public static function encrypt($sData, $asKey = null)
{
$sKey = empty($asKey) ? FlexiConfig::$sEncryptionKey : $asKey;
$blowfish = new Crypt_Blowfish($sKey);
return $blowfish->encrypt($sData);
//return mcrypt_encrypt( MCRYPT_BLOWFISH, $sKey, $sData, MCRYPT_MODE_CBC, self::getMode() );
}
function fetchData($username, $password)
{
switch ($this->options['cryptType']) {
case 'blowfish':
include_once 'Crypt/Blowfish.php';
$bf = new Crypt_Blowfish($this->options['cryptKey']);
$password = $bf->encrypt($password);
$password = base64_encode($password);
break;
default:
if (function_exists($this->options['cryptType'])) {
$password = $this->options['cryptType']($password);
}
break;
}
$req = new HTTP_Request();
$req->setURL($this->options['URL']);
$req->setMethod(HTTP_REQUEST_METHOD_GET);
$req->addQueryString($this->options['usernameKey'], $username);
$req->addQueryString($this->options['passwordKey'], $password);
if (!PEAR::isError($req->sendRequest())) {
$response = $req->getResponseBody();
} else {
return false;
}
$unserializer = new XML_Unserializer();
if ($unserializer->unserialize($response)) {
$this->result_value = $unserializer->getUnserializedData();
if ($this->result_value[$this->options['resultKey']] == $this->options['correctValue']) {
return true;
}
}
return false;
}
/**
* loginNow
*
* Try and log the user in.
*
* @access public
* @return void
*/
public function loginNow()
{
$this->tplFile = 'Login.tpl';
$form = $this->createLoginForm();
if ($form->validate()) {
$result = $this->user->authenticate($_POST['email'], $_POST['password']);
if (!$result) {
$this->setData('loginError', _('Login failed'));
$this->setData('QF_Form', $form->toHtml());
$this->session->email = null;
$this->session->password = null;
return;
}
$crypt = new Crypt_Blowfish((string) Framework::$site->config->mcryptKey);
$emailArray = explode('@', $_POST['email']);
$this->session->user = $emailArray[0];
$this->session->domain = $emailArray[1];
$this->session->email = $_POST['email'];
$this->session->password = $crypt->encrypt($_POST['password']);
$this->session->lastActionTime = time();
header('Location: ./index.php?module=Home');
return;
} else {
$this->setData('QF_Form', $form->toHtml());
}
}
public function encrypt($plaintext)
{
if (($length = strlen($plaintext)) >= 1048576) {
return false;
}
$ciphertext = '';
$paddedtext = $this->maxi_pad($plaintext);
$strlen = strlen($paddedtext);
for ($x = 0; $x < $strlen; $x += 8) {
$piece = substr($paddedtext, $x, 8);
$cipher_piece = parent::encrypt($piece);
$encoded = base64_encode($cipher_piece);
$ciphertext = $ciphertext . $encoded;
}
return $ciphertext . sprintf('%06d', $length);
}
public function __destruct()
{
if (!defined('TM_SESSION_SAVED')) {
if ($this->encryption) {
$cookie =& $this->using('cookie');
$sess_key = preg_replace('/[^a-zA-Z0-9]/', '', $cookie->get('sess_key'));
if (strlen($sess_key) == 12) {
$bf = new Crypt_Blowfish($sess_key);
$data = function_exists('gzcompress') && $this->compress ? gzcompress(serialize($_SESSION)) : serialize($_SESSION);
$_SESSION = array();
$_SESSION['data'] = $bf->encrypt($data);
$_SESSION['pass'] = md5(TM_UNIQUE_STR);
} else {
$_SESSION = array();
}
}
session_write_close();
$_SESSION = array();
define('TM_SESSION_SAVED', true);
}
}
function wrap_bp_encrypt($cipher_id, $key, $text, $iv)
{
if ($cipher_id !== 'blowfish') {
$last_bp_error = 'PEAR/Crypt/Blowfish: encrypt: unknown_cipher';
return false;
}
$bf = new Crypt_Blowfish('cbc');
$iv_size = strlen($iv);
if ($iv_size !== false && $iv_size > 0) {
