public function push($topic, $event, $eligible = null, $exclude = null) { $msg = json_encode($event); $data = array('topicuri' => $topic); if ($this->opts['authkey'] !== null) { $timestamp = gmdate("Y-m-d\\TH:i:s\\Z"); $sig = urlsafe_b64encode(hash_hmac('sha256', $topic . $this->opts['authkey'] . $timestamp . $msg, $this->opts['authsecret'], true)); $data['timestamp'] = $timestamp; $data['appkey'] = $this->opts['authkey']; $data['signature'] = $sig; } if ($eligible !== null) { $data['eligible'] = join(',', $eligible); } if ($exclude !== null) { $data['exclude'] = join(',', $exclude); } $url = $this->opts['pushendpoint'] . '/?' . http_build_query($data, '', '&'); curl_setopt($this->ch, CURLOPT_URL, $url); curl_setopt($this->ch, CURLOPT_POSTFIELDS, $msg); $response = curl_exec($this->ch); $status_code = curl_getinfo($this->ch, CURLINFO_HTTP_CODE); if ($status_code !== 202) { return $response; } else { return null; } }
function validate_uuid($uuid) { $request = array(); $request['device'] = $uuid; $request['host'] = $_SERVER['REMOTE_ADDR']; // don't send this unless you're a phone $request['mode'] = "local"; $request['nonce'] = time(); $request['product'] = "com.phoenix.musiccontrols"; $request['timestamp'] = time(); $request['vendor'] = "phoenix"; $secretkey = "**********************"; // get this from saurik ksort($request); $request_presign = http_build_query($request); $request['signature'] = urlsafe_b64encode(hash_hmac('sha1', $request_presign, $secretkey, true)); $http_request = http_build_query($request); $request_url = "http://cydia.saurik.com/api/check?" . $http_request; $fd = fopen($request_url, "r"); $response_raw = ""; if ($fd) { while (!feof($fd)) { $response_raw .= fgets($fd, 16384); } fclose($fd); } // If state=completed exists, we are authorized. Anything else and we are not. if ($response_raw) { parse_str($response_raw, $response); $return_sig = $response['signature']; unset($response['signature']); ksort($response); $serialized_response = http_build_query($response); $return_chk = urlsafe_b64encode(hash_hmac('sha1', $serialized_response, $secretkey, true)); if ($response['state'] == "completed" && $return_chk == $return_sig) { if (array_key_exists('payment', $response)) { return $response['payment']; } else { return 1337; } } } return ''; }
function cclite_remote_logon() { $params = get_test_variables(); $user = $params['user']; $registry = $params['registry']; // if there's no user name, don't even bother to try... if (strlen($user)) { // so when you use this, nake sure that the server ip checks against the list in the cclite registry! $api_hash = hash($params['hashing'], $params['apikey'] . $params['spoof_server'], 'true'); $api_hash = urlsafe_b64encode($api_hash); /* $str = "server is" . $_SERVER['SERVER_ADDR']. " ".$params['hashing'] . "". "<br/>" . "user is " . $user . "<br/>" . "registry is " . $registry ; echo $str ; */ // construct the base url from configuration information $cclite_base_url = 'http://' . $params['domain']; $ch = curl_init(); if ($params['verbose']) { curl_setopt($ch, CURLOPT_VERBOSE, true); } // Display communication with server curl_setopt($ch, CURLOPT_AUTOREFERER, TRUE); curl_setopt($ch, CURLOPT_COOKIE, "merchant_key_hash={$api_hash}"); curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE); curl_setopt($ch, CURLOPT_FAILONERROR, TRUE); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, FALSE); curl_setopt($ch, CURLOPT_FRESH_CONNECT, TRUE); curl_setopt($ch, CURLOPT_HEADER, TRUE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); curl_setopt($ch, CURLOPT_URL, "{$cclite_base_url}/logon/{$user}/{$registry}"); $logon = curl_exec($ch); curl_close($ch); // extract the user style cookies from the logon preg_match_all('|Set-Cookie: (.*);|U', $logon, $results); $cookies = implode("; ", $results[1]); return array($logon, $cookies); } else { return array('noelgguser', ''); } }
/** * 取得返回信息地址 * @param string $code 支付方式代码 * @param string $params 必须有type值, $params = array('type'=>0), 0 同步,1 异步 */ function return_url($code = '', $params = array()) { $params['code'] = $code; $base64 = urlsafe_b64encode(serialize($params)); return __URL__ . '/respond.php?code=' . $base64; }
