public function testEncryptDecrypt()
{
$this->assertEquals(Cii::decrypt(Cii::encrypt(1)), 1);
// Integer
$this->assertEquals(Cii::decrypt(Cii::encrypt("1")), "1");
// String integer
$this->assertEquals(Cii::decrypt(Cii::encrypt(3.14)), 3.14);
// Float
$this->assertEquals(Cii::decrypt(Cii::encrypt("3.14")), "3.14");
// String float
$this->assertEquals(Cii::decrypt(Cii::encrypt("string")), "string");
// String
// Test a variety of hashes of various sizes generated by Cii::generateSafeHash()
$hash1 = Cii::generateSafeHash(4);
$this->assertEquals(Cii::decrypt(Cii::encrypt($hash1)), $hash1);
$hash2 = Cii::generateSafeHash(16);
$this->assertEquals(Cii::decrypt(Cii::encrypt($hash2)), $hash2);
$hash3 = Cii::generateSafeHash(32);
$this->assertEquals(Cii::decrypt(Cii::encrypt($hash3)), $hash3);
$hash4 = Cii::generateSafeHash(64);
$this->assertEquals(Cii::decrypt(Cii::encrypt($hash4)), $hash4);
$hash5 = Cii::generateSafeHash(128);
$this->assertEquals(Cii::decrypt(Cii::encrypt($hash5)), $hash5);
$hash6 = Cii::generateSafeHash(256);
$this->assertEquals(Cii::decrypt(Cii::encrypt($hash6)), $hash6);
$hash7 = Cii::generateSafeHash(512);
$this->assertEquals(Cii::decrypt(Cii::encrypt($hash7)), $hash7);
}
/**
* Generic method for sending an email. Instead of having to call a bunch of code all over over the place
* This method can be called which should be able to handle almost anything.
*
* By calling this method, the SMTP details will automatically be setup as well the notify email and user
*
* @param Users $user The User we are sending the email to
* @param string $subject The email Subject
* @param string $viewFile The view file we want to render. Generally this should be in the form //email/<file>
* And should correspond to a viewfile in /themes/<theme>/views/email/<file>
* @param array $content The content to pass to renderPartial()
* @param boolean $return Whether the output should be returned. The default is TRUE since this output will be passed to MsgHTML
* @param boolean $processOutput Whether the output should be processed. The default is TRUE since this output will be passed to MsgHTML
* @return boolean Whether or not the email sent sucessfully
*/
public function send($user, $subject = "", $viewFile, $content = array(), $return = true, $processOutput = true, $debug = false)
{
$mail = new PHPMailer($debug);
$mail->IsSMTP();
$mail->SMTPAuth = false;
$smtpHost = Cii::getConfig('SMTPHost', NULL);
$smtpPort = Cii::getConfig('SMTPPort', NULL);
$smtpUser = Cii::getConfig('SMTPUser', NULL);
$smtpPass = Cii::getConfig('SMTPPass', NULL);
$useTLS = Cii::getConfig('useTLS', 0);
$useSSL = Cii::getConfig('useSSL', 0);
$notifyUser = new stdClass();
if (isset($content['origin_from'])) {
$notifyUser->email = $content['origin_from']['email'];
$notifyUser->username = $content['origin_from']['name'];
} else {
$notifyUser->email = Cii::getConfig('notifyEmail', NULL);
$notifyUser->username = Cii::getConfig('notifyName', NULL);
}
if ($smtpHost !== NULL && $smtpHost !== "") {
$mail->Host = $smtpHost;
}
if ($smtpPort !== NULL && $smtpPort !== "") {
$mail->Port = $smtpPort;
}
if ($smtpUser !== NULL && $smtpUser !== "") {
$mail->Username = $smtpUser;
$mail->SMTPAuth = true;
}
if ($useTLS == 1) {
$mail->SMTPSecure = 'tls';
}
if ($useSSL == 1) {
$mail->SMTPSecure = 'ssl';
}
if (!empty($smtpPass)) {
$mail->Password = Cii::decrypt($smtpPass);
$mail->SMTPAuth = true;
}
if ($notifyUser->email == NULL && $notifyUser->username == NULL) {
$notifyUser = Users::model()->findByPk(1);
}
$mail->SetFrom($notifyUser->email, $notifyUser->username);
$mail->Subject = $subject;