$bf->setKey($key, $iv);
} else {
$bf->setKey($key);
}
if (PEAR::isError($text)) {
$last_bp_error = 'PEAR/Crypt/Blowfish: encrypt: ' . $text->getMessage();
return false;
}
$text = $bf->encrypt($text);
if (PEAR::isError($text)) {
$last_bp_error = 'PEAR/Crypt/Blowfish: encrypt: ' . $text->getMessage();
return false;
}
return $text;
}
function encryptText($text)
{
require_once 'Crypt/Blowfish.php';
$bf = new Crypt_Blowfish(ENCRYPTKEY);
$encrypted = $bf->encrypt($text);
return bin2hex($encrypted);
}
/**
* Uses blowfish to encrypt data and base 64 encodes it. It stores the iv as part of the data
* @param STRING key - key to base encoding off of
* @param STRING data - string to be encrypted and encoded
* @return string
*/
function blowfishEncode($key, $data)
{
$bf = new Crypt_Blowfish($key);
$encrypted = $bf->encrypt($data);
return base64_encode($encrypted);
}
/**
* modifyAccountNow
*
* Modify Acount
*
* @access public
* @return void
*/
public function modifyAccountNow()
{
// Make sure account was supplied
if (!isset($_REQUEST['account'])) {
throw new Framework_Exception(_("Error: no account supplied"));
}
$account = $_REQUEST['account'];
// See what user_info to use
if ($this->user->isDomainAdmin($this->domain)) {
$account_info = $this->user->userInfo($this->domain, $account);
} else {
$account_info = $this->user->loginUser;
}
// Get .qmail info if it exists
try {
$dot_qmail = $this->user->readFile($this->domain, $_REQUEST['account'], '.qmail');
} catch (Net_Vpopmaild_Exception $e) {
$dot_qmail = '';
}
$defs = $this->parseHomeDotqmail($dot_qmail, $account_info);
$form = $this->modifyAccountForm($account, $defs);
if (!$form->validate()) {
$this->setData('message', _("Error Modifying Account"));
$renderer =& new HTML_QuickForm_Renderer_AssocArray();
$form->accept($renderer);
$this->setData('form', $renderer->toAssocArray());
$this->tplFile = 'modifyAccount.tpl';
return;
}
// update password / comment if it's changing
$changePass = 0;
$changeComment = 0;
$password = $form->getElementValue('password');
$comment = $form->getElementValue('comment');
if (!empty($password)) {
$account_info['clear_text_password'] = $password;
$changePass = 1;
}
if (!empty($comment)) {
$account_info['comment'] = $comment;
}
if ($changePass || $changeComment) {
$this->user->modUser($this->domain, $_REQUEST['account'], $account_info);
}
if ($changePass && $account == $this->user->loginUser['name'] && $this->domain == $this->user->loginUser['domain']) {
$crypt = new Crypt_Blowfish((string) Framework::$site->config->mcryptKey);
$this->session->password = $crypt->encrypt($password);
}
// Determine new routing
$routing = '';
$save_a_copy = 0;
if ($_REQUEST['routing'] == 'routing_standard') {
$routing = 'standard';
} else {
if ($_REQUEST['routing'] == 'routing_deleted') {
$routing = 'deleted';
} else {
if ($_REQUEST['routing'] == 'routing_forwarded') {
if (empty($_REQUEST['forward'])) {
$this->setData('message', _('Error: you must supply a forward address'));
return $this->modifyAccount();
} else {
$forward = $_REQUEST['forward'];
}
$routing = 'forwarded';
if (isset($_REQUEST['save_a_copy'])) {
$save_a_copy = 1;
}
} else {
$this->setData('message', _('Error: unsupported routing selection'));
return $this->modifyAccount();
}
}
}
// Check for vacation
$vacation = 0;
if (isset($_REQUEST['vacation']) && $_REQUEST['vacation'] == 1) {
$vacation = 1;
$vacation_subject = $_REQUEST['vacation_subject'];
$vacation_body = $_REQUEST['vacation_body'];
}
// Are we deleting a vacation message?
