/**
* Decrypt data.
*
* @param array $keys That must be an array that contains private and public keys.
* @param mixed $data Encrypted data that has to be decrypted.
*
* @return mixed
*/
public static function decrypt(array $keys, $data)
{
$chiper = new JCryptCipherRijndael256();
$key = new JCryptKey("rijndael256", $keys["private"], $keys["public"]);
$crypt = new JCrypt($chiper, $key);
return $crypt->decrypt($data);
}
/**
* Run when a membership activated
* @param PlanOsMembership $row
*/
function onMembershipActive($row)
{
if (!$row->user_id && $row->username && $row->user_password) {
//Need to create the account here
$data['name'] = trim($row->first_name . ' ' . $row->last_name);
//Decrypt the password
$data['username'] = $row->username;
//Password
$privateKey = md5(JFactory::getConfig()->get('secret'));
$key = new JCryptKey('simple', $privateKey, $privateKey);
$crypt = new JCrypt(new JCryptCipherSimple(), $key);
$data['password'] = $data['password2'] = $data['password'] = $crypt->decrypt($row->user_password);
$data['email1'] = $data['email2'] = $data['email'] = $row->email;
$params = JComponentHelper::getParams('com_users');
$data['groups'] = array();
$data['groups'][] = $params->get('new_usertype', 2);
$user = new JUser();
if (!$user->bind($data)) {
return false;
}
// Store the data.
if (!$user->save()) {
return false;
}
$row->user_id = $user->get('id');
$row->store();
}
}
function onAfterInitialise()
{
$app = JFactory::getApplication();
// No remember me for admin
if ($app->isAdmin()) {
return;
}
$user = JFactory::getUser();
if ($user->get('guest')) {
$hash = JApplication::getHash('JLOGIN_REMEMBER');
if ($str = JRequest::getString($hash, '', 'cookie', JREQUEST_ALLOWRAW | JREQUEST_NOTRIM)) {
jimport('joomla.utilities.simplecrypt');
$credentials = array();
$goodCookie = true;
$filter = JFilterInput::getInstance();
// Create the encryption key, apply extra hardening using the user agent string.
// Since we're decoding, no UA validity check is required.
$privateKey = JApplication::getHash(@$_SERVER['HTTP_USER_AGENT']);
$key = new JCryptKey('simple', $privateKey, $privateKey);
$crypt = new JCrypt(new JCryptCipherSimple(), $key);
try {
$str = $crypt->decrypt($str);
if (!is_string($str)) {
throw new Exception('Decoded cookie is not a string.');
}
$cookieData = json_decode($str);
if (null === $cookieData) {
throw new Exception('JSON could not be docoded.');
}
if (!is_object($cookieData)) {
throw new Exception('Decoded JSON is not an object.');
}
// json_decoded cookie could be any object structure, so make sure the
// credentials are well structured and only have user and password.
if (isset($cookieData->username) && is_string($cookieData->username)) {
$credentials['username'] = $filter->clean($cookieData->username, 'username');
} else {
throw new Exception('Malformed username.');
}
if (isset($cookieData->password) && is_string($cookieData->password)) {
$credentials['password'] = $filter->clean($cookieData->password, 'string');
} else {
throw new Exception('Malformed password.');
}
$return = $app->login($credentials, array('silent' => true));
if (!$return) {
throw new Exception('Log-in failed.');
}
} catch (Exception $e) {
$config = JFactory::getConfig();
$cookie_domain = $config->get('cookie_domain', '');
$cookie_path = $config->get('cookie_path', '/');
// Clear the remember me cookie
setcookie(JApplication::getHash('JLOGIN_REMEMBER'), false, time() - 86400, $cookie_path, $cookie_domain);
JLog::add('A remember me cookie was unset for the following reason: ' . $e->getMessage(), JLog::WARNING, 'security');
}
}
}
}
function onAfterInitialise()
{
$app = JFactory::getApplication();
// No remember me for admin
if ($app->isAdmin()) {
return;
}
$user = JFactory::getUser();
if ($user->get('guest')) {
$hash = JApplication::getHash('JLOGIN_REMEMBER');
if ($str = JRequest::getString($hash, '', 'cookie', JREQUEST_ALLOWRAW | JREQUEST_NOTRIM)) {
jimport('joomla.utilities.simplecrypt');
// Create the encryption key, apply extra hardening using the user agent string.
