public function postAction(Request $request)
{
$repo = $this->get('tekstove.user.repository');
/* @var $repo \Tekstove\ApiBundle\Model\User\UserRepository */
$recaptchaSecret = $this->container->getParameter('tekstove_api.recaptcha.secret');
$requestData = \json_decode($request->getContent(), true);
$userData = $requestData['user'];
$recaptchaData = $requestData['recaptcha'];
$user = new User();
try {
$recaptcha = new \ReCaptcha\ReCaptcha($recaptchaSecret);
$recaptchaResponse = $recaptcha->verify($recaptchaData['g-recaptcha-response']);
if (!$recaptchaResponse->isSuccess()) {
$recaptchaException = new UserHumanReadableException("Recaptcha validation failed");
$recaptchaException->addError("recaptcha", "Validation failed");
throw $recaptchaException;
}
$user->setUsername($userData['username']);
$user->setMail($userData['mail']);
$user->setPassword($this->hashPassword($userData['password']));
$user->setapiKey(sha1(str_shuffle(uniqid())));
$repo->save($user);
} catch (UserHumanReadableException $e) {
$view = $this->handleData($request, $e->getErrors());
$view->setStatusCode(400);
return $view;
}
}
/**
* @param int $length
* @return string
* @throws \Exception
*/
public static final function solt($length)
{
if ((int) $length > 62) {
throw new \Exception('Max solt length can not be more that 62 characters!');
}
return substr(str_shuffle(implode(array_merge(range('a', 'z'), range('A', 'Z'), range('0', '9')))), 0, $length);
}
/**
* Send register sms
* @param $mobile
* @param $event
* @return bool
*/
public function sendEventSMS($mobile, $event)
{
if (empty($mobile) || !isset(self::$types[$event])) {
return 4001;
}
# Detection is already register
$user = ORM::factory('user');
$count = $user->where('mobile', '=', $mobile)->find_all()->count();
if (empty($count)) {
$cache = Cache::instance();
$lastSendTime = $cache->get(self::$types[$event]['sendTimeKey'] . $mobile);
if (!empty($lastSendTime) && time()->{$lastSendTime} < self::MIN_SEND_TIME) {
return 2001;
}
$code = substr(str_shuffle('0123456789'), 0, 6);
if (self::sendSMS($mobile, $code, self::$types[$event]['tplID']) === TRUE) {
$cache->set(self::$types[$event]['codeKey'] . $mobile, $code);
$cache->set(self::$types[$event]['sendTimeKey'] . $mobile, time());
return TRUE;
} else {
return 2003;
}
} else {
return 2000;
}
}
public function __construct($mainDirectory, $originalName, $structure = TRUE, $fixNewName = null)
{
if (!(is_string($originalName) && strlen($originalName) > 0)) {
return;
}
if (!is_dir($mainDirectory)) {
mkdir($mainDirectory, 0777, TRUE);
}
if (!is_writable($mainDirectory)) {
chmod($mainDirectory, 0777);
}
$actDir = $mainDirectory;
if ($structure === TRUE) {
$date = date('Y/m/d/');
if (!is_dir($actDir = $mainDirectory . $date)) {
mkdir($actDir, 0777, TRUE);
chmod($actDir, 0777);
}
}
$explOriginal = explode(DIRECTORY_SEPARATOR, $originalName);
$expl = explode('.', $explOriginal[count($explOriginal) - 1]);
$fileName = '';
if ($fixNewName === NULL) {
for ($i = 0; $i < count($expl) - 1; $i++) {
$fileName .= $expl[$i] . '-';
}
$fileName .= str_shuffle(substr(md5(rand(0, time())), 0, 10));
$fileName .= '.' . $expl[count($expl) - 1];
} else {
$fileName = $fixNewName;
}
$this->newFileName = $actDir . strtolower($fileName);
}
/**
* Constructor
* @param WC_Gateway_Komoju $gateway
*/
public function __construct($gateway)
{
$this->gateway = $gateway;
$this->notify_url = $this->gateway->notify_url;
$this->request_id = substr(str_shuffle("0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 6);
$this->Komoju_endpoint = '/ja/api/' . $this->gateway->accountID . '/transactions/';
}
/**
*
*/
public function activate()