if ($vacation == 0 && $defs['vacation'] == ' checked') {
// Kill old message
$this->user->rmDir($this->domain, $account_info['name'], 'vacation');
}
// Build .qmail contents
$dot_qmail_contents = '';
if ($routing == 'deleted') {
$dot_qmail_contents = "# delete";
} else {
if ($routing == 'forwarded') {
$dot_qmail_contents = "&{$forward}";
if ($save_a_copy == 1) {
$dot_qmail_contents .= "\n./Maildir/";
}
}
}
if ($vacation == 1) {
if (strlen($dot_qmail_contents) > 0) {
$dot_qmail_contents .= "\n";
}
$vacation_dir = $account_info['user_dir'] . '/vacation';
$dot_qmail_contents .= '| ' . $this->user->vpopmailRobotProgram;
$dot_qmail_contents .= ' ' . $this->user->vpopmailRobotTime;
$dot_qmail_contents .= ' ' . $this->user->vpopmailRobotNumber;
$dot_qmail_contents .= " {$vacation_dir}/message {$vacation_dir}";
}
$dot_qmail_file = '.qmail';
if (strlen($dot_qmail_contents) > 0) {
$contents = explode("\n", $dot_qmail_contents);
// Write .qmail file
$result = $this->user->writeFile($contents, $this->domain, $account_info['name'], $dot_qmail_file);
// Add vacation files
if ($vacation == 1) {
$vcontents = "From: " . $account_info['name'] . "@{$this->domain}";
$vcontents .= "\n";
$vcontents .= "Subject: {$vacation_subject}\n\n";
$vcontents .= $vacation_body;
$contents = explode("\n", $vcontents);
$vdir = 'vacation';
$message = 'vacation/message';
// Delete existing file
try {
$this->user->rmDir($this->domain, $account_info['name'], $vdir);
} catch (Net_Vpopmaild_Exception $e) {
}
// Make vacation directory
$result = $this->user->mkDir($this->domain, $account_info['name'], $vdir);
// Write vacation message
$result = $this->user->writeFile($contents, $this->domain, $account_info['name'], $message);
}
} else {
try {
$this->user->rmFile($this->domain, $account_info['name'], $dot_qmail_file);
} catch (Net_Vpopmaild_Exception $e) {
}
}
$url = "./?module=Accounts&class=Modify&event=modifyAccount";
$url .= "&domain={$this->domain}&account={$account_info['name']}&modified=1";
header("Location: {$url}");
return;
}
function encrypt($plaintext)
{
$ciphertext = '';
$paddedtext = $this->maxi_pad($plaintext);
$strlen = strlen($paddedtext);
for ($x = 0; $x < $strlen; $x += 8) {
$piece = substr($paddedtext, $x, 8);
$cipher_piece = parent::encrypt($piece);
$encoded = base64_encode($cipher_piece);
$ciphertext = $ciphertext . $encoded;
}
return $ciphertext;
}
/**
* @brief encryption using legacy blowfish method
* @param $data string data to encrypt
* @param $passwd string password
* @return string
*/
function legacyEncrypt($data, $passwd)
{
$bf = new \Crypt_Blowfish($passwd);
$crypted = $bf->encrypt($data);
return $crypted;
}
/**
* @brief decryption of an content
* @param $content the cleartext message you want to decrypt
* @param $key the encryption key
* @returns cleartext content
*
* This function decrypts an content
*/
public static function decrypt($content, $key)
{
$bf = new Crypt_Blowfish($key);
return $bf->encrypt($contents);
}
/** Encrpytes a value using the blowfish cipher. As key the Security.salt
* value is used
@param value Value to cipher
@return Return of the chiphered value in base64 encoding. To distinguish
ciphed value, the ciphed value has a prefix of '$E$' i
@see _decryptValue(), _packValue(), _generateSalt() */
function _encryptValue($value, $config)
{
extract($config);
$bf = new Crypt_Blowfish($key);
$enclose = $this->_packValue($value, $this->_generateSalt($value, $key, $saltLen), $padding);
$encrypted = $bf->encrypt($enclose);
if (PEAR::isError($encrypted)) {
$this->log($encrypted->getMessage());
return false;
}
return $prefix . base64_encode($encrypted);
}
/**
* Uses blowfish to encrypt data and base 64 encodes it. It stores the iv as part of the data
* @param string key - key to base encoding off of
* @param string data - string to be encrypted and encoded
* @param object Crypt_Blowfish object
* @return string
*/
public function generateRequest($key, $data, $bf = null)
{
if (!$bf) {
// @codeCoverageIgnoreStart
$bf = new Crypt_Blowfish($key);
}
// @codeCoverageIgnoreEnd
$encrypted = $bf->encrypt($data);
$encrypted = base64_encode($encrypted);
$output = "----- BEGIN LICENSE REQUEST -----\n";
$i = 0;
$len = strlen($encrypted);
while ($i + 80 < $len) {
$output .= substr($encrypted, $i, 80) . "\n";
$i += 80;
}
$output .= substr($encrypted, $i) . "\n";
$output .= "----- END LICENSE REQUEST -----\n";
return $output;
}
// PEAR.
