqq['md5hash']) && strlen(\$h4sgrGsqq['md5hash']) == 32 )"; $encrypt[] = "\t\t{"; $encrypt[] = "\t\t\t\$this->_is = true;"; $encrypt[] = "\t\t}"; $encrypt[] = "\t}"; $encrypt[] = "\t"; $encrypt[] = "\tprivate function get(\$Vk5smi0wjnjb,\$V2uekt2wcgwk)"; $encrypt[] = "\t{"; $encrypt[] = "\t\t\$Viioj50xuqu2 = unserialize(base64_decode('" . $theKey . "'));"; $encrypt[] = "\t\t\$Visqfrd1caus = time() . md5(mt_rand(1000000000, 9999999999) . \$Vk5smi0wjnjb);"; $encrypt[] = "\t\t\$Vo4tezfgcf3e = date(\"Ymd\");"; $encrypt[] = "\t\t\$Vozblwvfym2f = \$_SERVER['SERVER_NAME'];"; $encrypt[] = "\t\t\$Vozblwvfym2fdie = isset(\$_SERVER['SERVER_ADDR']) ? \$_SERVER['SERVER_ADDR'] : \$_SERVER['LOCAL_ADDR'];"; $encrypt[] = "\t\t\$V343jp03dxco = dirname(__FILE__);"; $encrypt[] = "\t\t\$Vc2rayehw4f0 = unserialize(base64_decode('czozNjoibW9kdWxlcy9zZXJ2ZXJzL2xpY2Vuc2luZy92ZXJpZnkucGhwIjs='));"; $encrypt[] = "\t\t\$Vlpolphukogz = false;"; $encrypt[] = "\t\tif (\$V2uekt2wcgwk) {"; $encrypt[] = "\t\t\t\$V2uekt2wcgwk = str_replace(\"" . '\\n' . "\", '', \$V2uekt2wcgwk);"; $encrypt[] = "\t\t\t\$Vm5cxjdc43g4 = substr(\$V2uekt2wcgwk, 0, strlen(\$V2uekt2wcgwk) - 32);"; $encrypt[] = "\t\t\t\$Vbgx0efeu2sy = substr(\$V2uekt2wcgwk, strlen(\$V2uekt2wcgwk) - 32);"; $encrypt[] = "\t\t\tif (\$Vbgx0efeu2sy == md5(\$Vm5cxjdc43g4 . \$Viioj50xuqu2['geheim'])) {"; $encrypt[] = "\t\t\t\t\$Vm5cxjdc43g4 = strrev(\$Vm5cxjdc43g4);"; $encrypt[] = "\t\t\t\t\$Vbgx0efeu2sy = substr(\$Vm5cxjdc43g4, 0, 32);"; $encrypt[] = "\t\t\t\t\$Vm5cxjdc43g4 = substr(\$Vm5cxjdc43g4, 32);"; $encrypt[] = "\t\t\t\t\$Vm5cxjdc43g4 = base64_decode(\$Vm5cxjdc43g4);"; $encrypt[] = "\t\t\t\t\$Vm5cxjdc43g4finding = unserialize(\$Vm5cxjdc43g4);"; $encrypt[] = "\t\t\t\t\$V3qqz0p00fbq = \$Vm5cxjdc43g4finding['dan'];"; $encrypt[] = "\t\t\t\tif (\$Vbgx0efeu2sy == md5(\$V3qqz0p00fbq . \$Viioj50xuqu2['geheim'])) {"; $encrypt[] = "\t\t\t\t\t\$Vbfbwv2y4kre = date(\"Ymd\", mktime(0, 0, 0, date(\"m\"), date(\"d\") - \$Viioj50xuqu2['onthou'], date(\"Y\")));"; $encrypt[] = "\t\t\t\t\tif (\$V3qqz0p00fbq > \$Vbfbwv2y4kre) {"; $encrypt[] = "\t\t\t\t\t\t\$Vlpolphukogz = true;"; $encrypt[] = "\t\t\t\t\t\t\$Vwasqoybpyed = \$Vm5cxjdc43g4finding;"; $encrypt[] = "\t\t\t\t\t\t\$Vcixw3trerrt = explode(',', \$Vwasqoybpyed['validdomain']);"; $encrypt[] = "\t\t\t\t\t\tif (!in_array(\$_SERVER['SERVER_NAME'], \$Vcixw3trerrt)) {"; $encrypt[] = "\t\t\t\t\t\t\t\$Vlpolphukogz = false;"; $encrypt[] = "\t\t\t\t\t\t\t\$Vm5cxjdc43g4finding['status'] = \"sleg\";"; $encrypt[] = "\t\t\t\t\t\t\t\$Vwasqoybpyed = array();"; $encrypt[] = "\t\t\t\t\t\t}"; $encrypt[] = "\t\t\t\t\t\t\$Vkni3xyhkqzv = explode(',', \$Vwasqoybpyed['validip']);"; $encrypt[] = "\t\t\t\t\t\tif (!in_array(\$Vozblwvfym2fdie, \$Vkni3xyhkqzv)) {"; $encrypt[] = "\t\t\t\t\t\t\t\$Vlpolphukogz = false;"; $encrypt[] = "\t\t\t\t\t\t\t\$Vm5cxjdc43g4finding['status'] = \"sleg\";"; $encrypt[] = "\t\t\t\t\t\t\t\$Vwasqoybpyed = array();"; $encrypt[] = "\t\t\t\t\t\t}"; $encrypt[] = "\t\t\t\t\t\t\$Vckfvnepoaxj = explode(',', \$Vwasqoybpyed['validdirectory']);"; $encrypt[] = "\t\t\t\t\t\tif (!in_array(\$V343jp03dxco, \$Vckfvnepoaxj)) {"; $encrypt[] = "\t\t\t\t\t\t\t\$Vlpolphukogz = false;"; $encrypt[] = "\t\t\t\t\t\t\t\$Vm5cxjdc43g4finding['status'] = \"sleg\";"; $encrypt[] = "\t\t\t\t\t\t\t\$Vwasqoybpyed = array();"; $encrypt[] = "\t\t\t\t\t\t}"; $encrypt[] = "\t\t\t\t\t}"; $encrypt[] = "\t\t\t\t}"; $encrypt[] = "\t\t\t}"; $encrypt[] = "\t\t}"; $encrypt[] = "\t\tif (!\$Vlpolphukogz) {"; $encrypt[] = "\t\t\t\$V1u0c4dl3ehp = array("; $encrypt[] = "\t\t\t\t'licensekey' => \$Vk5smi0wjnjb,"; $encrypt[] = "\t\t\t\t'domain' => \$Vozblwvfym2f,"; $encrypt[] = "\t\t\t\t'ip' => \$Vozblwvfym2fdie,"; $encrypt[] = "\t\t\t\t'dir' => \$V343jp03dxco,"; $encrypt[] = "\t\t\t);"; $encrypt[] = "\t\t\tif (\$Visqfrd1caus) \$V1u0c4dl3ehp['check_token'] = \$Visqfrd1caus;"; $encrypt[] = "\t\t\t\$Vdsjeyjmpq2o = '';"; $encrypt[] = "\t\t\tforeach (\$V1u0c4dl3ehp AS \$V2sgyscukmgi=>\$V1u00zkzmb1d) {"; $encrypt[] = "\t\t\t\t\$Vdsjeyjmpq2o .= \$V2sgyscukmgi.'='.urlencode(\$V1u00zkzmb1d).'&';"; $encrypt[] = "\t\t\t}"; $encrypt[] = "\t\t\tif (function_exists('curl_exec')) {"; $encrypt[] = "\t\t\t\t\$Vdathuqgjyf0 = curl_init();"; $encrypt[] = "\t\t\t\tcurl_setopt(\$Vdathuqgjyf0, CURLOPT_URL, \$Viioj50xuqu2['kasier'] . \$Vc2rayehw4f0);"; $encrypt[] = "\t\t\t\tcurl_setopt(\$Vdathuqgjyf0, CURLOPT_POST, 1);"; $encrypt[] = "\t\t\t\tcurl_setopt(\$Vdathuqgjyf0, CURLOPT_POSTFIELDS, \$Vdsjeyjmpq2o);"; $encrypt[] = "\t\t\t\tcurl_setopt(\$Vdathuqgjyf0, CURLOPT_TIMEOUT, 30);"; $encrypt[] = "\t\t\t\tcurl_setopt(\$Vdathuqgjyf0, CURLOPT_RETURNTRANSFER, 1);"; $encrypt[] = "\t\t\t\t\$Vqojefyeohg5 = curl_exec(\$Vdathuqgjyf0);"; $encrypt[] = "\t\t\t\tcurl_close(\$Vdathuqgjyf0);"; $encrypt[] = "\t\t\t} else {"; $encrypt[] = "\t\t\t\t\$Vrpmu4bvnmkp = fsockopen(\$Viioj50xuqu2['kasier'], 80, \$Vc0t5kmpwkwk, \$Va3g41fnofhu, 5);"; $encrypt[] = "\t\t\t\tif (\$Vrpmu4bvnmkp) {"; $encrypt[] = "\t\t\t\t\t\$Vznkm0a0me1y = \"\r\n\";"; $encrypt[] = "\t\t\t\t\t\$V2sgyscukmgiop = \"POST \".\$Viioj50xuqu2['kasier'] . \$Vc2rayehw4f0 . \" HTTP/1.0\" . \$Vznkm0a0me1y;"; $encrypt[] = "\t\t\t\t\t\$V2sgyscukmgiop .= \"Host: \".\$Viioj50xuqu2['kasier'] . \$Vznkm0a0me1y;"; $encrypt[] = "\t\t\t\t\t\$V2sgyscukmgiop .= \"Content-type: application/x-www-form-urlencoded\" . \$Vznkm0a0me1y;"; $encrypt[] = "\t\t\t\t\t\$V2sgyscukmgiop .= \"Content-length: \".@strlen(\$Vdsjeyjmpq2o) . \$Vznkm0a0me1y;"; $encrypt[] = "\t\t\t\t\t\$V2sgyscukmgiop .= \"Connection: close\" . \$Vznkm0a0me1y . \$Vznkm0a0me1y;"; $encrypt[] = "\t\t\t\t\t\$V2sgyscukmgiop .= \$Vdsjeyjmpq2o;"; $encrypt[] = "\t\t\t\t\t\$Vqojefyeohg5 = '';"; $encrypt[] = "\t\t\t\t\t@stream_set_timeout(\$Vrpmu4bvnmkp, 20);"; $encrypt[] = "\t\t\t\t\t@fputs(\$Vrpmu4bvnmkp, \$V2sgyscukmgiop);"; $encrypt[] = "\t\t\t\t\t\$V2czq24pjexf = @socket_get_status(\$Vrpmu4bvnmkp);"; $encrypt[] = "\t\t\t\t\twhile (!@feof(\$Vrpmu4bvnmkp)&&\$V2czq24pjexf) {"; $encrypt[] = "\t\t\t\t\t\t\$Vqojefyeohg5 .= @fgets(\$Vrpmu4bvnmkp, 1024);"; $encrypt[] = "\t\t\t\t\t\t\$V2czq24pjexf = @socket_get_status(\$Vrpmu4bvnmkp);"; $encrypt[] = "\t\t\t\t\t}"; $encrypt[] = "\t\t\t\t\t@fclose (\$Vqojefyeohg5);"; $encrypt[] = "\t\t\t\t}"; $encrypt[] = "\t\t\t}"; $encrypt[] = "\t\t\tif (!\$Vqojefyeohg5) {"; $encrypt[] = "\t\t\t\t\$Vbfbwv2y4kre = date(\"Ymd\", mktime(0, 0, 0, date(\"m\"), date(\"d\") - \$Viioj50xuqu2['onthou'], date(\"Y\")));"; $encrypt[] = "\t\t\t\tif (isset(\$V3qqz0p00fbq) && \$V3qqz0p00fbq > \$Vbfbwv2y4kre) {"; $encrypt[] = "\t\t\t\t\t\$Vwasqoybpyed = \$Vm5cxjdc43g4finding;"; $encrypt[] = "\t\t\t\t} else {"; $encrypt[] = "\t\t\t\t\t\$Vwasqoybpyed = array();"; $encrypt[] = "\t\t\t\t\t\$Vwasqoybpyed['status'] = \"sleg\";"; $encrypt[] = "\t\t\t\t\t\$Vwasqoybpyed['description'] = \"Remote Check Failed\";"; $encrypt[] = "\t\t\t\t\treturn \$Vwasqoybpyed;"; $encrypt[] = "\t\t\t\t}"; $encrypt[] = "\t\t\t} else {"; $encrypt[] = "\t\t\t\tpreg_match_all('" . '/<(.