public function index() { var_dump(Security::hash('sha256', 'test')); $c = Security::encrypt('blowfish', 'test', 'cbc'); $e = Security::decrypt($c['ciphertext'], 'blowfish', 'cbc', $c['key'], $c['iv_size']); var_dump('test : ' . $c['ciphertext']); var_dump('test : ' . $e); }
public static function decrypt($string) { $sections = explode('|', $string); if (count($sections) == 2) { $output = trim(Security::decrypt(MCRYPT_RIJNDAEL_256, self::$encryptionKey, $sections[0], MCRYPT_MODE_CBC, base64_decode($sections[1]))); list($hash, $data) = explode('|', $output, 2); if ($hash && $data) { $hashed = Security::hmac('sha256', $data, self::$validationKey); if ($hash == $hashed) { $data = unserialize($data); return new AuthenticationTicket($data[0], $data[1], $data[2]); } } } return false; }
public function afterFind($results, $primary = false) { App::uses('Security', 'Utility'); foreach ($this->encryptedFields as $fieldName) { if (!isset($results[$this->alias])) { foreach ($results as $i => $data) { if (!empty($data[$this->alias][$fieldName])) { $results[$i][$this->alias][$fieldName] = Security::decrypt($data[$this->alias][$fieldName], Configure::read('Security.key')); } } } if (!empty($results[$this->alias][$fieldName])) { $results[$this->alias][$fieldName] = Security::decrypt($results[$this->alias][$fieldName], Configure::read('Security.key')); } } return $results; }
public static function decryptURL($input, $key) { return Security::decrypt(base64_decode(urldecode($input)), $key); }
Рефакторинг и комментарии от AntifreeZZe */ //Если не определить, connect.php кинет ошибку define('INCLUDE_CHECK', true); //А вот и сам connect.php include "connect.php"; include_once "ecodes.php"; include_once "loger.php"; include_once "security.php"; //Ставим тип ответа и кодировку (UTF-8) header('Content-Type : text/plain; charset=utf-8'); //parse_str($_SERVER['QUERY_STRING'],$_POST); //Получаем данные и расшифровываем $x = rawurldecode($_POST['action']); //@$x = str_replace(" ", "+", $x); $yd = Security::decrypt($x, $key2); #echo $yd; //Парсим расшифрованное $json = json_decode($yd, true); $action = $json['action']; $client = $json['client']; $login = $json['login']; $postPass = $json['pass']; $launchermd5 = $json['md5']; //@list($action, $client, $login, $postPass, $launchermd5) = explode(':', $yd); //Проверяем соответствие лаунчера if ($checklauncher) { /*if($launchermd5 != null) { if($launchermd5 == @$md5launcherexe) {
/** * Test that empty data cause errors * * @expectedException CakeException * @expectedExceptionMessage The data to decrypt cannot be empty. * @return void */ public function testDecryptInvalidData() { $txt = ''; $key = 'This is a key that is long enough to be ok.'; Security::decrypt($txt, $key); }
$smtp_log = "smtp_local_settings.log"; } else { $smtp_log = "smtp_online_settings.log"; } DEFINE('TLW_WEBMASTER', "*****@*****.**"); if (file_exists($_SERVER['DOCUMENT_ROOT'] . '/admin/inc/' . $settings_log)) { $settings_raw = file_get_contents($_SERVER['DOCUMENT_ROOT'] . '/admin/inc/' . $settings_log); if (!empty($settings_raw)) { $settings = unserialize($settings_raw); //Global Email address settings DEFINE('TLW_SOURCE_EMAIL', $settings['src_email']); DEFINE('TLW_SOURCE_NAME', $settings['src_name']); DEFINE('TLW_REPLY_EMAIL', $settings['reply_email']); DEFINE('TLW_REPLY_NAME', $settings['reply_name']); DEFINE('TLW_IMPORT_EMAIL', $settings['import_email']); DEFINE('TLW_IT_EMAIL', $settings['it_admin_email']); DEFINE('TLW_IT_NAME', $settings['it_admin_name']); } } if (file_exists($_SERVER['DOCUMENT_ROOT'] . '/admin/inc/' . $smtp_log)) { $secure_pass = new Security(); $smtp_settings_raw = file_get_contents($_SERVER['DOCUMENT_ROOT'] . '/admin/inc/' . $smtp_log); if (!empty($smtp_settings_raw)) { $smtp_settings = unserialize($smtp_settings_raw); //Global SMTP settings DEFINE('TLW_SMTP_HOST', $smtp_settings['smtp_host']); DEFINE('TLW_SMTP_PORT', $smtp_settings['smtp_port']); DEFINE('TLW_SMTP_USER', $smtp_settings['smtp_user']); DEFINE('TLW_SMTP_PWD', $secure_pass->decrypt($smtp_settings['smtp_pwd'])); } }
<?php include 'security.php'; include 'config.php'; setlocale(LC_MONETARY, 'de_DE'); // read input and decode it $myRentalId = Security::decrypt($_GET["id"], $key); $myRentalIdExploded = explode("_", $myRentalId); $dateExploded = explode("-", $myRentalIdExploded[0]); $year = $dateExploded[0]; $month = $dateExploded[1]; $day = $dateExploded[2]; $dayId = $myRentalIdExploded[1]; $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, "{$backend}/rest/rental/{$year}/{$month}/{$day}/{$dayId}"); curl_setopt($curl, CURLOPT_HTTPHEADER, array('Accept: application/json', 'Content-Type: application/json', 'username:'******'password:' . $password)); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); $response = curl_exec($curl); $code = curl_getinfo($curl, CURLINFO_HTTP_CODE); // log file_put_contents("myrental.log", date("Y-m-d H:i:s", time()) . " " . "{$year}-{$month}-{$day} {$dayId} {$code}\n", FILE_APPEND); curl_close($curl); ?> <html> <head> <title>Bootsvermietung EPPEL - meine Bootsfahrt</title> <link rel="stylesheet" href="boatpos.css"> <link href="favicon.ico" rel="shortcut icon" type="image/x-icon"/>