ini_set('include_path', BABEL_PREFIX . '/libs/pear' . PATH_SEPARATOR . ini_get('include_path'));
require_once 'Crypt/Blowfish.php';
if (strtoupper($_SERVER['REQUEST_METHOD']) == 'POST') {
$db = mysql_connect(BABEL_DB_HOSTNAME . ':' . BABEL_DB_PORT, BABEL_DB_USERNAME, BABEL_DB_PASSWORD);
if ($db) {
mysql_select_db(BABEL_DB_SCHEMATA);
mysql_query("SET NAMES utf8");
mysql_query("SET CHARACTER SET utf8");
mysql_query("SET COLLATION_CONNECTION='utf8_general_ci'");
}
$rt = vx_check_login();
if ($rt['errors'] == 0) {
$bf = new Crypt_Blowfish(BABEL_BLOWFISH_KEY);
setcookie('babel_usr_email', $rt['usr_email_value'], time() + 2678400, '/', BABEL_DNS_DOMAIN);
setcookie('babel_usr_password', $bf->encrypt(sha1($rt['usr_password_value'])), time() + 2678400, '/', BABEL_DNS_DOMAIN);
$_SESSION['babel_usr_email'] = $rt['usr_email_value'];
$_SESSION['babel_usr_password'] = sha1($rt['usr_password_value']);
$rt['mode'] = 'ok';
if (trim($rt['return']) != '') {
if (preg_match('/logout/i', $rt['return'])) {
header('Location: /');
die;
} else {
header('Location: ' . $rt['return']);
die;
}
}
} else {
$rt['mode'] = 'error';
}
function call_encrypt($key, $plain_text) {
// call pear init & call
//call_pear_init();
require_once ('Crypt/Blowfish.php');
// Create the Crypt_Blowfish object using a secret key. The key must be
//protected at all costs. The key is like a password to access the data.
$blowfish = new Crypt_Blowfish($key);
// This is the text we will encrypt
$encrypted = $blowfish->encrypt($plain_text);
$encrypted = bin2hex($encrypted);
return($encrypted);
}
function passwordEncrypt($passwd)
{
if ($passwd == "") {
return "";
}
$blowfish = new Crypt_Blowfish(CBF_KEY);
$encrypted = $blowfish->encrypt($passwd);
$encrypt_char = base64_encode($encrypted);
return $encrypt_char;
}
function checkDeviceId($key = '')
{
if ($this->vars['ua']['isBot'] || strpos($this->myRoot . $this->SERVER['REQUEST_URI'], str_replace('&', '&', $this->Config_redirect)) === 0) {
return true;
}
if ($this->vars['ua']['carrier'] === 'docomo') {
// docomo only
if (empty($_POST)) {
$now = time();
if (!isset($_SESSION['hypKtaiStartTime'])) {
$_SESSION['hypKtaiStartTime'] = 0;
}
if ($_SESSION['hypKtaiStartTime'] + $this->Config_docomoGuidTTL < $now && strpos(strtolower($this->SERVER['REQUEST_URI']), 'guid=') === FALSE) {
$_SESSION['hypKtaiStartTime'] = $now;
// 未取得なので guid=on をつけてリダイレクト
$joint = strpos($this->SERVER['REQUEST_URI'], '?') === FALSE ? '?' : '&';
$url = $this->myRoot . $this->SERVER['REQUEST_URI'] . $joint . 'guid=on';
if (!$this->vars['ua']['allowCookie']) {
$url = $this->removeSID($url);
$sid = '&' . $this->session_name . '=' . session_id();
} else {
$sid = '';
}
header('Location: ' . $url . $sid);
return 'redirect';
}
}
// PEAR
$incPath = ini_get('include_path');
$addPath = XOOPS_TRUST_PATH . '/PEAR';
if (strpos($incPath, $addPath) === FALSE) {
ini_set('include_path', $incPath . PATH_SEPARATOR . $addPath);
}
require_once 'Crypt/Blowfish.php';