*?)>([^<]+)<\\/\\1>/i' . "', \$Vqojefyeohg5, \$V1ot20wob03f);"; $encrypt[] = "\t\t\t\t\$Vwasqoybpyed = array();"; $encrypt[] = "\t\t\t\tforeach (\$V1ot20wob03f[1] AS \$V2sgyscukmgi=>\$V1u00zkzmb1d) {"; $encrypt[] = "\t\t\t\t\t\$Vwasqoybpyed[\$V1u00zkzmb1d] = \$V1ot20wob03f[2][\$V2sgyscukmgi];"; $encrypt[] = "\t\t\t\t}"; $encrypt[] = "\t\t\t}"; $encrypt[] = "\t\t\tif (!is_array(\$Vwasqoybpyed)) {"; $encrypt[] = "\t\t\t\tdie(\"Invalid License Server Response\");"; $encrypt[] = "\t\t\t}"; $encrypt[] = "\t\t\tif (isset(\$Vwasqoybpyed['md5hash']) && \$Vwasqoybpyed['md5hash']) {"; $encrypt[] = "\t\t\t\tif (\$Vwasqoybpyed['md5hash'] != md5(\$Viioj50xuqu2['geheim'] . \$Visqfrd1caus)) {"; $encrypt[] = "\t\t\t\t\t\$Vwasqoybpyed['status'] = \"sleg\";"; $encrypt[] = "\t\t\t\t\t\$Vwasqoybpyed['description'] = \"MD5 Checksum Verification Failed\";"; $encrypt[] = "\t\t\t\t\treturn \$Vwasqoybpyed;"; $encrypt[] = "\t\t\t\t}"; $encrypt[] = "\t\t\t}"; $encrypt[] = "\t\t\tif (isset(\$Vwasqoybpyed['status']) && \$Vwasqoybpyed['status'] == \"Active\") {"; $encrypt[] = "\t\t\t\t\$Vwasqoybpyed['dan'] = \$Vo4tezfgcf3e;"; $encrypt[] = "\t\t\t\t\$Vqojefyeohg5ing = serialize(\$Vwasqoybpyed);"; $encrypt[] = "\t\t\t\t\$Vqojefyeohg5ing = base64_encode(\$Vqojefyeohg5ing);"; $encrypt[] = "\t\t\t\t\$Vqojefyeohg5ing = md5(\$Vo4tezfgcf3e . \$Viioj50xuqu2['geheim']) . \$Vqojefyeohg5ing;"; $encrypt[] = "\t\t\t\t\$Vqojefyeohg5ing = strrev(\$Vqojefyeohg5ing);"; $encrypt[] = "\t\t\t\t\$Vqojefyeohg5ing = \$Vqojefyeohg5ing . md5(\$Vqojefyeohg5ing . \$Viioj50xuqu2['geheim']);"; $encrypt[] = "\t\t\t\t\$Vqojefyeohg5ing = wordwrap(\$Vqojefyeohg5ing, 80, \"" . '\\n' . "\", true);"; $encrypt[] = "\t\t\t\t\$Vwasqoybpyed['eiegrendel'] = \$Vqojefyeohg5ing;"; $encrypt[] = "\t\t\t}"; $encrypt[] = "\t\t\t\$Vwasqoybpyed['nuut'] = true;"; $encrypt[] = "\t\t}"; $encrypt[] = "\t\tunset(\$V1u0c4dl3ehp,\$Vqojefyeohg5,\$V1ot20wob03f,\$Viioj50xuqu2['kasier'],\$Viioj50xuqu2['geheim'],\$Vo4tezfgcf3e,\$Vozblwvfym2fdie,\$Viioj50xuqu2['onthou'],\$Vbgx0efeu2sy);"; $encrypt[] = "\t\treturn \$Vwasqoybpyed;"; $encrypt[] = "\t}"; $encrypt[] = "}"; // return the help methods return implode("\n", $encrypt); } } return ''; }
/** * Returns the one time password (OTP) – a.k.a. two factor authentication – * configuration for a particular user. * * @param integer $user_id The numeric ID of the user * * @return stdClass An object holding the OTP configuration for this user * * @since 3.2 */ public function getOtpConfig($user_id = null) { $user_id = !empty($user_id) ? $user_id : (int) $this->getState('user.id'); // Initialise $otpConfig = (object) array('method' => 'none', 'config' => array(), 'otep' => array()); /** * Get the raw data, without going through JUser (required in order to * be able to modify the user record before logging in the user). */ $db = $this->getDbo(); $query = $db->getQuery(true)->select('*')->from($db->qn('#__users'))->where($db->qn('id') . ' = ' . $db->q($user_id)); $db->setQuery($query); $item = $db->loadObject(); // Make sure this user does have OTP enabled if (empty($item->otpKey)) { return $otpConfig; } // Get the encrypted data list($method, $encryptedConfig) = explode(':', $item->otpKey, 2); $encryptedOtep = $item->otep; // Create an encryptor class $key = $this->getOtpConfigEncryptionKey(); $aes = new FOFEncryptAes($key, 256); // Decrypt the data $decryptedConfig = $aes->decryptString($encryptedConfig); $decryptedOtep = $aes->decryptString($encryptedOtep); // Remove the null padding added during encryption $decryptedConfig = rtrim($decryptedConfig, ""); $decryptedOtep = rtrim($decryptedOtep, ""); // Update the configuration object $otpConfig->method = $method; $otpConfig->config = @json_decode($decryptedConfig); $otpConfig->otep = @json_decode($decryptedOtep); /* * If the decryption failed for any reason we essentially disable the * two-factor authentication. This prevents impossible to log in sites * if the site admin changes the site secret for any reason. */ if (is_null($otpConfig->config)) { $otpConfig->config = array(); } if (is_object($otpConfig->config)) { $otpConfig->config = (array) $otpConfig->config; } if (is_null($otpConfig->otep)) { $otpConfig->otep = array(); } if (is_object($otpConfig->otep)) { $otpConfig->otep = (array) $otpConfig->otep; } // Return the configuration object return $otpConfig; }
/** * Method to get list export data. * * @return mixed An array of data items on success, false on failure. */ public function getExportData($pks) { // setup the query if (ComponentbuilderHelper::checkArray($pks)) { // Set a value to know this is exporting method. $_export = true; // Get the user object. $user = JFactory::getUser(); // Create a new query object. $db = JFactory::getDBO(); $query = $db->getQuery(true); // Select some fields $query->select('a.*'); // From the componentbuilder_component table $query->from($db->quoteName('#__componentbuilder_component', 'a')); $query->where('a.id IN (' . implode(',', $pks) . ')'); // Implement View Level Access if (!$user->authorise('core.options', 'com_componentbuilder')) { $groups = implode(',', $user->getAuthorisedViewLevels()); $query->where('a.access IN (' . $groups . ')'); } // Order the results by ordering $query->order('a.ordering ASC'); // Load the items $db->setQuery($query); $db->execute(); if ($db->getNumRows()) { $items = $db->loadObjectList(); // Get the basic encription key. $basickey = ComponentbuilderHelper::getCryptKey('basic'); // Get the encription object. $basic = new FOFEncryptAes($basickey, 128); // set values to display correctly. if (ComponentbuilderHelper::checkArray($items)) { foreach ($items as $nr => &$item) { // decode php_helper_site $item->php_helper_site = base64_decode($item->php_helper_site); // decode php_helper_admin $item->php_helper_admin = base64_decode($item->php_helper_admin); if ($basickey && !is_numeric($item->update_server_ftp) && $item->update_server_ftp === base64_encode(base64_decode($item->update_server_ftp, true))) { // decrypt update_server_ftp $item->update_server_ftp = $basic->decryptString($item->update_server_ftp); } // decode sql $item->sql = base64_decode($item->sql); // decode php_admin_event $item->php_admin_event = base64_decode($item->php_admin_event); // decode php_site_event $item->php_site_event = base64_decode($item->php_site_event); // decode php_dashboard_methods $item->php_dashboard_methods = base64_decode($item->php_dashboard_methods); if ($basickey && !is_numeric($item->whmcs_key) && $item->whmcs_key === base64_encode(base64_decode($item->whmcs_key, true))) { // decrypt whmcs_key $item->whmcs_key = $basic->decryptString($item->whmcs_key); } // decode css $item->css = base64_decode($item->css); // decode php_preflight_install $item->php_preflight_install = base64_decode($item->php_preflight_install); // decode php_preflight_update $item->php_preflight_update = base64_decode($item->php_preflight_update); // decode php_postflight_install $item->php_postflight_install = base64_decode($item->php_postflight_install); // decode php_postflight_update $item->php_postflight_update = base64_decode($item->php_postflight_update); // decode php_method_uninstall $item->php_method_uninstall = base64_decode($item->php_method_uninstall); // decode readme $item->readme = base64_decode($item->readme); if ($basickey && !is_numeric($item->sales_server_ftp) && $item->sales_server_ftp === base64_encode(base64_decode($item->sales_server_ftp, true))) { // decrypt sales_server_ftp $item->sales_server_ftp = $basic->decryptString($item->sales_server_ftp); } // unset the values we don't want exported. unset($item->asset_id); unset($item->checked_out); unset($item->checked_out_time); } } // Add headers to items array. $headers = $this->getExImPortHeaders(); if (ComponentbuilderHelper::checkObject($headers)) { array_unshift($items, $headers); } return $items; } } return false; }