/** * Decodes and decrypts a single value. * * @param string $value The value to decode & decrypt. * @return string Decoded value. */ protected function _decode($value) { $prefix = 'Q2FrZQ==.'; $pos = strpos($value, $prefix); if ($pos === false) { return $this->_explode($value); } $value = base64_decode(substr($value, strlen($prefix))); if ($this->_type === 'rijndael') { $plain = Security::rijndael($value, $this->key, 'decrypt'); } if ($this->_type === 'cipher') { $plain = Security::cipher($value, $this->key); } if ($this->_type === 'aes') { $plain = Security::decrypt($value, $this->key); } return $this->_explode($plain); }
function before_action() { if ($this->sessionType == 'cookie' || $this->sessionIDType == 'cookie') { if (empty($this->controller->Cookie)) { e('Cookie-based sessions require the Cookie component to be loaded'); die; } } if ($this->sessionType == 'database') { throw new Exception('Database-persisted sessions are not implemented yet'); if (empty($this->controller->Db)) { e('Database-persisted sessions require the Db component to be loaded'); die; } } else { if ($this->sessionType == 'file') { if (empty($this->controller->File)) { e('File-persisted sessions require the File component to be loaded'); die; } } } $this->clear_expired_sessions(); // Load the session if available $this->inSession = false; // get the session id $this->sessionID = null; if ($this->sessionType == 'cookie' || $this->sessionIDType == 'cookie') { // Load from the cookie: if (!empty($this->controller->Cookie->data[$this->sessionCookieName])) { $this->sessionID = $this->controller->Cookie->data[$this->sessionCookieName]['session_id']; } } else { if ($this->sessionIDType == 'url') { $this->sessionID = $this->controller->data['session_id']; // the session ID is encrypted, so decrypt it before use $this->sessionID = Security::decrypt($this->sessionID); } } if (empty($this->sessionID)) { return; } // get the session if ($this->sessionType == 'file') { $sessionFilename = $this->__get_session_filename(); if ($this->controller->File->exists($sessionFilename)) { $this->data = $this->controller->File->read_object($sessionFilename); if (empty($this->data)) { $this->data = array(); } $this->inSession = true; } } else { if ($this->sessionType == 'database') { } else { if ($this->sessionType == 'cookie') { if (!empty($this->controller->Cookie->data[$this->sessionCookieName]) && !empty($this->controller->Cookie->data[$this->sessionCookieName]['session_data'])) { $this->data = $this->controller->Cookie->data[$this->sessionCookieName]['session_data']; if (empty($this->data)) { $this->data = array(); } $this->inSession = true; } } } } }
function __decrypt_data($arr = null) { $security = new Security($this->config); if (empty($arr)) { $arr =& $this->data; } if (empty($arr)) { return null; } foreach ($arr as $k => $v) { if (!is_array($v)) { $arr[$k] = $security->decrypt($v); } else { $arr[$k] = $this->__decrypt_data($v); } } return $arr; }
<?php include 'security.php'; $value = "example"; $key = "1234567891234567"; //16 Character Key echo Security::encrypt($value, $key); echo Security::decrypt(Security::encrypt($value, $key), $key);
/** * Descriptograda e retorna uma sessão específica do usuário * @param string $name nome da sessão a ser retornada * @throws TriladoException disparado se a configuração 'salt' não for definida ou o valor for vazio * @return mixed retorna o valor sessão descriptografado */ public static function get($name) { if (Config::get('salt') == null) { throw new ConfigNotFoundException("A configuração 'salt' não pode ter o valor nulo"); } self::start(); if (isset($_SESSION['Trilado.Core.Session'][$name])) { return Security::decrypt($_SESSION['Trilado.Core.Session'][$name], self::key()); } }
