/**
* RIJNDAEL 256: two-way encryption/decryption, with a URL-safe base64 wrapper.
*
* Falls back on XOR encryption/decryption when/if mcrypt is not possible.
*
* @package s2Member\Utilities
* @since 3.5
*
* @param str $string A string of data to encrypt.
* @param str $key Optional. Key used for encryption. Defaults to the one configured for s2Member. Short of that, defaults to: ``wp_salt()``.
* @param bool $w_md5_cs Optional. Defaults to true. When true, an MD5 checksum is used in the encrypted string *(recommended)*.
* @return str Encrypted string.
*/
public static function encrypt($string = FALSE, $key = FALSE, $w_md5_cs = TRUE)
{
if (function_exists("mcrypt_encrypt") && in_array("rijndael-256", mcrypt_list_algorithms()) && in_array("cbc", mcrypt_list_modes())) {
$string = is_string($string) ? $string : "";
$string = strlen($string) ? "~r2|" . $string : "";
$key = c_ws_plugin__s2member_utils_encryption::key($key);
$key = substr($key, 0, mcrypt_get_key_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC));
$iv = c_ws_plugin__s2member_utils_strings::random_str_gen(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC), false);
if (strlen($string) && is_string($e = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $string, MCRYPT_MODE_CBC, $iv)) && strlen($e)) {
$e = "~r2:" . $iv . ($w_md5_cs ? ":" . md5($e) : "") . "|" . $e;
}
return isset($e) && is_string($e) && strlen($e) ? $base64 = c_ws_plugin__s2member_utils_strings::base64_url_safe_encode($e) : "";
} else {
// Fallback on XOR encryption.
return c_ws_plugin__s2member_utils_encryption::xencrypt($string, $key, $w_md5_cs);
}
}
/**
* Generates a PayPal Proxy Key, for simulated IPN responses.
*
* @package s2Member\PayPal
* @since 3.5
*
* @return string A Proxy Key. It's an MD5 Hash, 32 chars, URL-safe.
*/
public static function paypal_proxy_key_gen()
{
global $current_site, $current_blog;
foreach (array_keys(get_defined_vars()) as $__v) {
$__refs[$__v] =& ${$__v};
}
do_action("ws_plugin__s2member_before_paypal_proxy_key_gen", get_defined_vars());
unset($__refs, $__v);
if (is_multisite() && !is_main_site()) {
$key = md5(c_ws_plugin__s2member_utils_encryption::xencrypt($current_blog->domain . $current_blog->path, false, false));
} else {
// Else it's a standard Proxy Key; not on a Multisite Network, or not on the Main Site anyway.
$key = md5(c_ws_plugin__s2member_utils_encryption::xencrypt(preg_replace("/\\:[0-9]+\$/", "", $_SERVER["HTTP_HOST"]), false, false));
}
return apply_filters("ws_plugin__s2member_paypal_proxy_key_gen", $key, get_defined_vars());
}
/**
* Creates a File Download Key.
*
* Builds a hash of: ``date('Y-m-d') . $_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT'] . $file``.
*
* @package s2Member\Files
* @since 3.5
*
* @param string $file Location of your protected file, relative to the `/s2member-files/` directory.
* In other words, just the name of the file *(i.e., `file.zip` )*.
* @param string $directive Optional. One of `ip-forever|universal|cache-compatible`.
* `ip-forever` = a Download Key that never expires, tied only to a specific file and IP address.
* `universal` and/or `cache-compatible` = a Download Key which never expires, and is NOT tied to any specific User. Use at your own risk.
*
* @return string A Download Key. MD5 hash, 32 characters, URL-safe.
*/
public static function file_download_key($file = NULL, $directive = NULL)
{
foreach (array_keys(get_defined_vars()) as $__v) {
$__refs[$__v] =& ${$__v};
}
do_action('ws_plugin__s2member_before_file_download_key', get_defined_vars());
unset($__refs, $__v);
$file = $file && is_string($file) && ($file = trim($file, '/')) ? $file : '';
if ($directive === 'ip-forever' && c_ws_plugin__s2member_no_cache::no_cache_constants(TRUE)) {
$salt = $file . $_SERVER['REMOTE_ADDR'];
} else {
if ($directive === 'universal' || $directive === 'cache-compatible' || $directive) {
$salt = $file;
} else {
if (c_ws_plugin__s2member_no_cache::no_cache_constants(TRUE)) {
$salt = date('Y-m-d') . $_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT'] . $file;
}
}
}
$key = !empty($salt) ? md5(c_ws_plugin__s2member_utils_encryption::xencrypt($salt, FALSE, FALSE)) : '';
return apply_filters('ws_plugin__s2member_file_download_key', $key, get_defined_vars());
}
function s2member_xencrypt($string = FALSE, $key = FALSE, $w_md5_cs = TRUE)
{
return c_ws_plugin__s2member_utils_encryption::xencrypt($string, $key, $w_md5_cs);
}
/**
* Creates a File Download Key.
*
* Builds a hash of: ``date("Y-m-d") . $_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"] . $file``.
*
* @package s2Member\Files
* @since 3.5
*
* @param str $file Location of your protected file, relative to the `/s2member-files/` directory.
* In other words, just the name of the file *(i.e. `file.zip` )*.
* @param str $directive Optional. One of `ip-forever|universal|cache-compatible`.
* `ip-forever` = a Download Key that never expires, tied only to a specific file and IP address.
* `universal` and/or `cache-compatible` = a Download Key which never expires, and is NOT tied to any specific User. Use at your own risk.
* @return str A Download Key. MD5 hash, 32 characters, URL-safe.