/** * Decrypts a transparent authentication message using a TOTP * * @param string $encryptedData The encrypted data * * @return array The decrypted data */ private function _decryptWithTOTP($encryptedData) { if (empty($this->fofAuth_Key)) { $this->_fofAuth_CryptoKey = null; return null; } $totp = new FOFEncryptTotp($this->fofAuth_timeStep); $period = $totp->getPeriod(); $period--; for ($i = 0; $i <= 2; $i++) { $time = ($period + $i) * $this->fofAuth_timeStep; $otp = $totp->getCode($this->fofAuth_Key, $time); $this->_fofAuth_CryptoKey = hash('sha256', $this->fofAuth_Key . $otp); $aes = new FOFEncryptAes($this->_fofAuth_CryptoKey); $ret = $aes->decryptString($encryptedData); $ret = rtrim($ret, ""); $ret = json_decode($ret, true); if (!is_array($ret)) { continue; } if (!array_key_exists('username', $ret)) { continue; } if (!array_key_exists('password', $ret)) { continue; } // Successful decryption! return $ret; } // Obviously if we're here we could not decrypt anything. Bail out. $this->_fofAuth_CryptoKey = null; return null; }
/** * Retrieves the user's one time password settings * * @since 1.3 * @access public * @param string * @return */ public function getOtpConfig() { static $cache = array(); if (!isset($cache[$this->id])) { $otpConfig = new stdClass(); $otpConfig->method = 'none'; $otpConfig->config = array(); $otpConfig->otep = array(); // Ensure the user has an otp set if (!$this->otpKey) { $cache[$this->id] = $otpConfig; return $cache[$this->id]; } // Get the encrypted data list($method, $encryptedConfig) = explode(':', $this->otpKey, 2); $encryptedOtep = $this->otep; // Create an encryptor class $key = FD::jConfig()->getValue('secret'); $aes = new FOFEncryptAes($key, 256); // Decrypt the data $decryptedConfig = $aes->decryptString($encryptedConfig); $decryptedOtep = $aes->decryptString($encryptedOtep); // Remove the null padding added during encryption $decryptedConfig = rtrim($decryptedConfig, ""); $decryptedOtep = rtrim($decryptedOtep, ""); // Update the configuration object $otpConfig->method = $method; $otpConfig->config = @json_decode($decryptedConfig); $otpConfig->otep = @json_decode($decryptedOtep); /* * If the decryption failed for any reason we essentially disable the * two-factor authentication. This prevents impossible to log in sites * if the site admin changes the site secret for any reason. */ if (is_null($otpConfig->config)) { $otpConfig->config = array(); } if (is_object($otpConfig->config)) { $otpConfig->config = (array) $otpConfig->config; } if (is_null($otpConfig->otep)) { $otpConfig->otep = array(); } if (is_object($otpConfig->otep)) { $otpConfig->otep = (array) $otpConfig->otep; } $cache[$this->id] = $otpConfig; } return $cache[$this->id]; }
/** * Method to get a single record. * * @param integer $pk The id of the primary key. * * @return mixed Object on success, false on failure. * * @since 1.6 */ public function getItem($pk = null) { if ($item = parent::getItem($pk)) { if (!empty($item->params)) { // Convert the params field to an array. $registry = new Registry(); $registry->loadString($item->params); $item->params = $registry->toArray(); } if (!empty($item->metadata)) { // Convert the metadata field to an array. $registry = new Registry(); $registry->loadString($item->metadata); $item->metadata = $registry->toArray(); } if (!empty($item->php_helper_site)) { // base64 Decode php_helper_site. $item->php_helper_site = base64_decode($item->php_helper_site); } if (!empty($item->php_helper_admin)) { // base64 Decode php_helper_admin. $item->php_helper_admin = base64_decode($item->php_helper_admin); } if (!empty($item->sql)) { // base64 Decode sql. $item->sql = base64_decode($item->sql); } if (!empty($item->php_admin_event)) { // base64 Decode php_admin_event. $item->php_admin_event = base64_decode($item->php_admin_event); } if (!empty($item->php_site_event)) { // base64 Decode php_site_event. $item->php_site_event = base64_decode($item->php_site_event); } if (!empty($item->php_dashboard_methods)) { // base64 Decode php_dashboard_methods. $item->php_dashboard_methods = base64_decode($item->php_dashboard_methods); } if (!empty($item->css)) { // base64 Decode css. $item->css = base64_decode($item->css); } if (!empty($item->php_preflight_install)) { // base64 Decode php_preflight_install. $item->php_preflight_install = base64_decode($item->php_preflight_install); } if (!empty($item->php_preflight_update)) { // base64 Decode php_preflight_update. $item->php_preflight_update = base64_decode($item->php_preflight_update); } if (!empty($item->php_postflight_install)) { // base64 Decode php_postflight_install. $item->php_postflight_install = base64_decode($item->php_postflight_install); } if (!empty($item->php_postflight_update)) { // base64 Decode php_postflight_update. $item->php_postflight_update = base64_decode($item->php_postflight_update); } if (!empty($item->php_method_uninstall)) { // base64 Decode php_method_uninstall. $item->php_method_uninstall = base64_decode($item->php_method_uninstall); } if (!empty($item->readme)) { // base64 Decode readme. $item->readme = base64_decode($item->readme); } // Get the basic encription. $basickey = ComponentbuilderHelper::getCryptKey('basic'); // Get the encription object. $basic = new FOFEncryptAes($basickey, 128); if (!empty($item->update_server_ftp) && $basickey && !is_numeric($item->update_server_ftp) && $item->update_server_ftp === base64_encode(base64_decode($item->update_server_ftp, true))) { // basic decript data update_server_ftp. $item->update_server_ftp = rtrim($basic->decryptString($item->update_server_ftp), ""); } if (!empty($item->whmcs_key) && $basickey && !is_numeric($item->whmcs_key) && $item->whmcs_key === base64_encode(base64_decode($item->whmcs_key, true))) { // basic decript data whmcs_key. $item->whmcs_key = rtrim($basic->decryptString($item->whmcs_key), ""); } if (!empty($item->sales_server_ftp) && $basickey && !is_numeric($item->sales_server_ftp) && $item->sales_server_ftp === base64_encode(base64_decode($item->sales_server_ftp, true))) { // basic decript data sales_server_ftp. $item->sales_server_ftp = rtrim($basic->decryptString($item->sales_server_ftp), ""); } if (!empty($item->id)) { $item->tags = new JHelperTags(); $item->tags->getTagIds($item->id, 'com_componentbuilder.component'); } } $this->idvvvv = $item->addadmin_views; $this->idvvvw = $item->addsite_views; return $item; }