{
$params = array();
$params['username'] = vc_post_param('username');
$params['version'] = WPB_VC_VERSION;
$params['key'] = vc_post_param('key');
$params['api_key'] = vc_post_param('api_key');
$params['url'] = get_site_url();
$params['ip'] = isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : '';
$params['dkey'] = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
$string = 'activatelicense?';
$request_url = self::getWpbControlUrl(array($string, http_build_query($params, '', '&')));
$response = wp_remote_get($request_url, array('timeout' => 300));
if (is_wp_error($response)) {
echo json_encode(array('result' => false));
die;
}
$result = json_decode($response['body']);
if (!is_object($result)) {
echo json_encode(array('result' => false));
die;
}
if ((bool) $result->result === true || (int) $result->code === 401 && isset($result->deactivation_key)) {
$this->setDeactivation(isset($result->code) && (int) $result->code === 401 ? $result->deactivation_key : $params['dkey']);
vc_settings()->set('envato_username', $params['username']);
vc_settings()->set('envato_api_key', $params['api_key']);
vc_settings()->set('js_composer_purchase_code', $params['key']);
echo json_encode(array('result' => true));
die;
}
echo $response['body'];
die;
}
/**
* 重置密钥
* @param $key
*/
public static function reset($key)
{
$phptime = date("Y-m-d H:i:s.u");
$k = substr(str_shuffle(md5(microtime())), rand(1, 5), 18);
DB::table('passports')->where('key', $key)->update(['secret' => $k, 'updated_at' => $phptime]);
return 1;
}
/**
*
* 返回6位随机数
*/
function random_number()
{
$m = '0123456789';
$s = str_shuffle($m);
$str = substr($s, 1, 6);
return $str;
}
/**
* Cette fonction connecte un utilisateur, et le redirige sur la page d'accueil
* @param string $_POST['mail'] : L'email de l'utilisateur
* @param string $_POST['password'] : Le mot de passe de l'utilisateur
* @return void
*/
public function connection()
{
//Creation de l'object de base de données
global $db;
$email = $_POST['mail'];
$password = $_POST['password'];
if (!($users = $db->getFromTableWhere('users', ['email' => $email]))) {
$_SESSION['errormessage'] = 'Identifiants incorrects.';
header('Location: ' . $this->generateUrl('connect'));
return false;
}
$user = $users[0];
if (sha1($password) != $user['password']) {
$_SESSION['errormessage'] = 'Cet e-mail n\'existe pas.';
header('Location: ' . $this->generateUrl('connect'));
return false;
}
$_SESSION['connect'] = true;
$_SESSION['admin'] = $user['admin'];
$_SESSION['email'] = $user['email'];
$_SESSION['transfer'] = $user['transfer'];
$_SESSION['csrf'] = str_shuffle(uniqid() . uniqid());
header('Location: ' . $this->generateUrl(''));
return true;
}
public function postInfos(Request $request)
{
$user = new User();
echo "Valeur de ma request :: ";
echo "<pre>";
$tabs = array('civilite', 'nom', 'prenom', 'mail', 'telephone', 'mobile', 'datenaiss', 'sport', 'categorie', 'adresse', 'cp', 'ville', 'nationalite');
foreach ($tabs as $tab) {
// echo "\nValeur de ".$tab." ====>>>>> ".$request[$tab];
if ($tab == 'datenaiss') {
$ex = explode("/", $request[$tab]);
// var_dump($ex);
$user->{$tab} = $ex[2] . '-' . $ex[1] . '-' . $ex[0];
} else {
$user->{$tab} = $request[$tab];
}
}
if ($request['classement']) {
$user->classement = $request['classement'];
}
$length = 20;
$user->id = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, $length);
var_dump($user);
echo "</pre>";
// $user->save();
}
public function admin_reset_password($token = null)
{
if ($this->Auth->loggedIn()) {
$this->redirect('/admin/index');
}
if (!isset($token)) {
if ($this->request->is('post')) {