$mail->MsgHTML($this->renderFile(Yii::getPathOfAlias($viewFile) . '.php', $content, $return, $processOutput));
$mail->AddAddress($user->email, $user->username);
try {
return $mail->Send();
} catch (phpmailerException $e) {
return $debug ? $e->errorMessage() : false;
} catch (Exception $e) {
return $debug ? $e : false;
}
return false;
}
/**
* Handle CDN related Uploads
* @return string
*/
private function _uploadCDNFile()
{
Yii::import('ext.opencloud.OpenCloud');
if (Cii::getConfig('useRackspaceCDN')) {
$openCloud = new OpenCloud(Cii::getConfig('openstack_username'), Cii::decrypt(Cii::getConfig('openstack_apikey')), true, NULL, Cii::getConfig('openstack_region'));
} else {
$openCloud = new OpenCloud(Cii::getConfig('openstack_username'), Cii::decrypt(Cii::getConfig('openstack_apikey')), false, Cii::getConfig('openstack_identity'), Cii::getConfig('openstack_region'));
}
$container = $openCloud->getContainer(Cii::getConfig('openstack_container'));
$this->_result = $openCloud->uploadFile($container);
return $this->_handleResourceUpload($this->_result['url'] . '/' . $this->_result['filename']);
}
/**
* Overload the __getter so that it checks for data in the following order
* 1) Pull From db/cache (Cii::getConfig now does caching of elements for improved performance)
* 2) Check for __protected__ property, which we consider the default vlaue
* 3) parent::__get()
*
* In order for this to work with __default__ values, the properties in classes that extend from this
* MUST be protected. If they are public it will bypass this behavior.
*
* @param mixed $name The variable name we want to retrieve from the calling class
* @return mixed
*/
public function __get($name)
{
$data = Cii::getConfig($name);
if ($data !== NULL && $data !== "" && !isset($this->attributes[$name])) {
if ($name == 'openstack_apikey') {
return Cii::decrypt($data);
}
return $data;
}
if (property_exists($this, $name)) {
if ($name == 'openstack_apikey') {
return Cii::decrypt($this->{$name});
}
return $this->{$name};
}
return parent::__get($name);
}
/**
* Generic method for sending an email. Instead of having to call a bunch of code all over over the place
* This method can be called which should be able to handle almost anything.
*
* By calling this method, the SMTP details will automatically be setup as well the notify email and user
*
* @param Users $user The User we are sending the email to
* @param string $subject The email Subject
* @param string $viewFile The view file we want to render. Generally this should be in the form //email/<file>
* And should correspond to a viewfile in /themes/<theme>/views/email/<file>
* @param array $content The content to pass to renderPartial()
* @param boolean $return Whether the output should be returned. The default is TRUE since this output will be passed to MsgHTML
* @param boolean $processOutput Whether the output should be processed. The default is TRUE since this output will be passed to MsgHTML
* @return boolean Whether or not the email sent sucessfully
*/
public function send($user, $subject = "", $viewFile, $content = array(), $return = true, $processOutput = true, $debug = false)
{
$mail = new PHPMailer($debug);
$mail->IsSMTP();
$mail->SMTPAuth = false;
$notifyUser = $this->getNotifyUser(isset($content['origin_from']) ? $content['origin_from'] : array());
if (empty($this->SMTPHost)) {
$mail->Host = $this->SMTPHost;
}
if (empty($this->SMTPPort)) {
$mail->Port = $this->SMTPPort;
}
if (empty($this->SMTPUser)) {
$mail->Username = $this->SMTPUser;
$mail->SMTPAuth = true;
}
if ($this->useTLS == 1) {
$mail->SMTPSecure = 'tls';