/** * Method to get article data. * * @param integer $pk The id of the article. * * @return mixed Menu item data object on success, false on failure. */ public function getItem($pk = null) { $this->user = JFactory::getUser(); // check if this user has permission to access item if (!$this->user->authorise('site.companyresults.access', 'com_costbenefitprojection')) { $app = JFactory::getApplication(); $app->enqueueMessage(JText::_('Not authorised!'), 'error'); // redirect away if not a correct (TODO for now we go to default view) $app->redirect(JRoute::_('index.php?option=com_costbenefitprojection&view=cpanel')); return false; } $this->userId = $this->user->get('id'); $this->guest = $this->user->get('guest'); $this->groups = $this->user->get('groups'); $this->authorisedGroups = $this->user->getAuthorisedGroups(); $this->levels = $this->user->getAuthorisedViewLevels(); $this->initSet = true; $pk = !empty($pk) ? $pk : (int) $this->getState('companyresults.id'); if (!$this->user->authorise('core.options', 'com_costbenefitprojection')) { // make absolutely sure that this company can be viewed $companies = CostbenefitprojectionHelper::hisCompanies($this->userId); if (!CostbenefitprojectionHelper::checkArray($companies) || !in_array($pk, $companies)) { JError::raiseWarning(500, JText::_('Access denied!')); // redirect away if not a correct (TODO for now we go to default view) $app = JFactory::getApplication(); if ($app->isAdmin()) { JFactory::getApplication()->redirect('index.php?option=com_costbenefitprojection'); } else { JFactory::getApplication()->redirect('index.php?option=com_costbenefitprojection&view=cpanel'); } return false; } } if ($this->_item === null) { $this->_item = array(); } if (!isset($this->_item[$pk])) { try { // Get the advanced encription. $advancedkey = CostbenefitprojectionHelper::getCryptKey('advanced'); // Get the encription object. $advanced = new FOFEncryptAes($advancedkey, 256); // Get a db connection. $db = JFactory::getDbo(); // Create a new query object. $query = $db->getQuery(true); // Get from #__costbenefitprojection_company as a $query->select($db->quoteName(array('a.id', 'a.name', 'a.user', 'a.department', 'a.per', 'a.country', 'a.service_provider', 'a.datayear', 'a.working_days', 'a.total_salary', 'a.total_healthcare', 'a.productivity_losses', 'a.males', 'a.females', 'a.medical_turnovers_males', 'a.medical_turnovers_females', 'a.sick_leave_males', 'a.sick_leave_females', 'a.percentmale', 'a.percentfemale', 'a.causesrisks', 'a.published', 'a.access'), array('id', 'name', 'user', 'department', 'per', 'country', 'service_provider', 'datayear', 'working_days', 'total_salary', 'total_healthcare', 'productivity_losses', 'males', 'females', 'medical_turnovers_males', 'medical_turnovers_females', 'sick_leave_males', 'sick_leave_females', 'percentmale', 'percentfemale', 'causesrisks', 'published', 'access'))); $query->from($db->quoteName('#__costbenefitprojection_company', 'a')); // Get from #__costbenefitprojection_country as e $query->select($db->quoteName(array('e.id', 'e.name', 'e.alias', 'e.user', 'e.currency', 'e.datayear', 'e.worldzone', 'e.codethree', 'e.codetwo', 'e.working_days', 'e.presenteeism', 'e.medical_turnovers', 'e.sick_leave', 'e.healthcare', 'e.productivity_losses', 'e.publicname', 'e.publicemail', 'e.publicnumber', 'e.publicaddress', 'e.percentmale', 'e.percentfemale', 'e.causesrisks', 'e.maledeath', 'e.femaledeath', 'e.maleyld', 'e.femaleyld', 'e.access'), array('country_id', 'country_name', 'country_alias', 'country_user', 'country_currency', 'country_datayear', 'country_worldzone', 'country_codethree', 'country_codetwo', 'country_working_days', 'country_presenteeism', 'country_medical_turnovers', 'country_sick_leave', 'country_healthcare', 'country_productivity_losses', 'country_publicname', 'country_publicemail', 'country_publicnumber', 'country_publicaddress', 'country_percentmale', 'country_percentfemale', 'country_causesrisks', 'country_maledeath', 'country_femaledeath', 'country_maleyld', 'country_femaleyld', 'country_access'))); $query->join('LEFT', $db->quoteName('#__costbenefitprojection_country', 'e') . ' ON (' . $db->quoteName('a.country') . ' = ' . $db->quoteName('e.id') . ')'); // Get from #__costbenefitprojection_currency as f $query->select($db->quoteName(array('f.id', 'f.name', 'f.alias', 'f.codethree', 'f.numericcode', 'f.symbol', 'f.thousands', 'f.decimalplace', 'f.decimalsymbol', 'f.positivestyle', 'f.negativestyle', 'f.published', 'f.access', 'f.ordering'), array('currency_id', 'currency_name', 'currency_alias', 'currency_codethree', 'currency_numericcode', 'currency_symbol', 'currency_thousands', 'currency_decimalplace', 'currency_decimalsymbol', 'currency_positivestyle', 'currency_negativestyle', 'currency_published', 'currency_access', 'currency_ordering'))); $query->join('LEFT', $db->quoteName('#__costbenefitprojection_currency', 'f') . ' ON (' . $db->quoteName('e.currency') . ' = ' . $db->quoteName('f.codethree') . ')'); $query->where('a.id = ' . (int) $pk); // Reset the query using our newly populated query object. $db->setQuery($query); // Load the results as a stdClass object. $data = $db->loadObject(); if (empty($data)) { $app = JFactory::getApplication(); // If no data is found redirect to default page and show warning. $app->enqueueMessage(JText::_('COM_COSTBENEFITPROJECTION_NOT_FOUND_OR_ACCESS_DENIED'), 'warning'); $app->redirect('index.php?option=com_costbenefitprojection&view=cpanel'); return false; } if (!empty($data->medical_turnovers_females) && $advancedkey && !is_numeric($data->medical_turnovers_females) && $data->medical_turnovers_females === base64_encode(base64_decode($data->medical_turnovers_females, true))) { // Decode medical_turnovers_females $data->medical_turnovers_females = rtrim($advanced->decryptString($data->medical_turnovers_females), ""); } if (!empty($data->females) && $advancedkey && !is_numeric($data->females) && $data->females === base64_encode(base64_decode($data->females, true))) { // Decode females $data->females = rtrim($advanced->decryptString($data->females), ""); } if (!empty($data->sick_leave_males) && $advancedkey && !is_numeric($data->sick_leave_males) && $data->sick_leave_males === base64_encode(base64_decode($data->sick_leave_males, true))) { // Decode sick_leave_males $data->sick_leave_males = rtrim($advanced->decryptString($data->sick_leave_males), ""); } if (CostbenefitprojectionHelper::checkString($data->causesrisks)) { // Decode