Exemplo n.º 1
0
 /**
  * Decrypt data.
  *
  * @param array $keys That must be an array that contains private and public keys.
  * @param mixed $data Encrypted data that has to be decrypted.
  *
  * @return mixed
  */
 public static function decrypt(array $keys, $data)
 {
     $chiper = new JCryptCipherRijndael256();
     $key = new JCryptKey("rijndael256", $keys["private"], $keys["public"]);
     $crypt = new JCrypt($chiper, $key);
     return $crypt->decrypt($data);
 }
Exemplo n.º 2
0
 /**
  * Run when a membership activated
  * @param PlanOsMembership $row
  */
 function onMembershipActive($row)
 {
     if (!$row->user_id && $row->username && $row->user_password) {
         //Need to create the account here
         $data['name'] = trim($row->first_name . ' ' . $row->last_name);
         //Decrypt the password
         $data['username'] = $row->username;
         //Password
         $privateKey = md5(JFactory::getConfig()->get('secret'));
         $key = new JCryptKey('simple', $privateKey, $privateKey);
         $crypt = new JCrypt(new JCryptCipherSimple(), $key);
         $data['password'] = $data['password2'] = $data['password'] = $crypt->decrypt($row->user_password);
         $data['email1'] = $data['email2'] = $data['email'] = $row->email;
         $params = JComponentHelper::getParams('com_users');
         $data['groups'] = array();
         $data['groups'][] = $params->get('new_usertype', 2);
         $user = new JUser();
         if (!$user->bind($data)) {
             return false;
         }
         // Store the data.
         if (!$user->save()) {
             return false;
         }
         $row->user_id = $user->get('id');
         $row->store();
     }
 }
Exemplo n.º 3
0
 function onAfterInitialise()
 {
     $app = JFactory::getApplication();
     // No remember me for admin
     if ($app->isAdmin()) {
         return;
     }
     $user = JFactory::getUser();
     if ($user->get('guest')) {
         $hash = JApplication::getHash('JLOGIN_REMEMBER');
         if ($str = JRequest::getString($hash, '', 'cookie', JREQUEST_ALLOWRAW | JREQUEST_NOTRIM)) {
             jimport('joomla.utilities.simplecrypt');
             $credentials = array();
             $goodCookie = true;
             $filter = JFilterInput::getInstance();
             // Create the encryption key, apply extra hardening using the user agent string.
             // Since we're decoding, no UA validity check is required.
             $privateKey = JApplication::getHash(@$_SERVER['HTTP_USER_AGENT']);
             $key = new JCryptKey('simple', $privateKey, $privateKey);
             $crypt = new JCrypt(new JCryptCipherSimple(), $key);
             try {
                 $str = $crypt->decrypt($str);
                 if (!is_string($str)) {
                     throw new Exception('Decoded cookie is not a string.');
                 }
                 $cookieData = json_decode($str);
                 if (null === $cookieData) {
                     throw new Exception('JSON could not be docoded.');
                 }
                 if (!is_object($cookieData)) {
                     throw new Exception('Decoded JSON is not an object.');
                 }
                 // json_decoded cookie could be any object structure, so make sure the
                 // credentials are well structured and only have user and password.
                 if (isset($cookieData->username) && is_string($cookieData->username)) {
                     $credentials['username'] = $filter->clean($cookieData->username, 'username');
                 } else {
                     throw new Exception('Malformed username.');
                 }
                 if (isset($cookieData->password) && is_string($cookieData->password)) {
                     $credentials['password'] = $filter->clean($cookieData->password, 'string');
                 } else {
                     throw new Exception('Malformed password.');
                 }
                 $return = $app->login($credentials, array('silent' => true));
                 if (!$return) {
                     throw new Exception('Log-in failed.');
                 }
             } catch (Exception $e) {
                 $config = JFactory::getConfig();
                 $cookie_domain = $config->get('cookie_domain', '');
                 $cookie_path = $config->get('cookie_path', '/');
                 // Clear the remember me cookie
                 setcookie(JApplication::getHash('JLOGIN_REMEMBER'), false, time() - 86400, $cookie_path, $cookie_domain);
                 JLog::add('A remember me cookie was unset for the following reason: ' . $e->getMessage(), JLog::WARNING, 'security');
             }
         }
     }
 }
Exemplo n.º 4
0
 function onAfterInitialise()
 {
     $app = JFactory::getApplication();
     // No remember me for admin
     if ($app->isAdmin()) {
         return;
     }
     $user = JFactory::getUser();
     if ($user->get('guest')) {
         $hash = JApplication::getHash('JLOGIN_REMEMBER');
         if ($str = JRequest::getString($hash, '', 'cookie', JREQUEST_ALLOWRAW | JREQUEST_NOTRIM)) {
             jimport('joomla.utilities.simplecrypt');
             // Create the encryption key, apply extra hardening using the user agent string.