} else {
if ($this->useSSL == 1) {
$mail->SMTPSecure = 'ssl';
}
}
if (empty($this->SMTPPass)) {
$mail->Password = Cii::decrypt($this->SMTPPass);
$mail->SMTPAuth = true;
}
$mail->SetFrom($notifyUser->email, $notifyUser->username);
$mail->Subject = $subject;
$mail->MsgHTML($this->renderFile(Yii::getPathOfAlias($viewFile) . '.php', $content, $return, $processOutput));
$mail->AddAddress($user->email, $user->username);
try {
return $mail->Send();
} catch (phpmailerException $e) {
Yii::log($e->getMessage(), 'info', 'ciims.models.EmailSettings');
return false;
} catch (Exception $e) {
Yii::log($e->getMessage(), 'info', 'ciims.models.EmailSettings');
return false;
}
}
/**
* Handles all incoming requests for the entire site that are not previous defined in CUrlManager
* Requests come in, are verified, and then pulled from the database dynamically
* @param $id - The content ID that we want to pull from the database
* @return $this->render() - Render of page that we want to display
**/
public function actionIndex($id = NULL)
{
// Set the ReturnURL to this page so that the user can be redirected back to here after login
Yii::app()->user->setReturnUrl($this->beforeCiiAction($id));
// Retrieve the data
$content = Content::model()->findByPk($id);
if ($content->status != 1 || !$content->isPublished()) {
throw new CHttpException(404, Yii::t('ciims.controllers.Content', 'The article you specified does not exist. If you bookmarked this page, please delete it.'));
}
// Check for a password
if ($content->password != '' || Cii::decrypt($content->password) != '') {
// Check SESSION to see if a password is set
$tmpPassword = Cii::get(Cii::get(Cii::get($_SESSION, 'password', array()), $id, array()), 'password', NULL);
if ($tmpPassword != $content->password) {
$this->redirect(Yii::app()->createUrl('/content/password/' . $id));
}
}
// Parse Metadata
$this->setLayout($content->layout);
$this->setPageTitle(Yii::t('ciims.controllers.Content', '{{app_name}} | {{label}}', array('{{app_name}}' => Cii::getConfig('name', Yii::app()->name), '{{label}}' => $content->title)));
$this->params['meta']['description'] = $content->extract;
$this->render($content->view, array('id' => $content->id, 'data' => $content, 'meta' => $content->parseMeta($content->metadata), 'comments' => Cii::getConfig('useDisqusComments') ? NULL : Comments::model()->countByAttributes(array('content_id' => $content->id, 'approved' => 1))));
}
/**
* passwordFieldRow provides a password box that decrypts the database stored value since it will be encrypted in the db
* @param CiiSettingsModel $model The model that we are operating on
* @param string $property The name of the property we are working with
* @param array $htmlOptions An array of HTML Options
* @param CValidator $validators The Validator(s) for this property
* Since we already have it, it's worth passing through
*/
public function passwordFieldRow($model, $property, $htmlOptions = array(), $validators = NULL)
{
$htmlOptions['value'] = Cii::decrypt($model->{$property});
$htmlOptions['type'] = 'password';
$htmlOptions['id'] = get_class($model) . '_' . $property;
$htmlOptions['name'] = get_class($model) . '[' . $property . ']';
echo CHtml::tag('label', array(), $model->getAttributeLabel($property) . (Cii::get($htmlOptions, 'required', false) ? CHtml::tag('span', array('class' => 'required'), ' *') : NULL));
echo CHtml::tag('input', $htmlOptions);
}
/**
* Generic method for sending an email. Instead of having to call a bunch of code all over over the place
* This method can be called which should be able to handle almost anything.