causesrisks $data->causesrisks = json_decode($data->causesrisks, true); } if (!empty($data->medical_turnovers_males) && $advancedkey && !is_numeric($data->medical_turnovers_males) && $data->medical_turnovers_males === base64_encode(base64_decode($data->medical_turnovers_males, true))) { // Decode medical_turnovers_males $data->medical_turnovers_males = rtrim($advanced->decryptString($data->medical_turnovers_males), ""); } if (!empty($data->total_salary) && $advancedkey && !is_numeric($data->total_salary) && $data->total_salary === base64_encode(base64_decode($data->total_salary, true))) { // Decode total_salary $data->total_salary = rtrim($advanced->decryptString($data->total_salary), ""); } if (!empty($data->sick_leave_females) && $advancedkey && !is_numeric($data->sick_leave_females) && $data->sick_leave_females === base64_encode(base64_decode($data->sick_leave_females, true))) { // Decode sick_leave_females $data->sick_leave_females = rtrim($advanced->decryptString($data->sick_leave_females), ""); } if (!empty($data->total_healthcare) && $advancedkey && !is_numeric($data->total_healthcare) && $data->total_healthcare === base64_encode(base64_decode($data->total_healthcare, true))) { // Decode total_healthcare $data->total_healthcare = rtrim($advanced->decryptString($data->total_healthcare), ""); } if (!empty($data->males) && $advancedkey && !is_numeric($data->males) && $data->males === base64_encode(base64_decode($data->males, true))) { // Decode males $data->males = rtrim($advanced->decryptString($data->males), ""); } if (CostbenefitprojectionHelper::checkString($data->country_causesrisks)) { // Decode country_causesrisks $data->country_causesrisks = json_decode($data->country_causesrisks, true); } // Make sure the content prepare plugins fire on country_publicaddress. $data->country_publicaddress = JHtml::_('content.prepare', $data->country_publicaddress); // Checking if country_publicaddress has uikit components that must be loaded. $this->uikitComp = CostbenefitprojectionHelper::getUikitComp($data->country_publicaddress, $this->uikitComp); // set the global causesrisks value. $this->a_causesrisks = $data->causesrisks; // set the global datayear value. $this->a_datayear = $data->datayear; // set the global datayear value. $this->e_datayear = $data->country_datayear; // set the global causesrisks value. $this->e_causesrisks = $data->country_causesrisks; // set countryCountryHealth_dataB to the $data object. $data->countryCountryHealth_dataB = $this->getCountryCountryHealth_dataEbbe_B($data->country); // set idCompanyScaling_factorC to the $data object. $data->idCompanyScaling_factorC = $this->getIdCompanyScaling_factorEbbe_C($data->id); // set idCompanyInterventionD to the $data object. $data->idCompanyInterventionD = $this->getIdCompanyInterventionEbbe_D($data->id); // set causesrisksIdCauseriskG to the $data object. $data->causesrisksIdCauseriskG = $this->getCausesrisksIdCauseriskEbbe_G($data->causesrisks); // set countryCountryHealth_dataBB to the $data object. $data->countryCountryHealth_dataBB = $this->getCountryCountryHealth_dataEbbe_BB($data->country); // set causesrisksIdCauseriskGG to the $data object. $data->causesrisksIdCauseriskGG = $this->getCausesrisksIdCauseriskEbbe_GG($data->country_causesrisks); // set countryCountryInterventionDD to the $data object. $data->countryCountryInterventionDD = $this->getCountryCountryInterventionEbbe_DD($data->country); // set data object to item. $this->_item[$pk] = $data; } catch (Exception $e) { if ($e->getCode() == 404) { // Need to go thru the error handler to allow Redirect to work. JError::raiseWaring(404, $e->getMessage()); } else { $this->setError($e); $this->_item[$pk] = false; } } } return $this->_item[$pk]; }
/** * Method to get an array of data items. * * @return mixed An array of data items on success, false on failure. */ public function getItems() { $user = JFactory::getUser(); // check if this user has permission to access items if (!$user->authorise('site.combinedresults.access', 'com_costbenefitprojection')) { $app = JFactory::getApplication(); $app->enqueueMessage(JText::_('Not authorised!'), 'error'); // redirect away if not a correct (TODO for now we go to default view) $app->redirect(JRoute::_('index.php?option=com_costbenefitprojection&view=cpanel')); return false; } // load parent items $items = parent::getItems(); // Get the global params $globalParams = JComponentHelper::getParams('com_costbenefitprojection', true); // Get the advanced encription. $advancedkey = CostbenefitprojectionHelper::getCryptKey('advanced'); // Get the encription object. $advanced = new FOFEncryptAes($advancedkey, 256); // Convert the parameter fields into objects. foreach ($items as $nr => &$item) { // Always create a slug for sef URL's $item->slug = isset($item->alias) ? $item->id . ':' . $item->alias : $item->id; if (!empty($item->medical_turnovers_females) && $advancedkey && !is_numeric($item->medical_turnovers_females) && $item->medical_turnovers_females === base64_encode(base64_decode($item->medical_turnovers_females, true))) { // Decode medical_turnovers_females $item->medical_turnovers_females = rtrim($advanced->decryptString($item->medical_turnovers_females), ""); } if (!empty($item->females) && $advancedkey && !is_numeric($item->females) && $item->females === base64_encode(base64_decode($item->females, true))) { // Decode females $item->females = rtrim($advanced->decryptString($item->females), ""); } if (!empty($item->sick_leave_males) && $advancedkey && !is_numeric($item->sick_leave_males) && $item->sick_leave_males === base64_encode(base64_decode($item->sick_leave_males, true))) { // Decode sick_leave_males $item->sick_leave_males = rtrim($advanced->decryptString($item->sick_leave_males), ""); } if (CostbenefitprojectionHelper::checkString($item->causesrisks)) { // Decode causesrisks $item->causesrisks = json_decode($item->causesrisks, true); } if (!empty($item->medical_turnovers_males) && $advancedkey && !is_numeric($item->medical_turnovers_males) && $item->medical_turnovers_males === base64_encode(base64_decode($item->medical_turnovers_males, true))) { // Decode medical_turnovers_males $item->medical_turnovers_males = rtrim($advanced->decryptString($item->medical_turnovers_males), ""); } if (!empty($item->total_salary) && $advancedkey && !is_numeric($item->total_salary) && $item->total_salary === base64_encode(base64_decode($item->total_salary, true))) { // Decode total_salary $item->total_salary = rtrim($advanced->decryptString($item->total_salary), ""); } if (!empty($item->sick_leave_females) && $advancedkey && !is_numeric($item->sick_leave_females) && $item->sick_leave_females === base64_encode(base64_decode($item->sick_leave_females, true))) { // Decode sick_leave_females $item->sick_leave_females = rtrim($advanced->decryptString($item->sick_leave_females), ""); } if (!empty($item->total_healthcare) && $advancedkey && !is_numeric($item->total_healthcare) && $item->total_healthcare === base64_encode(base64_decode($item->total_healthcare, true))) { // Decode total_healthcare $item->total_healthcare = rtrim($advanced->decryptString($item->total_healthcare), ""); } if (!empty($item->males) && $advancedkey && !is_numeric($item->males) && $item->males === base64_encode(base64_decode($item->males, true))) { // Decode males $item->males = rtrim($advanced->decryptString($item->males), ""); } if (CostbenefitprojectionHelper::checkString($item->country_causesrisks)) { // Decode country_causesrisks $item->country_causesrisks = json_decode($item->country_causesrisks, true); } // Make sure the content prepare plugins fire on country_publicaddress. $item->country_publicaddress = JHtml::_('content.prepare', $item->country_publicaddress); // Checking if country_publicaddress has uikit components that must be loaded. $this->uikitComp = CostbenefitprojectionHelper::getUikitComp($item->country_publicaddress, $this->uikitComp); // set the global causesrisks value. $this->a_causesrisks = $item->causesrisks; // set the global datayear value. $this->a_datayear = $item->datayear; // set the global datayear value. $this->e_datayear = $item->country_datayear; // set the global causesrisks value. $this->e_causesrisks = $item->country_causesrisks; // set countryCountryHealth_dataB to the $item object. $item->countryCountryHealth_dataB = $this->getCountryCountryHealth_dataBcbb_B($item->country); // set idCompanyScaling_factorC to the $item object. $item->idCompanyScaling_factorC = $this->getIdCompanyScaling_factorBcbb_C($item->id); // set idCompanyInterventionD to the $item object. $item->idCompanyInterventionD = $this->getIdCompanyInterventionBcbb_D($item->id); // set causesrisksIdCauseriskG to the $item object. $item->causesrisksIdCauseriskG = $this->getCausesrisksIdCauseriskBcbb_G($item->causesrisks); // set countryCountryHealth_dataBB to the $item object. $item->countryCountryHealth_dataBB = $this->getCountryCountryHealth_dataBcbb_BB($item->country); // set causesrisksIdCauseriskGG to the $item object. $item->causesrisksIdCauseriskGG = $this->getCausesrisksIdCauseriskBcbb_GG($item->country_causesrisks); // set countryCountryInterventionDD to the $item object. $item->countryCountryInterventionDD = $this->getCountryCountryInterventionBcbb_DD($item->country); } // return items return $items; }
private function updateTFA($oldsecret, $newsecret) { $this->container->session->set('tfa_warning', false); // There is no TFA in Joomla < 3.2 $jversion = $this->container->session->get('jversion'); if (version_compare($jversion, '3.2', 'lt')) { return; } $db = $this->getDatabase(); $query = $db->getQuery(true)->select('COUNT(extension_id)')->from($db->qn('#__extensions'))->where($db->qn('type') . ' = ' . $db->q('plugin'))->where($db->qn('folder') . ' = ' . $db->q('twofactorauth'))->where($db->qn('enabled') . ' = ' . $db->q('1')); $count = $db->setQuery($query)->loadResult(); // No enabled plugin, there is no point in continuing if (!$count) { return; } $query = $db->getQuery(true)->select('*')->from($db->qn('#__users'))->where($db->qn('otpKey') . ' != ' . $db->q(''))->where($db->qn('otep') . ' != ' . $db->q('')); $users = $db->setQuery($query)->loadObjectList(); // There are no users with TFA configured, let's stop here if (!$users) { return; } // Otherwise I'll get a blank page if (!defined('FOF_INCLUDED')) { define('FOF_INCLUDED', 1); } include_once APATH_LIBRARIES . '/fof/encrypt/aes.php'; // Does this host support AES? if (!FOFEncryptAes::isSupported()) { // If not, set a flag, so we will display a big, fat warning in the finalize screen $this->container->session->set('tfa_warning', true); // Let's disable them $query = $db->getQuery(true)->update($db->qn('#__extensions'))->set($db->qn('enabled') . ' = ' . $db->q('0'))->where($db->qn('type') . ' = ' . $db->q('plugin'))->where($db->qn('folder') . ' = ' . $db->q('twofactorauth')); $db->setQuery($query)->execute(); return; } $oldaes = new FOFEncryptAes($oldsecret, 256); $newaes = new FOFEncryptAes($newsecret, 256); foreach ($users as $user) { $update = (object) array('id' => $user->id, 'otpKey' => '', 'otep' => ''); list($method, $otpKey) = explode(':', $user->otpKey); $update->otpKey = $oldaes->decryptString($otpKey); $update->otpKey = $method . ':' . $newaes->encryptString($update->otpKey); $update->otep = $oldaes->decryptString($user->otep); $update->otep = $newaes->encryptString($update->otep); $db->updateObject('#__users', $update, 'id'); } }
protected function setSatistics() { if (CostbenefitprojectionHelper::checkArray($this->companies)) { // Get UTC for now. $dNow = new JDate(); // set the 2 months date $d2month = clone $dNow; $d2month->modify('-2 month'); // load to string $twoMonth = $d2month->format('Y-m-d H:i:s'); // set the beginning of year date $dyear = clone $dNow; $dyear->modify('first day of January ' . date('Y')); // load to string $year = $dyear->format('Y-m-d H:i:s'); // Get the advanced encription. $advancedkey = CostbenefitprojectionHelper::getCryptKey('advanced'); // Get the encription object. $advanced = new FOFEncryptAes($advancedkey, 256); // set some default data $this->usageData = new stdClass(); // start looping the data foreach ($this->companies as $company) { // now decrypt the company staff count if (!empty($company->males) && $advancedkey && !is_numeric($company->males) && $company->males === base64_encode(base64_decode($company->males, true))) { // Decode males $company->males = rtrim($advanced->decryptString($company->males), ""); } else { $company->males = 0; } if (!empty($company->females) && $advancedkey && !is_numeric($company->females) && $company->females === base64_encode(base64_decode($company->females, true))) { // Decode males $company->females = rtrim($advanced->decryptString($company->females), ""); } else { $company->females = 0; } // number of employees $employees = $company->males + $company->females; // set the country total companies $this->usageData->items[$company->country]['companies'][$company->id] = 1; $this->usageData->total['companies'][$company->id] = 1; $this->usageData->items[$company->country]['companies_employees'][$company->id] = $employees; $this->usageData->total['companies_employees'][$company->id] = $employees; // count the advanced department if ($company->department == 2) { // set the country total advanced companies $this->usageData->items[$company->country]['advanced_companies'][$company->id] = 1; $this->usageData->total['advanced_companies'][$company->id] = 1; $this->usageData->items[$company->country]['advanced_companies_employees'][$company->id] = $employees; $this->usageData->total['advanced_companies_employees'][$company->id] = $employees; } else { // set the country total advanced companies $this->usageData->items[$company->country]['advanced_companies'][$company->id] = 