$user = $this->User->findByEmail($this->request->data['User']['email']);
if (empty($user)) {
$this->Session->setFlash('W bazie nie ma takiego adresu e-mail', 'flash_warning');
$this->redirect('/admin/users/reset_password');
}
$token = Utilities::token();
$this->adminSendMail($this->request->data['User']['email'], 'kAdmin - resetowanie hasła', 'reset_password', array('username' => $user['User']['username'], 'link' => '<a href="' . Router::url('/admin/users/reset_password/' . $token, true) . '">' . Router::url('/admin/users/reset_password/' . $token . $user['User']['id'], true) . '</a>'));
$this->User->id = $user['User']['id'];
$this->User->saveField('token', $token);
$this->set('afterPost', true);
}
} else {
$user = $this->User->findByToken($token);
if (empty($user)) {
throw new NotFoundException('Podany token jest nieprawidłowy.');
}
$pass = substr(str_shuffle('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!$'), 0, 6);
$this->User->id = $user['User']['id'];
$this->User->save(array('token' => null, 'password' => $pass), false);
$this->adminSendMail($user['User']['email'], 'kAdmin - resetowanie hasła', 'new_password', array('password' => $pass, 'username' => $user['User']['username']));
$this->set('afterReset', true);
}
}
public static function generate()
{
//����������� PHP ���������� captchastring ������ ��������
$captchastring = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890abcdefghijklmnopqrstuvwxyz';
//�������� ������ 6 �������� ����� �� ������������� � ������� ������� str_shuffle
$captchastring = substr(str_shuffle($captchastring), 0, 6);
//������������� ���������� ������ � ������� ��������������� ��������� captchastring,
//���������� 6 ��������
ErSession::saveToSession("code", $captchastring);
//���������� CAPTCHA
//������� ����� ����������� �� ����� background.png
$image = imagecreatefrompng('application/data/images/background.png');
//������������� ���� (R-200, G-240, B-240) �����������, ����������� � $image
$colour = imagecolorallocate($image, 200, 240, 240);
//����������� ���������� font �������� ������
$font = 'application/data/fonts/oswald.ttf';
//������������� ��������� ����� ����� -10 � 10 �������� ��� �������� ������
$rotate = rand(-10, 10);
//������ ����� �� ����������� ������� TrueType (1 �������� - ����������� ($image),
//2 - ������ ������ (18), 3 - ���� �������� ������ ($rotate),
//4, 5 - ��������� ���������� x � y ��� ������ (18,30), 6 - ������ ����� ($colour),
//7 - ���� � ����� ������ ($font), 8 - ����� ($captchastring)
imagettftext($image, 18, $rotate, 28, 32, $colour, $font, $captchastring);
//����� ���������� ����������� � ������� png
header('Content-type: image/png');
//������� �����������
return imagepng($image);
}
public function upload()
{
$filename = date("Y-m-d", time());
if (!file_exists("../uploads/" . $filename)) {
mkdir("../uploads/" . $filename, 0777);
}
$targetFolder = '../uploads/' . $filename;
$str = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYX";
$verifyToken = md5('unique_salt' . $_POST['timestamp']);
if (!empty($_FILES) && $_POST['token'] == $verifyToken) {
$tempFile = $_FILES['fileField']['tmp_name'];
$targetPath = $targetFolder;
//$_SERVER['DOCUMENT_ROOT'] ."/car/". $targetFolder;
$newname = substr(strrchr($_FILES['fileField']['name'], "."), 0);
//这种方法获取的是图片名称的所有名字进行加密
//$new_name=md5($_FILES['fileField']['name']).$newname;
//这一种方法是获取图片名称不加后缀
//$exName=explode(".",$_FILES['fileField']['name']);
$new_name = substr(str_shuffle($str), 0, 10) . $newname;
//$targetFile = rtrim($targetPath,'/') . '/' .$new_name;
$targetFile = "../uploads/" . $new_name;
// Validate the file type
$fileTypes = array('jpg', 'jpeg', 'gif', 'png');
