/**
* Decrypts given string with crypt, blowfish and base64 with private key
*
* @param String $stringToDesalt String to encode
* @return String $decodedString encoded String
*/
public function getDecodedString($stringToDesalt)
{
$cipherKey = crypt(base64_decode($stringToDesalt), $this->getPrivateKey());
$bf = new Blowfish($cipherKey.$this->getPrivateKey());
$decodedString = $bf->decrypt(base64_decode($stringToDesalt));
return $decodedString;
}
/**
* Hook display on form create account
* Add an additional input on bottom for fill the sponsor's e-mail address
*/
public function hookCreateAccountForm($params)
{
include_once dirname(__FILE__) . '/ReferralProgramModule.php';
if (Configuration::get('PS_CIPHER_ALGORITHM')) {
$cipherTool = new Rijndael(_RIJNDAEL_KEY_, _RIJNDAEL_IV_);
} else {
$cipherTool = new Blowfish(_COOKIE_KEY_, _COOKIE_IV_);
}
$explodeResult = explode('|', $cipherTool->decrypt(urldecode(Tools::getValue('sponsor'))));
if ($explodeResult and count($explodeResult) > 1 and list($id_referralprogram, $email) = $explodeResult and (int) $id_referralprogram and !empty($email) and Validate::isEmail($email) and $id_referralprogram == ReferralProgramModule::isEmailExists($email)) {
$referralprogram = new ReferralProgramModule($id_referralprogram);
if (Validate::isLoadedObject($referralprogram)) {
/* hack for display referralprogram information in form */
$_POST['customer_firstname'] = $referralprogram->firstname;
$_POST['firstname'] = $referralprogram->firstname;
$_POST['customer_lastname'] = $referralprogram->lastname;
$_POST['lastname'] = $referralprogram->lastname;
$_POST['email'] = $referralprogram->email;
$_POST['email_create'] = $referralprogram->email;
$sponsor = new Customer((int) $referralprogram->id_sponsor);
$_POST['referralprogram'] = $sponsor->email;
}
}
return $this->display(__FILE__, 'authentication.tpl');
}
function updateTracking($static = false, $idShop = 0, $idGroupShop = 0)
{
$api = new ShipwireTracking();
$api->retrieveFull();
$d = $api->sendData();
if ($d['Status']) {
if ($static) {
return false;
} else {
die('KO');
}
}
if ($d['TotalOrders'] > 0) {
foreach ($d['Order'] as $order) {
$o = array();
if (isset($order['@attributes'])) {
$o = $order['@attributes'];
}
if (!isset($o['id'])) {
Logger::addLog('Shipwire: Order ID not defined. >>>>' . print_r($d, true) . '<<<<', 4);
continue;
}
$orderExists = Db::getInstance()->ExecuteS('SELECT `id_order`
FROM `' . _DB_PREFIX_ . 'shipwire_order`
WHERE `id_order` = ' . (int) $o['id'] . ' LIMIT 1');
if (isset($orderExists[0]['id_order']) && !empty($orderExists[0]['id_order'])) {
Db::getInstance()->Execute('UPDATE `' . _DB_PREFIX_ . 'shipwire_order` SET ' . (isset($order['TrackingNumber']) ? '`tracking_number` = \'' . pSQL($order['TrackingNumber']) . '\',' : '') . (isset($o['shipped']) ? '`shipped` = \'' . pSQL($o['shipped']) . '\'' : '') . (isset($o['shipper']) ? ',`shipper` = \'' . pSQL($o['shipper']) . '\'' : '') . (isset($o['shipDate']) ? ',`shipDate` = \'' . pSQL($o['shipDate']) . '\'' : '') . (isset($o['expectedDeliveryDate']) ? ',`expectedDeliveryDate` = \'' . pSQL($o['expectedDeliveryDate']) . '\'' : '') . (isset($o['href']) ? ',`href` = \'' . pSQL($o['href']) . '\'' : '') . (isset($o['shipperFullName']) ? ',`shipperFullName` = \'' . pSQL($o['shipperFullName']) . '\'' : '') . ' WHERE `id_order` = ' . (int) $o['id']);
} else {
Db::getInstance()->Execute('INSERT INTO `' . _DB_PREFIX_ . 'shipwire_order`
(`id_order`, `id_shop`, `id_group_shop`, `tracking_number`, `shipped`, `shipper`, `shipDate`, `expectedDeliveryDate`, `href`, `shipperFullName`)