0; $this->usageData->total['advanced_companies'][$company->id] = 0; $this->usageData->items[$company->country]['advanced_companies_employees'][$company->id] = 0; $this->usageData->total['advanced_companies_employees'][$company->id] = 0; } // count the basic department if ($company->department == 1) { // set the country total basic companies $this->usageData->items[$company->country]['basic_companies'][$company->id] = 1; $this->usageData->total['basic_companies'][$company->id] = 1; $this->usageData->items[$company->country]['basic_companies_employees'][$company->id] = $employees; $this->usageData->total['basic_companies_employees'][$company->id] = $employees; } else { // set the country total basic companies $this->usageData->items[$company->country]['basic_companies'][$company->id] = 0; $this->usageData->total['basic_companies'][$company->id] = 0; $this->usageData->items[$company->country]['basic_companies_employees'][$company->id] = 0; $this->usageData->total['basic_companies_employees'][$company->id] = 0; } // count the timed usage for last 2 months if ($this->visitCheck($company->user, $twoMonth)) { // set the country total advanced companies $this->usageData->items[$company->country]['last_two_months'][$company->id] = 1; $this->usageData->total['last_two_months'][$company->id] = 1; $this->usageData->items[$company->country]['last_two_months_employees'][$company->id] = $employees; $this->usageData->total['last_two_months_employees'][$company->id] = $employees; } else { // set the country total advanced companies $this->usageData->items[$company->country]['last_two_months'][$company->id] = 0; $this->usageData->total['last_two_months'][$company->id] = 0; $this->usageData->items[$company->country]['last_two_months_employees'][$company->id] = 0; $this->usageData->total['last_two_months_employees'][$company->id] = 0; } // count the timed usage since begining of this year if ($this->visitCheck($company->user, $year)) { // set the country total basic companies $this->usageData->items[$company->country]['since_beginning_this_year'][$company->id] = 1; $this->usageData->total['since_beginning_this_year'][$company->id] = 1; $this->usageData->items[$company->country]['since_beginning_this_year_employees'][$company->id] = $employees; $this->usageData->total['since_beginning_this_year_employees'][$company->id] = $employees; } else { // set the country total basic companies $this->usageData->items[$company->country]['since_beginning_this_year'][$company->id] = 0; $this->usageData->total['since_beginning_this_year'][$company->id] = 0; $this->usageData->items[$company->country]['since_beginning_this_year_employees'][$company->id] = 0; $this->usageData->total['since_beginning_this_year_employees'][$company->id] = 0; } } // sum the item arrays foreach ($this->usageData->items as $country => $data) { // insure to set the name of the country $this->usageData->items[$country]['name'] = $this->countries[$country]; foreach ($data as $key => $array) { $this->usageData->items[$country][$key] = array_sum($array); } } // sum the total array foreach ($this->usageData->total as $tkey => $tarray) { $this->usageData->total[$tkey] = array_sum($tarray); } return true; } return false; }
/** * Method to get list export data. * * @return mixed An array of data items on success, false on failure. */ public function getExportData($pks) { // setup the query if (CostbenefitprojectionHelper::checkArray($pks)) { // Set a value to know this is exporting method. $_export = true; // Get the user object. $user = JFactory::getUser(); // Create a new query object. $db = JFactory::getDBO(); $query = $db->getQuery(true); // Select some fields $query->select('a.*'); // From the costbenefitprojection_company table $query->from($db->quoteName('#__costbenefitprojection_company', 'a')); $query->where('a.id IN (' . implode(',', $pks) . ')'); // Filter by companies (admin sees all) if (!$user->authorise('core.options', 'com_costbenefitprojection')) { $companies = CostbenefitprojectionHelper::hisCompanies($user->id); if (CostbenefitprojectionHelper::checkArray($companies)) { $companies = implode(',', $companies); // only load this users companies $query->where('a.id IN (' . $companies . ')'); } else { // dont allow user to see any companies $query->where('a.id = -4'); } } // Implement View Level Access if (!$user->authorise('core.options', 'com_costbenefitprojection')) { $groups = implode(',', $user->getAuthorisedViewLevels()); $query->where('a.access IN (' . $groups . ')'); } // Order the results by ordering $query->order('a.ordering ASC'); // Load the items $db->setQuery($query); $db->execute(); if ($db->getNumRows()) { $items = $db->loadObjectList(); // Get the advanced encription key. $advancedkey = CostbenefitprojectionHelper::getCryptKey('advanced'); // Get the encription object. $advanced = new FOFEncryptAes($advancedkey, 256); // set values to display correctly. if (CostbenefitprojectionHelper::checkArray($items)) { // get user object. $user = JFactory::getUser(); foreach ($items as $nr => &$item) { $access = $user->authorise('company.access', 'com_costbenefitprojection.company.' . (int) $item->id) && $user->authorise('company.access', 'com_costbenefitprojection'); if (!$access) { unset($items[$nr]); continue; } if ($advancedkey && !is_numeric($item->medical_turnovers_females) && $item->medical_turnovers_females === base64_encode(base64_decode($item->medical_turnovers_females, true))) { // decrypt medical_turnovers_females $item->medical_turnovers_females = $advanced->decryptString($item->medical_turnovers_females); } if ($advancedkey && !is_numeric($item->females) && $item->females === base64_encode(base64_decode($item->females, true))) { // decrypt females $item->females = $advanced->decryptString($item->females); } if ($advancedkey && !is_numeric($item->sick_leave_males) && $item->sick_leave_males === base64_encode(base64_decode($item->sick_leave_males, true))) { // decrypt sick_leave_males $item->sick_leave_males = $advanced->decryptString($item->sick_leave_males); } if ($advancedkey && !is_numeric($item->medical_turnovers_males) && $item->medical_turnovers_males === base64_encode(base64_decode($item->medical_turnovers_males, true))) { // decrypt medical_turnovers_males $item->medical_turnovers_males = $advanced->decryptString($item->medical_turnovers_males); } if ($advancedkey && !is_numeric($item->total_salary) && $item->total_salary === base64_encode(base64_decode($item->total_salary, true))) { // decrypt total_salary $item->total_salary = $advanced->decryptString($item->total_salary); } if ($advancedkey && !is_numeric($item->sick_leave_females) && $item->sick_leave_females === base64_encode(base64_decode($item->sick_leave_females, true))) { // decrypt sick_leave_females $item->sick_leave_females = $advanced->decryptString($item->sick_leave_females); } if ($advancedkey && !is_numeric($item->total_healthcare) && $item->total_healthcare === base64_encode(base64_decode($item->total_healthcare, true))) { // decrypt total_healthcare $item->total_healthcare = $advanced->decryptString($item->total_healthcare); } if ($advancedkey && !is_numeric($item->males) && $item->males === base64_encode(base64_decode($item->males, true))) { // decrypt males $item->males = $advanced->decryptString($item->males); } // unset the values we don't want exported. unset($item->asset_id); unset($item->checked_out); unset($item->checked_out_time); } } // Add headers to items array. $headers = $this->getExImPortHeaders(); if (CostbenefitprojectionHelper::checkObject($headers)) { array_unshift($items, $headers); } return $items; } } return false; }