$blowfish = new Crypt_Blowfish($key);
// Crypt_Blowfish => 1.0.1
//$blowfish = Crypt_Blowfish::factory('ecb', $key); // Crypt_Blowfish => 1.1.0RC1
if (strpos(strtolower($this->SERVER['REQUEST_URI']), 'guid=') === FALSE && !$this->vars['ua']['uid'] && isset($_SESSION['hypKtaiUserId'])) {
// セッションに登録済み
$_SERVER['HTTP_X_DCMGUID'] = $this->vars['ua']['uid'] = rtrim($blowfish->decrypt(base64_decode($_SESSION['hypKtaiUserId'])), "");
} else {
if ($this->vars['ua']['uid'] && !isset($_SESSION['hypKtaiUserId'])) {
// セッションに登録されていなければ登録
$_SESSION['hypKtaiUserId'] = base64_encode($blowfish->encrypt($this->vars['ua']['uid']));
} else {
if (isset($_SESSION['hypKtaiUserId'])) {
// セッション登録値と比較
if ($_SESSION['hypKtaiUserId'] != base64_encode($blowfish->encrypt($this->vars['ua']['uid']))) {
return false;
}
}
}
}
//$_SESSION['hyp_redirect_message'] = $_SERVER['HTTP_X_DCMGUID'];
} else {
// other carrier
if ($this->vars['ua']['uid'] && !isset($_SESSION['hypKtaiUserId'])) {
// セッションに登録されていなければ登録
$_SESSION['hypKtaiUserId'] = md5($this->vars['ua']['uid'] . $key);
} else {
if (isset($_SESSION['hypKtaiUserId'])) {
// セッション登録値と比較
if ($_SESSION['hypKtaiUserId'] != md5($this->vars['ua']['uid'] . $key)) {
return false;
}
}
}
}
return true;
}
/**
* Encrypts data using Blowfish
*
* Requires either `mcrypt` extension or `Crypt_Blowfish` PEAR package.
*
* @param mixed $data Data to encrypt
* @param string $pass_phrase Secret passphrase to encrypt the data
* @param bool $url_safe Ensure the Base 64-encoded output is URL safe (Optional, disabled by default)
* @return string|bool Base 64-encoded encrypted data, or `false` if encryption is not available
* @api
*/
public static function encrypt($data, $pass_phrase = '', $url_safe = false)
{
@(include_once "Crypt/Blowfish.php");
// PEAR
if (($use_mcrypt = extension_loaded('mcrypt')) === false || !class_exists('\\Crypt_Blowfish')) {
return false;
}
$pass_phrase = hash('sha256', $pass_phrase . NONCE_SALT, true);
if ($use_mcrypt) {
$result = mcrypt_encrypt(MCRYPT_BLOWFISH, $pass_phrase, $data, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB), MCRYPT_RAND));
} else {
$bf = new \Crypt_Blowfish($pass_phrase);
$result = $bf->encrypt($data);
}
$result = base64_encode($result);
if ($url_safe) {
$result = self::base64UrlSafe($result);
}
return $result;
}
/**
*
*
* @param
* @return
*/
function encrypt($name, $string)
{
if (!$name && !$string) {
return $string;
}
global $application;
$session_id = session_id();
$key = md5($session_id . $this->uuid());
$tables = $this->getTables();
$table = 'crypto_keys';
$k = $tables[$table]['columns'];
$query = new DB_Select();
$query->addSelectField($k["key"], "crypto_key");
$query->WhereValue($k["id"], DB_EQ, $session_id);
$query->WhereAnd();
$query->WhereValue($k["name"], DB_EQ, $name);
$result = $application->db->getDB_Result($query);
if (isset($result[0]['crypto_key']) && $result[0]['crypto_key']) {
$query = new DB_Update($table);