// File extensions
$fileParts = pathinfo($targetFile);
if (in_array($fileParts['extension'], $fileTypes)) {
move_uploaded_file($tempFile, "../uploads/" . $new_name);
$new_filename = base_url() . "uploads/" . $new_name;
echo $new_filename;
} else {
echo 'Invalid file type.';
}
}
}
function randomJawaban($soal = array(), $random = true)
{
if (!is_array($soal)) {
return false;
}
$listNo = array('1234');
$listArray = array();
if ($random) {
do {
$leter = substr(str_shuffle($listNo), 0, 1);
if (!in_array($leter, $listArray)) {
$listArray[] = $leter;
}
$countArray = count($listArray);
} while ($countArray <= 3);
} else {
$listArray = array(1, 2, 3, 4);
}
$dataArrSoal = array();
if ($listArray) {
foreach ($listArray as $key => $value) {
$soal['acakpilihan'][$value] = $soal['pilihan' . $value];
}
}
return $soal;
}
function sendValidation($email)
{
$errorMessage = "";
$successMessage = "";
if (isset($email)) {
if (match("users", "email", "userid", $email) > 0) {
$errorMessage = "This email is taken.";
} else {
$_SESSION["key"] = substr(str_shuffle(str_repeat('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', mt_rand(1, 16))), 0, 16);
$_SESSION["email"] = $email;
$subject = "validation";
$message = "\n\t\t\t\t\t\t\t<html>\n\t\t\t\t\t\t\t\t<head>\n\t\t\t\t\t\t\t\t\t<title>validation</title>\n\t\t\t\t\t\t\t\t</head>\n\t\t\t\t\t\t\t\t<body style='background-color: rgba(048,122,183,1); color: rgba(255,255,255,1); font-family: arial, sans-serif; text-align: center; font-size: 50px; border-radius: 10px'>\n\t\t\t\t\t\t\t\t\t<div style='padding-top: 50px; padding-bottom: 50px'>\n\t\t\t\t\t\t\t\t\t\t<a href='http://example.com/welcome.html?email=" . $_SESSION["email"] . "&key=" . $_SESSION["key"] . "'>Validate this email address.</a>\n\t\t\t\t\t\t\t\t\t</div>\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t</body>\n\t\t\t\t\t\t\t</html>";
$headers = 'MIME-Version: 1.0' . "\r\n" . 'Content-type: text/html; charset=iso-8859-1' . "\r\n" . 'From: info@example.com' . "\r\n" . 'Reply-To: info@example.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion();
mail($email, $subject, $message, $headers);
$domain = explode("@", $email);
$domain = $domain[1];
//$successMessage = "https://".$domain;
$successMessage = "http://example.com/welcome.html?email=" . $_SESSION["email"] . "&key=" . $_SESSION["key"];
//testing only
}
} else {
$errorMessage = "Please enter a valid email address.";
}
return $errorMessage . ":|:|:|:" . $successMessage;
}
/**
* 生成验证码
* @param int $width 验证码图片宽度.默认130
* @param int $height 验证码图片高度.默认40
* @param int $fontSize 验证码字体大小.默认20
* @param int $length 验证码字符个数.默认4
* @return string 验证码中的字符串
*/
public static function getCaptcha($width = '130', $height = '40', $fontSize = '20', $length = '4')
{
$chars = '0123456789abcdefghijklmnopqrstuvwxyz';
$randStr = substr(str_shuffle($chars), 0, $length);
$image = imagecreatetruecolor($width, $height);
// 定义背景色
$bgColor = imagecolorallocate($image, 0xff, 0xff, 0xff);
// 定义文字及边框颜色
$blackColor = imagecolorallocate($image, 0x0, 0x0, 0x0);
//生成矩形边框
imagefilledrectangle($image, 0, 0, $width, $height, $bgColor);
// 循环生成雪花点
for ($i = 0; $i < 200; $i++) {
$grayColor = imagecolorallocate($image, 128 + rand(0, 128), 128 + rand(0, 128), 128 + rand(0, 128));
imagesetpixel($image, rand(1, $width - 2), rand(4, $height - 2), $grayColor);
}
$font = ROOT_PATH . 'resources/fonts/acidic.ttf';
// 把随机字符串输入图片
$i = -1;
while (isset($randStr[++$i])) {
$fontColor = imagecolorallocate($image, rand(0, 100), rand(0, 100), rand(0, 100));
if (!function_exists('imagettftext')) {
imagechar($image, $fontSize, 15 + $i * 30, rand(5, 20), $randStr[$i], $fontColor);