             // Since we're decoding, no UA validity check is required.
             $privateKey = JApplication::getHash(@$_SERVER['HTTP_USER_AGENT']);
             $key = new JCryptKey('simple', $privateKey, $privateKey);
             $crypt = new JCrypt(new JCryptCipherSimple(), $key);
             $str = $crypt->decrypt($str);
             $cookieData = @unserialize($str);
             // Deserialized cookie could be any object structure, so make sure the
             // credentials are well structured and only have user and password.
             $credentials = array();
             $filter = JFilterInput::getInstance();
             $goodCookie = true;
             if (is_array($credentials)) {
                 if (isset($cookieData['username']) && is_string($cookieData['username'])) {
                     $credentials['username'] = $filter->clean($cookieData['username'], 'username');
                 } else {
                     $goodCookie = false;
                 }
                 if (isset($cookieData['password']) && is_string($cookieData['password'])) {
                     $credentials['password'] = $filter->clean($cookieData['password'], 'string');
                 } else {
                     $goodCookie = false;
                 }
             } else {
                 $goodCookie = false;
             }
             if (!$goodCookie || !$app->login($credentials, array('silent' => true))) {
                 $config = JFactory::getConfig();
                 $cookie_domain = $config->get('cookie_domain', '');
                 $cookie_path = $config->get('cookie_path', '/');
                 // Clear the remember me cookie
                 setcookie(JApplication::getHash('JLOGIN_REMEMBER'), false, time() - 86400, $cookie_path, $cookie_domain);
             }
         }
     }
 }
 /**
  * Decrypt a string
  *
  * @param   string  $s  String to decrypt
  *
  * @return  string
  *
  * @since   11.1
  * @deprecated  12.3  Use JCrypt instead.
  */
 public function decrypt($s)
 {
     return $this->_crypt->decrypt($s);
 }
Exemplo n.º 6
0
 /**
  * Get detail information of the subscription
  *
  * @param object $config
  * @param object $row
  *
  * @return string
  */
 public static function getEmailContent($config, $row, $toAdmin = false)
 {
     $db = JFactory::getDbo();
     $sql = 'SELECT lifetime_membership, title FROM #__osmembership_plans WHERE id=' . $row->plan_id;
     $db->setQuery($sql);
     $plan = $db->loadObject();
     $data = array();
     $data['planTitle'] = $plan->title;
     $data['lifetimeMembership'] = $plan->lifetime_membership;
     $data['config'] = $config;
     $data['row'] = $row;
     $data['toAdmin'] = $toAdmin;
     if ($row->payment_method == 'os_creditcard') {
         $cardNumber = JRequest::getVar('x_card_num', '');
         $last4Digits = substr($cardNumber, strlen($cardNumber) - 4);
         $data['last4Digits'] = $last4Digits;
     }
     if ($row->user_id) {
         $sql = 'SELECT username FROM #__users WHERE id=' . $row->user_id;
         $db->setQuery($sql);
         $username = $db->loadResult();
         $data['username'] = $username;
     }
     if ($row->username && $row->user_password) {
         $data['username'] = $row->username;
         //Password
         $privateKey = md5(JFactory::getConfig()->get('secret'));
         $key = new JCryptKey('simple', $privateKey, $privateKey);
         $crypt = new JCrypt(new JCryptCipherSimple(), $key);
         $data['password'] = $crypt->decrypt($row->user_password);
     }
     $rowFields = OSMembershipHelper::getProfileFields($row->plan_id);
     $formData = OSMembershipHelper::getProfileData($row, $row->plan_id, $rowFields);
     $form = new RADForm($rowFields);
     $form->setData($formData)->bindData();
     $data['form'] = $form;
     return OSMembershipHelperHtml::loadCommonLayout(JPATH_ROOT . '/components/com_osmembership/emailtemplates/email.php', $data);
 }