*
* By calling this method, the SMTP details will automatically be setup as well the notify email and user
*
* @param Users $user The User we are sending the email to
* @param string $subject The email Subject
* @param string $viewFile The view file we want to render. Generally this should be in the form //email/<file>
* And should correspond to a viewfile in /themes/<theme>/views/email/<file>
* @param array $content The content to pass to renderPartial()
* @param boolean $return Whether the output should be returned. The default is TRUE since this output will be passed to MsgHTML
* @param boolean $processOutput Whether the output should be processed. The default is TRUE since this output will be passed to MsgHTML
* @return boolean Whether or not the email sent sucessfully
*/
public function sendEmail($user, $subject = "", $viewFile, $content = array(), $return = true, $processOutput = true)
{
Yii::import('application.extensions.phpmailer.JPhpMailer');
$mail = new JPhpMailer();
$mail->IsSMTP();
$mail->SMTPAuth = false;
$smtpHost = Cii::getConfig('SMTPHost', NULL);
$smtpPort = Cii::getConfig('SMTPPort', NULL);
$smtpUser = Cii::getConfig('SMTPUser', NULL);
$smtpPass = Cii::getConfig('SMTPPass', NULL);
$notifyUser = new stdClass();
$notifyUser->email = Cii::getConfig('notifyEmail', NULL);
$notifyUser->displayName = Cii::getConfig('notifyName', NULL);
if ($smtpHost !== NULL && $smtpHost !== "") {
$mail->Host = $smtpHost;
}
if ($smtpPort !== NULL && $smtpPort !== "") {
$mail->Port = $smtpPort;
}
if ($smtpUser !== NULL && $smtpUser !== "") {
$mail->Username = $smtpUser;
$mail->SMTPAuth = true;
}
if ($smtpPass !== NULL && $smtpPass !== "" && Cii::decrypt($smtpPass) != "") {
$mail->Password = Cii::decrypt($smtpPass);
$mail->SMTPAuth = true;
}
if ($notifyUser->email == NULL && $notifyUser->displayName == NULL) {
$notifyUser = Users::model()->findByPk(1);
}
$mail->SetFrom($notifyUser->email, $notifyUser->displayName);
$mail->Subject = $subject;
$mail->MsgHTML($this->renderPartial($viewFile, $content, $return, $processOutput));
$mail->AddAddress($user->email, $user->displayName);
try {
return $mail->Send();
} catch (Exception $e) {
return false;
}
return false;
}
echo !$canPublish ? NULL : $form->dropDownListRow($model, 'type_id', array(2 => Yii::t('Dashboard.views', 'Blog Post'), 1 => Yii::t('Dashboard.views', 'Page')), $htmlOptions);
?>
</div>
<div class="pure-control-group">
<?php
echo !$canPublish ? NULL : $form->dropDownListRow($model, 'view', $views, array('class' => 'pure-input-2-3', 'options' => array($model->view => array('selected' => true))));
?>
</div>
<div class="pure-control-group">
<?php
echo !$canPublish ? NULL : $form->dropDownListRow($model, 'layout', $layouts, array('class' => 'pure-input-2-3', 'options' => array($model->layout => array('selected' => true))));
?>
</div>
<div class="pure-control-group">
<?php
echo !$canPublish ? NULL : $form->textFieldRow($model, 'password', array('class' => 'pure-input-2-3', 'maxlength' => 150, 'placeholder' => Yii::t('Dashboard.views', 'Password (Optional)'), 'value' => Cii::decrypt($model->password)));
?>
</div>
<div class="pure-control-group">
<?php
echo !$canPublish ? NULL : $form->textFieldRow($model, 'slug', array('class' => 'pure-input-2-3', 'maxlength' => 150, 'placeholder' => Yii::t('Dashboard.views', 'Slug')));
?>
</div>
<div class="pure-control-group">
<?php
echo $form->textField($model, 'tagsFlat', array('id' => 'tags'));
?>
</div>
<div class="pure-control-group">
<label for="extract" class="left-label"><?php
echo $model->getAttributeLabel('extract');
/**
* Validates the users two factor authentication code
* @return boolean
*/
private function validateTwoFactorCode()
{
$otpSeed = $this->getUser()->getMetadataObject('OTPSeed', false)->value;
if ($otpSeed === false) {
return false;
}
$otplib = new TOTP(Cii::decrypt($otpSeed));
return $otplib->validate($this->twoFactorCode);
}
/**
* Retrieves all articles that are published and not password protected
*/
private function getAllContent()
{
$model = new Content('Search');
$model->unsetAttributes();
// clear any default values
unset($_GET['password']);
unset($_GET['like_count']);
unset($_GET['comment_count']);
if (!empty($_GET)) {
$model->attributes = $_GET;
}
// A list of attributes that we want to hide
$attributes = array('password', 'like_count', 'comment_count');
$model->status = 1;
$response = array();
foreach ($model->search()->getData() as $content) {
if ($content->isPublished() && ($content->password == "" || Cii::decrypt($content->password) == "")) {
$response[] = $content->getApiAttributes($attributes);
}
}
return $response;
}