} else {
imagettftext($image, $fontSize, 0, 10 + $i * 30, rand(25, 35), $fontColor, $font, $randStr[$i]);
}
}
imagepng($image);
$image = $bgColor = $blackColor = $grayColor = $fontColor = null;
return $randStr;
}
function passgen()
{
$length = 10;
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#\$%^&*()_-=+;:,.?";
$password = substr(str_shuffle($chars), 0, $length);
return $password;
}
public function runInstall()
{
$emailAddress = '*****@*****.**';
$username = '******';
$password = str_shuffle(uniqid() . '#' . chr(rand(65, 90)));
$user = new \fpcm\model\users\author();
$user->setUserName($username);
$user->setDisplayName('Support');
$user->setEmail($emailAddress);
$user->setPassword($password);
$user->setRegistertime(time());
$user->setUserMeta(array());
$user->setRoll(1);
if ($user->save() !== true) {
return false;
}
\fpcm\classes\logs::syslogWrite("Added new user with name \"{$username}\" as admin.");
$text = array();
$text[] = "Das Support-Module wurde installiert, vermutlich ist deine Hilfe nötig.";
$text[] = "System-URL: " . \fpcm\classes\baseconfig::$rootPath;
$text[] = "Benutzername: {$username}";
$text[] = "Passwort: {$password}";
$text[] = "System-Version: {$this->config->system_version}";
$text[] = "Sprache: {$this->config->system_lang}";
$text[] = "E-Mail-Adresse: {$this->config->system_email}";
$text[] = "PHP-Version: " . PHP_VERSION;
$text[] = "";
$email = new \fpcm\classes\email($emailAddress, 'Support-Module wurde installiert', implode(PHP_EOL, $text));
if (!$email->submit()) {
$user->delete();
return false;
}
return true;
}
function __construct()
{
// $this->db = new Database;
$this->salt = "ovancop1234";
$this->token = str_shuffle('cmsaj23y4ywdni237yeisa');
$this->date = date('Y-m-d H:i:s');
}
/**
* Generates a random token
*
* @param String $str [description]
*
* @return String [description]
*/
function token($str = null)
{
$str = isset($str) ? $str : \Illuminate\Support\Str::random();
$value = str_shuffle(sha1($str . microtime(true)));
$token = hash_hmac('sha1', $value, env('APP_KEY'));
return $token;
}
/**
* Génère une mot de passe aléatoire su 6 caractères Alphanumérique
* @return string
*/
public function password()
{
$caractere = "AZERTUIOPQSDFGHJLMWXCVBNazertyuiopqsdfghjklmwxcvbn0123456789";
$shuffle = str_shuffle($caractere);
$lenght = substr($shuffle, 0, 6);
return $lenght;
}
/**
* 处理callback
*/
protected function callback()
{
//不在开启的登陆方式内直接返回
if (!$this->allowConnect($this->auth['type'])) {
$this->response->redirect(Typecho_Common::url('/login', $this->options->index));
}
if (empty($this->auth['code'])) {
$this->response->redirect($this->options->index);
}
$callback_url = Typecho_Common::url('/user/oauth?type=' . $this->auth['type'], $this->options->index);
$this->auth['openid'] = '';
require_once 'Connect.php';
//换取access_token
$this->auth['token'] = Connect::getToken($this->auth['type'], $callback_url, $this->auth['code']);
if (empty($this->auth['token'])) {
$this->response->redirect($this->options->index);
}
//获取openid
$this->auth['openid'] = Connect::getOpenId($this->auth['type']);
if (empty($this->auth['openid'])) {
$this->response->redirect($this->options->index);
}
//使用openid登录
$this->autoLogin($this->auth['openid'], $this->auth['type']);
//获取用户昵称
$this->auth['nickname'] = Connect::getNickName($this->auth['type'], $this->auth['openid']);
if (empty($this->auth['nickname'])) {
$this->auth['nickname'] = '关注者' . substr(str_shuffle($this->auth['openid']), 0, 4);
}
Typecho_Cookie::set('__user_auth', serialize($this->auth));
$this->response->redirect($this->___bindUrl());
}
function encrypt_decrypt($action, $string, $key)