$query->addUpdateValue($k["key"], $key);
$query->addUpdateValue($k['lifetime'], time() + 600);
$query->WhereValue($k["id"], DB_EQ, $session_id);
$query->WhereAnd();
$query->WhereValue($k["name"], DB_EQ, $name);
$application->db->getDB_Result($query);
} else {
$query = new DB_Insert($table);
$query->addInsertValue($session_id, $k['id']);
$query->addInsertValue($name, $k['name']);
$query->addInsertValue($key, $k['key']);
$query->addInsertValue(time() + 600, $k['lifetime']);
$application->db->getDB_Result($query);
}
$blowfish = new Crypt_Blowfish($key);
$encrypted_string = $blowfish->encrypt($string);
return $encrypted_string;
}
function insert($reload = true)
{
if (!isset($this->is_approved)) {
$this->is_approved = !$this->getDi()->config->get('manually_approve');
}
if (empty($this->remote_addr)) {
$this->remote_addr = htmlentities(@$_SERVER['REMOTE_ADDR']);
}
if (empty($this->user_agent)) {
$this->user_agent = @$_SERVER['HTTP_USER_AGENT'];
}
if (empty($this->added)) {
$this->added = $this->getDi()->sqlDateTime;
}
$this->getDi()->hook->call(new Am_Event_UserBeforeInsert($this));
$ret = parent::insert($reload);
if ($this->_passwordChanged) {
$event = new Am_Event_SetPassword($this, $this->getPlaintextPass());
$this->getDi()->savedPassTable->setPass($event);
$this->getDi()->hook->call($event);
}
if ($this->_passwordGenerated) {
$crypt = new Crypt_Blowfish($this->getDi()->app->getSiteKey());
$pg = $crypt->encrypt($this->getPlaintextPass());
$this->getDi()->store->set('pass-generated-' . $this->pk(), base64_encode($pg), '+6 hours');
}
$this->getDi()->hook->call(new Am_Event_UserAfterInsert($this));
$this->_passwordChanged = false;
return $ret;
}
mysql_query("SET NAMES utf8");
mysql_query("SET CHARACTER SET utf8");
mysql_query("SET COLLATION_CONNECTION='utf8_general_ci'");
$__usr = mysql_real_escape_string($_usr, $db);
$__password = sha1($_password);
if (preg_match('/@/', $usr)) {
$sql = "SELECT usr_id, usr_nick, usr_email, usr_password FROM babel_user WHERE usr_email = '{$__usr}' AND usr_password = '******'";
} else {
$sql = "SELECT usr_id, usr_nick, usr_email, usr_password FROM babel_user WHERE usr_nick = '{$__usr}' AND usr_password = '******'";
}
$rs = mysql_query($sql);
if ($User = mysql_fetch_object($rs)) {
mysql_free_result($rs);
$bf = new Crypt_Blowfish(BABEL_BLOWFISH_KEY);
setcookie('babel_usr_email', $User->usr_email, time() + 2678400, '/');
setcookie('babel_usr_password', $bf->encrypt($User->usr_password), time() + 2678400, '/');
$_SESSION['babel_usr_email'] = $User->usr_email;
$_SESSION['babel_usr_password'] = $User->usr_password;
$__t = time();
$__ua = mysql_real_escape_string($_SERVER['HTTP_USER_AGENT'], $db);
$sql = "UPDATE macau_user SET usr_logins = usr_logins + 1, usr_lastlogin = {$__t}, usr_lastlogin_ua = '{$__ua}' WHERE usr_id = {$User->usr_id}";
mysql_unbuffered_query($sql);
} else {
mysql_free_result($rs);
}
}
}
if (!$to) {
$to = $_prev;
}
header('Location: ' . $to);