VALUES (
\'' . pSQL($o['id']) . '\'' . ',' . (int) $idShop . ',' . (int) $idGroupShop . (isset($order['TrackingNumber']) ? ',\'' . pSQL($order['TrackingNumber']) . '\'' : ',\'\'') . (isset($o['shipped']) ? ',\'' . pSQL($o['shipped']) . '\'' : ',\'\'') . (isset($o['shipper']) ? ',\'' . pSQL($o['shipper']) . '\'' : ',\'\'') . (isset($o['shipDate']) ? ',\'' . pSQL($o['shipDate']) . '\'' : ',\'\'') . (isset($o['expectedDeliveryDate']) ? ',\'' . pSQL($o['expectedDeliveryDate']) . '\'' : ',\'\'') . (isset($o['href']) ? ',\'' . pSQL($o['href']) . '\'' : ',\'\'') . (isset($o['shipperFullName']) ? ',\'' . pSQL($o['shipperFullName']) . '\'' : ',\'\'') . ')');
}
$result = Db::getInstance()->getValue('SELECT `transaction_ref`
FROM `' . _DB_PREFIX_ . 'shipwire_order`
WHERE `id_order` = ' . (int) $o['id']);
if (empty($result)) {
$module = new Shipwire();
$module->updateOrderStatus((int) $o['id'], true);
}
if (isset($order['TrackingNumber'])) {
Db::getInstance()->Execute('UPDATE `' . _DB_PREFIX_ . 'orders`
SET `shipping_number` = \'' . pSQL($order['TrackingNumber']) . '\'
WHERE `id_order` = ' . (int) $o['id']);
if ($o['id']) {
$psOrder = new Order($o['id']);
if ($psOrder->id) {
$history = new OrderHistory();
$history->id_order = $o['id'];
if (isset($o['shipped']) && $o['shipped'] == 'YES') {
$history->changeIdOrderState(Configuration::get('SHIPWIRE_SENT_ID'), $o['id']);
}
$history->addWithemail();
}
}
}
}
}
if (Configuration::get('PS_CIPHER_ALGORITHM')) {
$cipherTool = new Rijndael(_RIJNDAEL_KEY_, _RIJNDAEL_IV_);
} else {
$cipherTool = new Blowfish(_COOKIE_KEY_, _COOKIE_IV_);
}
$shipWireInventoryUpdate = new ShipwireInventoryUpdate(Configuration::get('SHIPWIRE_API_USER'), $cipherTool->decrypt(Configuration::get('SHIPWIRE_API_PASSWD')));
$shipWireInventoryUpdate->getInventory();
if ($static) {
return true;
} else {
die('OK');
}
}
/**
* Hook display on form create account
* Add an additional input on bottom for fill the sponsor's e-mail address
*/
public function hookCreateAccountForm($params)
{
global $smarty;
$blowfish = new Blowfish(_COOKIE_KEY_, _COOKIE_IV_);
$explodeResult = explode('|', $blowfish->decrypt(urldecode(Tools::getValue('sponsor'))));
if ($explodeResult and count($explodeResult) > 1 and list($id_referralprogram, $email) = $explodeResult and intval($id_referralprogram) and Validate::isEmail($email) and $id_referralprogram == ReferralProgramModule::isEmailExists($email)) {
$referralprogram = new ReferralProgramModule($id_referralprogram);
if (Validate::isLoadedObject($referralprogram)) {
/* hack for display referralprogram information in form */
$_POST['customer_firstname'] = $referralprogram->firstname;
$_POST['firstname'] = $referralprogram->firstname;
$_POST['customer_lastname'] = $referralprogram->lastname;
$_POST['lastname'] = $referralprogram->lastname;
$_POST['email'] = $referralprogram->email;
$_POST['email_create'] = $referralprogram->email;
$sponsor = new Customer($referralprogram->id_sponsor);
$_POST['referralprogram'] = $sponsor->email;
}
}
return $this->display(__FILE__, 'authentication.tpl');
}
/**
* This method decrypts $content using the password $key.<br />
* If the mcrypt extension is installed, it will use $cipher as cipher and
* $mode as mode.<br />
* If not, no matter what is given in $cipher and $mode, this method will use
* blowfish in CBC mode, with RFC padding style. In this case, it uses Matt Harris'
* blowfish class instead of the mcrypt extension.
