/** * * Generate code using given parameters * @param array $paramsArray */ public function generate(OTCConfig $config = null) { if ($config === null) { $config = new OTCConfig(); } $paramsArray = $config->paramsArray; if (isset($paramsArray['r'])) { throw new RuntimeException("Key 'r' is not allowed to be present in \$paramsArray. Please remove or rename it."); } $paramsArray['r'] = generateRandomString(12); $keyValArray = array(); $keysUniqueCheckArray = array(); foreach ($paramsArray as $key => $value) { if (preg_match("/[:;]/", $key) or preg_match("/[:;]/", $value)) { throw new RuntimeException("Invalid characters in \$paramsArray. No ; or : characters are allowed!"); } if (in_array($key, $keysUniqueCheckArray)) { throw new RuntimeException("Duplicate key '{$key}' in \$paramsArray. It's not allowed!"); } array_push($keysUniqueCheckArray, $key); array_push($keyValArray, "{$key}:{$value}"); } $stringToEncrypt = implode(";", $keyValArray); $encryptedString = AES256::encrypt($stringToEncrypt); if (strlen($encryptedString) > static::CODE_MAX_LENGTH) { throw new RuntimeException("Resulting code is longer than allowed " . static::CODE_MAX_LENGTH . " characters!"); } $qb = new QueryBuilder(); $qb->insert(Tbl::get('TBL_ONE_TIME_CODES'))->values(array("code" => $encryptedString, "multi" => $config->multiUse ? 1 : 0, "usage_limit" => $config->usageLimit ? $config->usageLimit : new Literal("NULL"), "not_cleanable" => $config->notCleanable ? 1 : 0, "valid_until" => $config->validityTime ? new Func('FROM_UNIXTIME', $qb->expr()->sum(new Func('UNIX_TIMESTAMP', new Func('NOW')), $config->validityTime)) : new Literal("NULL"))); $this->query->exec($qb->getSQL()); return $encryptedString; }
/** * * Generate code using given parameters * @param array $paramsArray */ public function generate(OTCConfig $config = null) { if ($config === null) { $config = new OTCConfig(); } $paramsArray = $config->paramsArray; if (isset($paramsArray['r'])) { throw new RuntimeException("Key 'r' is not allowed to be present in \$paramsArray. Please remove or rename it."); } $paramsArray['r'] = generateRandomString(12); $keyValArray = array(); $keysUniqueCheckArray = array(); foreach ($paramsArray as $key => $value) { if (preg_match("/[:;]/", $key) or preg_match("/[:;]/", $value)) { throw new RuntimeException("Invalid characters in \$paramsArray. No ; or : characters are allowed!"); } if (in_array($key, $keysUniqueCheckArray)) { throw new RuntimeException("Duplicate key '{$key}' in \$paramsArray. It's not allowed!"); } array_push($keysUniqueCheckArray, $key); array_push($keyValArray, "{$key}:{$value}"); } $stringToEncrypt = implode(";", $keyValArray); $encryptedString = AES256::encrypt($stringToEncrypt); if (strlen($encryptedString) > static::CODE_MAX_LENGTH) { throw new RuntimeException("Resulting code is longer than allowed " . static::CODE_MAX_LENGTH . " characters!"); } $this->query->exec("INSERT INTO `" . Tbl::get('TBL_ONE_TIME_CODES') . "` \n\t\t\t\t\t\t\t\t\t(`code`, `multi`, `usage_limit`, `not_cleanable`, `valid_until`) \n\t\t\t\t\t\t\t\t\tVALUES(\t'{$encryptedString}', \n\t\t\t\t\t\t\t\t\t\t\t'" . ($config->multiUse ? '1' : '0') . "',\n\t\t\t\t\t\t\t\t\t\t\t" . ($config->usageLimit ? "'{$config->usageLimit}'" : "NULL") . ",\n\t\t\t\t\t\t\t\t\t\t\t'" . ($config->notCleanable ? '1' : '0') . "',\n\t\t\t\t\t\t\t\t\t\t\t" . ($config->validityTime ? "FROM_UNIXTIME(UNIX_TIMESTAMP(NOW()) + {$config->validityTime})" : 'NULL') . ")"); return $encryptedString; }
public function send_link($data) { $data = array("username" => $data["username"], "password" => $data["password"], "email" => strtolower($data["email"]), "fullname" => $data["fullname"], "timestamp" => time()); $data["signature"] = $this->get_signature($data); $link = json_encode($data); $aes = new AES256($this->settings->secret_website_code); if (($link = $aes->encrypt($link)) === false) { return false; } if (($link = base64_encode($link)) === false) { return false; } $link = strtr($link, "/+=", "_-:"); $email = new email("Confirm account creation at " . $_SERVER["SERVER_NAME"], $this->settings->webmaster_email); $email->set_message_fields(array("FULLNAME" => $data["fullname"], "HOSTNAME" => $_SERVER["SERVER_NAME"], "PROTOCOL" => $_SERVER["HTTP_SCHEME"], "LINK" => $link)); $email->message(file_get_contents("../extra/register.txt")); if ($email->send($data["email"], $data["fullname"]) == false) { return false; } return true; }
/** * Write long term login cookie for the user. * Ususally used in remember me functionality in login forms. * * @param User $usr */ protected function writeLoginCookie(User $usr) { $dateInfo = getdate(); $expTime = $dateInfo[0] + 60 * 60 * 24 * $this->config->rememberDaysCount; $cookieValue = AES256::encrypt($usr->id . ":" . hash('sha256', $usr->login . ":" . $usr->password)); setcookie($this->config->loginCookieName, $cookieValue, $expTime, '/'); }