*/
public static function file_download_key($file = FALSE, $directive = FALSE)
{
foreach (array_keys(get_defined_vars()) as $__v) {
$__refs[$__v] =& ${$__v};
}
do_action("ws_plugin__s2member_before_file_download_key", get_defined_vars());
unset($__refs, $__v);
$file = $file && is_string($file) && ($file = trim($file, "/")) ? $file : "";
if ($directive === "ip-forever" && c_ws_plugin__s2member_no_cache::no_cache_constants(true)) {
$salt = $file . $_SERVER["REMOTE_ADDR"];
} else {
if ($directive === "universal" || $directive === "cache-compatible" || $directive) {
$salt = $file;
} else {
if (c_ws_plugin__s2member_no_cache::no_cache_constants(true)) {
$salt = date("Y-m-d") . $_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"] . $file;
}
}
}
$key = !empty($salt) ? md5(c_ws_plugin__s2member_utils_encryption::xencrypt($salt, false, false)) : "";
return apply_filters("ws_plugin__s2member_file_download_key", $key, get_defined_vars());
}
/**
* RIJNDAEL 256: two-way encryption/decryption, with a URL-safe base64 wrapper.
*
* Falls back on XOR encryption/decryption when/if mcrypt is not possible.
*
* @package s2Member\Utilities
* @since 3.5
*
* @param string $string A string of data to encrypt.
* @param string $key Optional. Key used for encryption. Defaults to the one configured for s2Member. Short of that, defaults to: ``wp_salt()``.
* @param bool $w_md5_cs Optional. Defaults to true. When true, an MD5 checksum is used in the encrypted string *(recommended)*.
*
* @return string Encrypted string.
*/
public static function encrypt($string = '', $key = '', $w_md5_cs = TRUE)
{
if (function_exists('mcrypt_encrypt') && in_array('rijndael-256', mcrypt_list_algorithms()) && in_array('cbc', mcrypt_list_modes())) {
$string = is_string($string) ? $string : '';
$string = isset($string[0]) ? '~r2|' . $string : '';
$key = c_ws_plugin__s2member_utils_encryption::key($key);
$key = substr($key, 0, mcrypt_get_key_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC));
$iv = c_ws_plugin__s2member_utils_strings::random_str_gen(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC), FALSE);
if (isset($string[0]) && is_string($e = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $string, MCRYPT_MODE_CBC, $iv)) && isset($e[0])) {
$e = '~r2:' . $iv . ($w_md5_cs ? ':' . md5($e) : '') . '|' . $e;
}
return isset($e) && is_string($e) && isset($e[0]) ? $base64 = c_ws_plugin__s2member_utils_strings::base64_url_safe_encode($e) : '';
// Default to empty string.
}
return c_ws_plugin__s2member_utils_encryption::xencrypt($string, $key, $w_md5_cs);
}
/**
* Generates an API Key, for Remote Operations.
*
* @package s2Member\API_Remote_Ops
* @since 110713
*
* @return string An API Key. It's an MD5 Hash, 32 chars, URL-safe.
*/
public static function remote_ops_key_gen()
{
global $current_site, $current_blog;
if ($GLOBALS['WS_PLUGIN__']['s2member']['o']['pro_remote_ops_key']) {
$key = $GLOBALS['WS_PLUGIN__']['s2member']['o']['pro_remote_ops_key'];
} else {
if (is_multisite() && !is_main_site()) {
// Child blogs in a MS network get their own key.
$key = md5(c_ws_plugin__s2member_utils_encryption::xencrypt($current_blog->domain . $current_blog->path, FALSE, FALSE));
} else {
$key = md5(c_ws_plugin__s2member_utils_encryption::xencrypt(preg_replace('/\\:[0-9]+$/', '', $_SERVER['HTTP_HOST']), FALSE, FALSE));
}
}
return apply_filters('ws_plugin__s2member_pro_remote_ops_key', !empty($key) ? $key : '');
}
/**
* Generates an API Key, for Remote Operations.
*
* @package s2Member\API_Remote_Ops
* @since 110713
*
* @return str An API Key. It's an MD5 Hash, 32 chars, URL-safe.
*/
public static function remote_ops_key_gen()
{
global $current_site, $current_blog;
/* Multisite Networking. */
/**/
if (is_multisite() && !is_main_site()) {
$key = md5(c_ws_plugin__s2member_utils_encryption::xencrypt($current_blog->domain . $current_blog->path, false, false));
} else {
/* Else it's a standard API Key; not on a Multisite Network, or not on the Main Site anyway. */
$key = md5(c_ws_plugin__s2member_utils_encryption::xencrypt(preg_replace("/\\:[0-9]+\$/", "", $_SERVER["HTTP_HOST"]), false, false));
}
/**/
return !empty($key) ? $key : "";
/* Else an empty string. */
}
/**
* Generates an API Key, for Remote Operations.
*
* @package s2Member\API_Remote_Ops
* @since 110713
*
* @return str An API Key. It's an MD5 Hash, 32 chars, URL-safe.
*/
public static function remote_ops_key_gen()
{
global $current_site, $current_blog;
if (is_multisite() && !is_main_site()) {
$key = md5(c_ws_plugin__s2member_utils_encryption::xencrypt($current_blog->domain . $current_blog->path, false, false));
} else {
// Else it's a standard API Key; not on a Multisite Network, or not on the Main Site anyway.
$key = md5(c_ws_plugin__s2member_utils_encryption::xencrypt(preg_replace("/\\:[0-9]+\$/", "", $_SERVER["HTTP_HOST"]), false, false));
}
return apply_filters("ws_plugin__s2member_pro_remote_ops_key", !empty($key) ? $key : "");
}