* @param str $content The encrypted text to decrypt.
* @param str $key The secret key. Defaults to an empty string.
* @param str $cipher One of the MCRYPT_ciphername PHP constants. Defaults to MCRYPT_RIJNDAEL_256.
* @param str $mode One of the MCRYPT_MODE_modename PHP constants. Defaults to MCRYPT_MODE_CBC.
* @return str The decrypted text.
*/
public function uncrypt($content, $key = '', $cipher = MCRYPT_RIJNDAEL_256, $mode = MCRYPT_MODE_CBC)
{
$this->debug(__FUNCTION__, 2, __LINE__);
$this->debug('Uncrypting with key ' . $key, 3, __LINE__);
if (!empty($content)) {
if ($this->mcrypt_active) {
$iv_size = mcrypt_get_iv_size($cipher, $mode);
$iv = substr(md5('hskjdh kjqsdnqndqs; sqnd;qskjdhkjha knd;n;za jkah'), 0, $iv_size);
$content = substr($content, $iv_size);
if ($key == '') {
$key = MD5(__CLASS__ . 'defaultpass');
$this->debug('No key given. We will use ' . $key, 3, __LINE__);
} else {
$key = MD5(__CLASS__ . $key);
$this->debug('A key was given. We will use ' . $key, 3, __LINE__);
}
$uncrypted = mcrypt_decrypt($cipher, $key, $content, $mode, $iv);
$ret = rtrim($uncrypted, "");
} else {
$iv = md5('jdqlkj ,ql dqd45dq454 ù;:sqmqdqsdd1216qq2s sqqsd!');
// We will use the blowfish class instead of mcrypt
$ret = Blowfish::decrypt($content, $key, Blowfish::BLOWFISH_MODE_CBC, Blowfish::BLOWFISH_PADDING_RFC, $iv);
}
return $ret;
}
return 'Nothing to uncrypt...';
}
/**
* Statistics
* @category stats
*
* @author Damien Metzger / Epitech
* @copyright Epitech / PrestaShop
* @license http://www.opensource.org/licenses/osl-3.0.php Open-source licence 3.0
* @version 1.1
*/
if (!isset($_POST['token']) or !isset($_POST['type'])) {
die;
}
include dirname(__FILE__) . '/config/config.inc.php';
$blowfish = new Blowfish(_COOKIE_KEY_, _COOKIE_IV_);
$token = $blowfish->decrypt($_POST['token']);
if ($_POST['type'] == 'navinfo') {
if (!Validate::isUnsignedId(intval($token))) {
exit;
}
$guest = new Guest($token);
$guest->javascript = true;
$guest->screen_resolution_x = intval($_POST['screen_resolution_x']);
$guest->screen_resolution_y = intval($_POST['screen_resolution_y']);
$guest->screen_color = intval($_POST['screen_color']);
$guest->sun_java = intval($_POST['sun_java']);
$guest->adobe_flash = intval($_POST['adobe_flash']);
$guest->adobe_director = intval($_POST['adobe_director']);
$guest->apple_quicktime = intval($_POST['apple_quicktime']);
$guest->real_player = intval($_POST['real_player']);
$guest->windows_media = intval($_POST['windows_media']);
} else {
list($key, $plaintext, $expected_ciphertext) = preg_split('/\\s+/', $v);
$iv = NULL;
}
$key = trim($key);