<?php echo GridView::widget(['dataProvider' => $dataProvider, 'filterModel' => $searchModel, 'columns' => [['class' => 'yii\\grid\\SerialColumn'], 'nombre', ['attribute' => 'correo', 'value' => function ($searchModel) { return Security::decrypt($searchModel->email); }], 'comentario:ntext', ['attribute' => 'noticia_id', 'format' => 'raw', 'value' => function ($searchModel) { return Html::a($searchModel->noticia->titulo, "@web/articulo/" . $searchModel->noticia->seo_slug); }], ['attribute' => 'estado', 'format' => 'raw', 'value' => function ($searchModel) { if ($searchModel->estado === 0) { return "<span class='glyphicon glyphicon-remove'></span>"; } else { return "<span class='glyphicon glyphicon-ok'></span>"; } }], ['class' => 'yii\\grid\\ActionColumn', 'template' => '{update} {delete} {aprobar}', 'buttons' => ['aprobar' => function ($url, $model) { if ($model->estado === 0) { return Html::a('<span class="glyphicon glyphicon-thumbs-up"></span>', $url, ['title' => Yii::t('app', 'Aprobar comentario')]); } }, 'update' => function ($url, $model) { return Html::a('<span class="glyphicon glyphicon-pencil"></span>', $url, ['title' => Yii::t('app', 'Actualizar')]); }], 'urlCreator' => function ($action, $model, $key, $index) { if ($action === 'aprobar') { return yii\helpers\Url::to(['comentario/aprobar', 'id' => $key]); } elseif ($action == 'update') { return yii\helpers\Url::to(['comentario/update/', 'id' => $key]); } elseif ($action === 'delete') { return yii\helpers\Url::to(['comentario/delete/', 'id' => $key]); } }]]]);
public static function isValid($response, $username = "", $salt = "", $panel = true) { if ($panel) { $_username = "******"; $_name = "_panel_name"; $_ninjaPower = "_panel_ninja_power"; $_hash = "_panel_hash"; $_user_ref = "_panel_user_ref"; } else { $_username = "******"; $_name = "_openctf_name"; $_ninjaPower = "_openctf_ninja_power"; $_hash = "_openctf_hash"; $_user_ref = "_openctf_user_ref"; } $response->cookie($_user_ref, $username, time() + 86400 * 30, "/", Session::getDomain(), Session::isSecure()); if ($username == "" && $salt == "") { if (isset($_COOKIE[$_username]) && isset($_COOKIE[$_name]) && isset($_COOKIE[$_ninjaPower]) && isset($_COOKIE[$_hash])) { return true; } } if (isset($_COOKIE[$_username]) && isset($_COOKIE[$_name]) && isset($_COOKIE[$_ninjaPower]) && isset($_COOKIE[$_hash])) { if ($username == $_COOKIE[$_username]) { $time = Security::decrypt($_COOKIE[$_ninjaPower], $salt); $hash = hash("sha256", $salt . $username . $time); if ($hash == $_COOKIE[$_hash]) { return true; } else { return false; } } else { return false; } } else { return false; } }
/** * Check the hidden captcha's values * * @param string $formId [optional] The id to use to generate input elements (default = "hcptch") * @param integer $minLimit [optional] Submission minimum time limit in seconds (default = 5) * @param integer $maxLimit [optional] Submission maximum time limit in seconds (default = 1200) * @return boolean Return false if the submitter is a robot */ public static function checkCaptcha($formId = 'hcptch', $minLimit = 5, $maxLimit = 1200) { // get posted values $values = Request::getInstance()->post($formId); // Check post values if ($values === null || !isset($values['spinner']) || !isset($values['name'])) { self::$_error = self::$CAPTCHA_VALUES_NOT_SUBMITTED; return false; } // Hidden field is set if ($values['name'] !== '') { self::$_error = self::$CAPTCHA_SPAMBOT_AUTO_FILL; return false; } // Get the spinner values $spinner = Security::decrypt($values['spinner']); $spinner = @unserialize($spinner); // Spinner is null or unserializable if (!$spinner || !is_array($spinner) || empty($spinner)) { self::$_error = self::$CAPTCHA_SPINNER_ERROR; return false; } // Check the random posted field $hField = $values[$spinner['hfield_name']]; if (!isset($spinner['captcha']) && (!isset($hField) || $hField === '')) { self::$_error = self::$CAPTCHA_VALUES_NOT_SUBMITTED; return false; } // Check time limits $now = time(); if ($now - $spinner['timestamp'] < $minLimit || $now - $spinner['timestamp'] > $maxLimit) { self::$_error = self::$CAPTCHA_TIME_LIMIT_ERROR; return false; } // We have a classic captcha with an image if (isset($spinner['captcha'])) { if (strtolower($hField) !== $spinner['captcha']) { self::$_error = self::$CAPTCHA_IMAGE_ERROR; return false; } } else { // Check if the random field value is similar to the spinner value if (!ctype_digit($hField) || $spinner['timestamp'] != $hField) { self::$_error = self::$CAPTCHA_HFIELD_ERROR; return false; } } // Check spinner values if (!isset($spinner['session_id'], $spinner['ip'], $spinner['user_agent']) && $spinner['session_id'] !== session_id && $spinner['ip'] !== self::_getIp() && $spinner['user_agent'] !== $_SERVER['HTTP_USER_AGENT']) { self::$_error = self::$CAPTCHA_SPINNER_ERROR; return false; } // Unset post values if (isset($_POST[$formId])) { unset($_POST[$formId]); } // everything is ok, return true return true; }