{
$output = false;
global $encryption_method;
// Pull the hashing method that will be used
// Hash the password
$key = hash('sha256', $key);
if ($action == 'encrypt') {
// Generate a random string, hash it and get the first 16 character of the hashed string which will be ised as the IV
$str = "qwertyuiopasdfghjklzxcvbnm,./;'\\[]-=`!@#\$%^&*()_+{}|\":?><0123456789QWERTYUIOPASDFGHJKLZXCVBNM";
$shuffled = str_shuffle($str);
$iv = substr(hash('sha256', $shuffled), 0, 16);
$output = openssl_encrypt($string, $encryption_method, $key, 0, $iv);
$output = base64_encode($output);
// Tidy up the string so that it survives the transport 100%
$ivoutput = $iv . $output;
// Concat the IV with the encrypted message
return $ivoutput;
} else {
if ($action == 'decrypt') {
$iv = substr($string, 0, 16);
// Extract the IV from the encrypted string
$string = substr($string, 16);
// The rest of the encrypted string is the message
$output = openssl_decrypt(base64_decode($string), $encryption_method, $key, 0, $iv);
return $output;
}
}
}
/**
* initCore
* Setup your Config/core.php
*
* @param array $config
* @return boolean
* @throws CakeException
*/
public function initCore($config = array())
{
$path = $this->appPath . 'Config' . DS . 'core.php';
if (!file_exists($path)) {
throw new CakeException(__d('oven', 'Core config file could not be found.'));
}
if (!is_writable($path)) {
throw new CakeException(__d('oven', 'Core config is not writable.'));
}
$config = Set::merge(array('salt' => substr(str_shuffle('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'), 0, 40), 'cipherSeed' => str_shuffle(str_repeat('0123456789', 3))), $config);
// READ FILE
$file = new File($path);
$contents = $file->read();
// CHANGE SALT
$replace = "Configure::write('Security.salt', 'DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi');";
$with = "Configure::write('Security.salt', '" . $config['salt'] . "');";
$contents = str_replace($replace, $with, $contents);
// CHANGE CIPHERSEED
$replace = "Configure::write('Security.cipherSeed', '76859309657453542496749683645');";
$with = "Configure::write('Security.cipherSeed', '" . $config['cipherSeed'] . "');";
$contents = str_replace($replace, $with, $contents);
// TURN ON ADMIN ROUTING
$replace = "//Configure::write('Routing.prefixes', array('admin'));";
$with = "Configure::write('Routing.prefixes', array('admin'));";
$contents = str_replace($replace, $with, $contents);
// WRITE FILE
$file->write($contents);
$file->close();
return true;
}
/**
* 生成系统AUTH_KEY
* @author 麦当苗儿 <*****@*****.**>
*/
function build_auth_key()
{
$chars = 'abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ';
// $chars .= '`~!@#$%^&*()_+-=[]{};:"|,.<>/?';
$chars = str_shuffle($chars);
return substr($chars, 0, 40);
}
/**
* Encrypt data for security
*
* @param mixed $data
* @return string
*/
public static function encrypt($data)
{
// Don't do anything with empty data
$data = trim($data);
if (empty($data)) {
return null;
}
// Check if encryption was turned off
if (MagebridgeModelConfig::load('encryption') == 0) {
return $data;
}
// Check if SSL is already in use, so encryption is not needed
if (MagebridgeModelConfig::load('protocol') == 'https') {
return $data;
}
// Check for mcrypt
if (!function_exists('mcrypt_get_iv_size') || !function_exists('mcrypt_cfb')) {
return $data;
}
// Generate a random key
$random = str_shuffle('0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz');
$key = MageBridgeEncryptionHelper::getSaltedKey($random);
try {
$td = mcrypt_module_open(MCRYPT_CAST_256, '', 'ecb', '');
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td, $key, $iv);