$key = pack('H' . strlen($key), $key);
if ($mode == Blowfish::BLOWFISH_MODE_CBC) {
$iv = trim($iv);
$iv = pack('H' . strlen($iv), $iv);
}
$plaintext = trim($plaintext);
$plaintext = pack('H' . strlen($plaintext), $plaintext);
$expected_ciphertext = trim($expected_ciphertext);
$expected_ciphertext = pack('H' . strlen($expected_ciphertext), $expected_ciphertext);
# test vectors were created with different padding types
if ($mode == Blowfish::BLOWFISH_MODE_CBC) {
$padding = Blowfish::BLOWFISH_PADDING_ZERO;
} else {
$padding = Blowfish::BLOWFISH_PADDING_NONE;
}
$actual_ciphertext = Blowfish::encrypt($plaintext, $key, $mode, $padding, $iv);
$actual_deciphered = Blowfish::decrypt($expected_ciphertext, $key, $mode, $padding, $iv);
$cipher_result = $actual_ciphertext == $expected_ciphertext ? 'PASS' : 'FAIL';
$plain_result = $actual_deciphered == $plaintext ? 'PASS' : 'FAIL';
if ($mode != Blowfish::BLOWFISH_MODE_CBC) {
echo sprintf('%-50s%-20s%-20s%-10s%-20s%-20s%-10s%s', base64_encode($key), base64_encode($plaintext), base64_encode($actual_deciphered), $plain_result, base64_encode($expected_ciphertext), base64_encode($actual_ciphertext), $cipher_result, PHP_EOL);
} else {
echo sprintf('%-21s%-50s%-50s%-10s%s%-21s%-50s%-50s%-10s%s', $key, base64_encode($plaintext), base64_encode($actual_deciphered), $plain_result, PHP_EOL, $iv, base64_encode($expected_ciphertext), base64_encode($actual_ciphertext), $cipher_result, PHP_EOL);
}
}
}
<?php
require_once '../blowfish.php';
$examples = array(array('d)U>tQwbUWIozi2R"fOvK0Wuxyl79P%Uxr>;7iiy,b0hByATUB', 'x03nMwK34x&ciSUH0I1got', 'password'), array('RiV3wc615X6J2lzK', 'QndancjtdZ&b_J5aeId62x7Kxu`[dFFt{t7yGcS+O!w7JbAlQe', 'p'), array('d)U>tQwbUWIozi2R"fOvK0Wuxyl79P%Uxr>;7iiy,b0hByATUB', 'x03nMwK34x&ciSUH0I1got', 'Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.'), array('This is my secret key and it can be plain text', 'What about this initialisation vector?', 'I hope you know this invalidates my warranty'), array('This is my secret key and it can be plain test', 'What about this initialisation vector?', ''));
foreach ($examples as $ex) {
$ciphertext = Blowfish::encrypt($ex[2], $ex[0], Blowfish::BLOWFISH_MODE_CBC, Blowfish::BLOWFISH_PADDING_RFC, $ex[1]);
$deciphered = Blowfish::decrypt($ciphertext, $ex[0], Blowfish::BLOWFISH_MODE_CBC, Blowfish::BLOWFISH_PADDING_RFC, $ex[1]);
echo '<pre>';
printf('Plaintext: %s (length %d)%s', $ex[2], strlen($ex[2]), PHP_EOL);
printf('Ciphertext: %s (length %d)%s', $ciphertext, strlen($ciphertext), PHP_EOL);
printf('Deciphered text: %s (length %d)%s', $deciphered, strlen($deciphered), PHP_EOL);
}