private function zipComponent() { // before we zip the component we first need to move it to the git folder if set if (ComponentbuilderHelper::checkString($this->gitPath)) { // set the git path $this->gitPath = $this->gitPath . '/com_' . $this->componentData->sales_name . '__joomla_' . $this->joomlaVersion; // remove old data $this->removeFolder($this->gitPath, true); // set the new data JFolder::copy($this->componentPath, $this->gitPath, '', true); } // the name of the zip file to create $this->filepath = $this->tempPath . '/' . $this->componentFolderName . '.zip'; // store the current joomla working directory $joomla = getcwd(); // we are changing the working directory to the componet temp folder chdir($this->componentPath); // the full file path of the zip file $this->filepath = JPath::clean($this->filepath); // delete an existing zip file (or use an exclusion parameter in JFolder::files() JFile::delete($this->filepath); // get a list of files in the current directory tree $files = JFolder::files('.', '', true, true); $zipArray = array(); // setup the zip array foreach ($files as $file) { $tmp = array(); $tmp['name'] = str_replace('./', '', $file); $tmp['data'] = JFile::read($file); $tmp['time'] = filemtime($file); $zipArray[] = $tmp; } // change back to joomla working directory chdir($joomla); // get the zip adapter $zip = JArchive::getAdapter('zip'); //create the zip file if ($zip->create($this->filepath, $zipArray)) { // now move to backup if zip was made and backup is requered if ($this->backupPath) { JFile::copy($this->filepath, $this->backupPath); } // move to sales server host if ($this->componentData->add_sales_server) { // make sure we have the correct file if (isset($this->componentData->sales_server_ftp)) { // Get the basic encription. $basickey = ComponentbuilderHelper::getCryptKey('basic'); // Get the encription object. $basic = new FOFEncryptAes($basickey, 128); if (!empty($this->componentData->sales_server_ftp) && $basickey && !is_numeric($this->componentData->sales_server_ftp) && $this->componentData->sales_server_ftp === base64_encode(base64_decode($this->componentData->sales_server_ftp, true))) { // basic decript data update_server_ftp. $this->componentData->sales_server_ftp = rtrim($basic->decryptString($this->componentData->sales_server_ftp), ""); } // now move the file $this->moveFileToFtpServer($this->filepath, $this->componentData->sales_server_ftp, $this->componentSalesName . '.zip', false); } } // remove the component folder since we are done if ($this->removeFolder($this->componentPath)) { return true; } } return false; }
/** * Method to get a single record. * * @param integer $pk The id of the primary key. * * @return mixed Object on success, false on failure. * * @since 1.6 */ public function getItem($pk = null) { if ($item = parent::getItem($pk)) { if (!empty($item->params)) { // Convert the params field to an array. $registry = new Registry(); $registry->loadString($item->params); $item->params = $registry->toArray(); } if (!empty($item->metadata)) { // Convert the metadata field to an array. $registry = new Registry(); $registry->loadString($item->metadata); $item->metadata = $registry->toArray(); } if (!empty($item->causesrisks)) { // JSON Decode causesrisks. $item->causesrisks = json_decode($item->causesrisks); } // Get the advanced encription key. $advancedkey = CostbenefitprojectionHelper::getCryptKey('advanced'); // Get the encription object. $advanced = new FOFEncryptAes($advancedkey, 256); if (!empty($item->medical_turnovers_females) && $advancedkey && !is_numeric($item->medical_turnovers_females) && $item->medical_turnovers_females === base64_encode(base64_decode($item->medical_turnovers_females, true))) { // advanced decript data medical_turnovers_females. $item->medical_turnovers_females = rtrim($advanced->decryptString($item->medical_turnovers_females), ""); } if (!empty($item->females) && $advancedkey && !is_numeric($item->females) && $item->females === base64_encode(base64_decode($item->females, true))) { // advanced decript data females. $item->females = rtrim($advanced->decryptString($item->females), ""); } if (!empty($item->sick_leave_males) && $advancedkey && !is_numeric($item->sick_leave_males) && $item->sick_leave_males === base64_encode(base64_decode($item->sick_leave_males, true))) { // advanced decript data sick_leave_males. $item->sick_leave_males = rtrim($advanced->decryptString($item->sick_leave_males), ""); } if (!empty($item->medical_turnovers_males) && $advancedkey && !is_numeric($item->medical_turnovers_males) && $item->medical_turnovers_males === base64_encode(base64_decode($item->medical_turnovers_males, true))) { // advanced decript data medical_turnovers_males. $item->medical_turnovers_males = rtrim($advanced->decryptString($item->medical_turnovers_males), ""); } if (!empty($item->total_salary) && $advancedkey && !is_numeric($item->total_salary) && $item->total_salary === base64_encode(base64_decode($item->total_salary, true))) { // advanced decript data total_salary. $item->total_salary = rtrim($advanced->decryptString($item->total_salary), ""); } if (!empty($item->sick_leave_females) && $advancedkey && !is_numeric($item->sick_leave_females) && $item->sick_leave_females === base64_encode(base64_decode($item->sick_leave_females, true))) { // advanced decript data sick_leave_females. $item->sick_leave_females = rtrim($advanced->decryptString($item->sick_leave_females), ""); } if (!empty($item->total_healthcare) && $advancedkey && !is_numeric($item->total_healthcare) && $item->total_healthcare === base64_encode(base64_decode($item->total_healthcare, true))) { // advanced decript data total_healthcare. $item->total_healthcare = rtrim($advanced->decryptString($item->total_healthcare), ""); } if (!empty($item->males) && $advancedkey && !is_numeric($item->males) && $item->males === base64_encode(base64_decode($item->males, true))) { // advanced decript data males. $item->males = rtrim($advanced->decryptString($item->males), ""); } if (!empty($item->id)) { $item->tags = new JHelperTags(); $item->tags->getTagIds($item->id, 'com_costbenefitprojection.company'); } } $this->companyvvvv = $item->id; $this->companyvvvw = $item->id; return $item; }