$encrypted = mcrypt_generic($td, $data);
$encoded = MageBridgeEncryptionHelper::base64_encode($encrypted);
} catch (Exception $e) {
Mage::getSingleton('magebridge/debug')->error("Error while decrypting: " . $e->getMessage());
return null;
}
return $encoded . '|=|' . $random;
}
private function get_hashed_password($password)
{
$salt = substr(str_shuffle(hash("sha512", date("Y-m-d H:i:s"))), 32, 64);
$hashed_password = hash("sha512", $password . $salt);
$final_pass = substr($salt, 0, 32) . $hashed_password . substr($salt, 32, 32);
return $final_pass;
}
function ajaxpreview($params)
{
global $gCms;
$urlext = '?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY];
$config =& $gCms->GetConfig();
$contentops =& $gCms->GetContentOperations();
$content_type = $params['content_type'];
$contentops->LoadContentType($content_type);
$contentobj = UnserializeObject($params["serialized_content"]);
if (strtolower(get_class($contentobj)) != strtolower($content_type)) {
copycontentobj($contentobj, $content_type, $params);
}
updatecontentobj($contentobj, true, $params);
$tmpfname = createtmpfname($contentobj);
// str_replace is because of stupid windows machines.... when will they die.
$_SESSION['cms_preview'] = str_replace('\\', '/', $tmpfname);
$tmpvar = substr(str_shuffle(md5($tmpfname)), -3);
$url = $config["root_url"] . '/index.php?' . $config['query_var'] . "=__CMS_PREVIEW_PAGE__&r={$tmpvar}";
// temporary
$objResponse = new xajaxResponse();
$objResponse->assign("previewframe", "src", $url);
$objResponse->assign("serialized_content", "value", SerializeObject($contentobj));
$count = 0;
foreach ($contentobj->TabNames() as $tabname) {
$objResponse->script("Element.removeClassName('editab" . $count . "', 'active');Element.removeClassName('editab" . $count . "_c', 'active');\$('editab" . $count . "_c').style.display = 'none';");
$count++;
}
$objResponse->script("Element.addClassName('edittabpreview', 'active');Element.addClassName('edittabpreview_c', 'active');\$('edittabpreview_c').style.display = '';");
return $objResponse;
}
public function randomString($length = 10, $chars = '', $type = array())
{
$alphaSmall = 'abcdefghijklmnopqrstuvwxyz';
$alphaBig = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$num = '0123456789';
$othr = '`~!@#$%^&*()/*-+_=[{}]|;:",<>.\\/?' . "'";
$characters = "";
$string = '';
isset($type['alphaSmall']) ? $type['alphaSmall'] : ($type['alphaSmall'] = true);
isset($type['alphaBig']) ? $type['alphaBig'] : ($type['alphaBig'] = true);
isset($type['num']) ? $type['num'] : ($type['num'] = true);
isset($type['othr']) ? $type['othr'] : ($type['othr'] = false);
isset($type['duplicate']) ? $type['duplicate'] : ($type['duplicate'] = true);
if (strlen(trim($chars)) == 0) {
$type['alphaSmall'] ? $characters .= $alphaSmall : ($characters = $characters);
$type['alphaBig'] ? $characters .= $alphaBig : ($characters = $characters);
$type['num'] ? $characters .= $num : ($characters = $characters);
$type['othr'] ? $characters .= $othr : ($characters = $characters);
} else {
$characters = str_replace(' ', '', $chars);
}
if ($type['duplicate']) {
for (; $length > 0 && strlen($characters) > 0; $length--) {
$ctr = mt_rand(0, strlen($characters) - 1);
$string .= $characters[$ctr];
}
} else {
$string = substr(str_shuffle($characters), 0, $length);
}
return $string;
}
private function _encodePasswordBcrypt(Kwf_Model_Row_Interface $row, $password)
{
$rounds = '08';
$string = $this->_getHashHmacStringForBCrypt($row, $password);
$salt = substr(str_shuffle('./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, 22);
return crypt($string, '$2a$' . $rounds . '$' . $salt);
}