// Since we're decoding, no UA validity check is required.
$privateKey = JApplication::getHash(@$_SERVER['HTTP_USER_AGENT']);
$key = new JCryptKey('simple', $privateKey, $privateKey);
$crypt = new JCrypt(new JCryptCipherSimple(), $key);
$str = $crypt->decrypt($str);
$cookieData = @unserialize($str);
// Deserialized cookie could be any object structure, so make sure the
// credentials are well structured and only have user and password.
$credentials = array();
$filter = JFilterInput::getInstance();
$goodCookie = true;
if (is_array($credentials)) {
if (isset($cookieData['username']) && is_string($cookieData['username'])) {
$credentials['username'] = $filter->clean($cookieData['username'], 'username');
} else {
$goodCookie = false;
}
if (isset($cookieData['password']) && is_string($cookieData['password'])) {
$credentials['password'] = $filter->clean($cookieData['password'], 'string');
} else {
$goodCookie = false;
}
} else {
$goodCookie = false;
}
if (!$goodCookie || !$app->login($credentials, array('silent' => true))) {
$config = JFactory::getConfig();
$cookie_domain = $config->get('cookie_domain', '');
$cookie_path = $config->get('cookie_path', '/');
// Clear the remember me cookie
setcookie(JApplication::getHash('JLOGIN_REMEMBER'), false, time() - 86400, $cookie_path, $cookie_domain);
}
}
}
}
/**
* Decrypt a string
*
* @param string $s String to decrypt
*
* @return string
*
* @since 11.1
* @deprecated 12.3 Use JCrypt instead.
*/
public function decrypt($s)
{
return $this->_crypt->decrypt($s);
}
/**
* Get detail information of the subscription
*
* @param object $config
* @param object $row
*
* @return string
*/
public static function getEmailContent($config, $row, $toAdmin = false)
{
$db = JFactory::getDbo();
$sql = 'SELECT lifetime_membership, title FROM #__osmembership_plans WHERE id=' . $row->plan_id;
$db->setQuery($sql);
$plan = $db->loadObject();
$data = array();
$data['planTitle'] = $plan->title;
$data['lifetimeMembership'] = $plan->lifetime_membership;
$data['config'] = $config;
$data['row'] = $row;
$data['toAdmin'] = $toAdmin;
if ($row->payment_method == 'os_creditcard') {
$cardNumber = JRequest::getVar('x_card_num', '');
$last4Digits = substr($cardNumber, strlen($cardNumber) - 4);
$data['last4Digits'] = $last4Digits;
}
if ($row->user_id) {
$sql = 'SELECT username FROM #__users WHERE id=' . $row->user_id;
$db->setQuery($sql);
$username = $db->loadResult();
$data['username'] = $username;
}
if ($row->username && $row->user_password) {
$data['username'] = $row->username;
//Password
$privateKey = md5(JFactory::getConfig()->get('secret'));
$key = new JCryptKey('simple', $privateKey, $privateKey);
$crypt = new JCrypt(new JCryptCipherSimple(), $key);
$data['password'] = $crypt->decrypt($row->user_password);
}
$rowFields = OSMembershipHelper::getProfileFields($row->plan_id);
$formData = OSMembershipHelper::getProfileData($row, $row->plan_id, $rowFields);
$form = new RADForm($rowFields);
$form->setData($formData)->bindData();
$data['form'] = $form;
return OSMembershipHelperHtml::loadCommonLayout(JPATH_ROOT . '/components/com_osmembership/emailtemplates/email.php', $data);
}