<strong>Submitting press release... (this may take a while!)</strong> </div> </form> <?php } elseif ($var_id == "submit") { // Stage 2: Processing the upload and press release. $recaptcha = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if ($recaptcha->is_valid) { $error = false; if (isset($_FILES['file']) && $_FILES['file']['error'] == 0) { $file_uploaded = true; if (ends_with($_FILES['file']['name'], ".jpg") || ends_with($_FILES['file']['name'], ".jpeg") || ends_with($_FILES['file']['name'], ".png") || ends_with($_FILES['file']['name'], ".gif")) { if ($_FILES['file']['size'] <= 20000000) { $upload_result = curl_put("{$tahoe_server}/uri", $_FILES['file']['tmp_name']); if ($upload_result !== false) { $upload_b64 = urlsafe_b64encode($upload_result); $upload_url = "/download/{$upload_b64}/{$_FILES['file']['name']}"; } } else { $error = true; $var_code = ANONNEWS_ERROR_TOO_LARGE; // Upload filesize error require "module.error.php"; } } else { $error = true; $var_code = ANONNEWS_ERROR_INCORRECT_FORMAT; // Upload file format error require "module.error.php"; } } elseif (isset($_FILES['file']) && $_FILES['file']['error'] == 4) {
} $enckey = hash('sha256', $key); $request = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, pack("H*", $enckey), $encrequest, MCRYPT_MODE_CBC, $iv); } else { $request = $encrequest; } //Parse Attributes (username lenght + username + cardid length + cardid) $parsed_request = parse_attributes($request, 2); //Enable card for downloading (username+cardid+time) $response = enable_download($parsed_request[0], $parsed_request[1]); if (!$response) { throw new SimpleSAML_Error_NotFound('FUNCTION enable_download, error accessing directory'); } // Encrypt response for myself $response = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, pack("H*", $internalkey), $response, MCRYPT_MODE_CBC, $iv); $response = preg_replace('/\\?.*/', '', curPageURL()) . '?data=' . urlsafe_b64encode($response) . '&iv=' . urlsafe_b64encode($iv); // Encrypt response for RADIUS if ($key != null) { $encresponse = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, pack("H*", $enckey), $response, MCRYPT_MODE_CBC, $iv); } else { $encresponse = $response; } // Send URL print base64_encode($encresponse); } else { //Client Resquest- Send InfoCard //Get Attributes $encrequest = urlsafe_b64decode($_GET['data']); $iv = urlsafe_b64decode($_GET['iv']); if (!$encrequest || !$iv) { throw new SimpleSAML_Error_NotFound('The URL wasn\'t found in the module.');
function gen_salt($length = 16, $urlsafe = false) { $iv = mcrypt_create_iv(ceil(0.75 * $length), MCRYPT_DEV_URANDOM); return $urlsafe ? urlsafe_b64encode($iv) : b64encode($iv); }
<?php require_once 'f-encryption.php'; $client_encryption_keys = array('127.0.0.1' => 'Qs/7S$N%C8'); $remote_ip = '127.0.0.1'; $encryption_key = $client_encryption_keys[$remote_ip]; $timeout = 60; $string = "127.0.0.1" . ":" . time(); $encr = encrypt_decrypt('encrypt', $string); //echo $encr . "\n"; $encr_b64 = urlsafe_b64encode($encr); echo "token: {$encr_b64} valid for {$timeout} sec\n"; echo "curl 'https://rtbh.sec.domain.com/apiv1/temp_whitelist/sourceip/108.59.253.198?auth_key={$encr_b64}'\n\n"; echo "php token_dec.php {$encr_b64}\n\n"; if (check_token($encr_b64)) { echo "check_token: true !\n"; } else { echo "check_token: INVALID\n"; }
echo '<script src="base64.js"></script>' . "\n"; echo '<script src="browser.js"></script>' . "\n"; echo '<script>'; echo "var f = '" . $h . "';" . "\n"; echo 'var host = Base64.decode(reverseString("' . $rawRequest . '"));' . "\n"; echo 'window.fetcherUrl = f;window.hostUrl = host;'; echo "fetch(host);" . "\n"; echo "</script>"; } else { if ($reqmode == "p2get_p") { if (strstr($req, "?")) { $query = ""; } else { $query = "?"; } foreach ($_POST as $k => $v) { $kv = $k . "=" . $v . '&'; $query .= $kv; } $redir = $req . $query; $rs = encodeString(urlsafe_b64encode($redir)); echo "<script>window.location = 'fetch.php?mode=loader&url=" . $rs . "';</script>"; } else { if (file_exists($fn) && $reqm == "get") { readCache($fn, $reqmode); checkCache(); } else { fetchPage($req, $fn, $reqm, $reqmode); } } }
/** * Calculate the URL safe base64 encoded SHA1 hmac of a string. * * @param string The string to sign * @param string The key * @return string The signature */ public static function base64_hmac($value, $key) { return urlsafe_b64encode(\hash_hmac('sha1', $value, $key, true)); }