public function setVDMCryption()
{
// make sure we have the correct file
if (isset($this->componentData->whmcs_key) && ComponentbuilderHelper::checkString($this->componentData->whmcs_key)) {
// Get the basic encription.
$basickey = ComponentbuilderHelper::getCryptKey('basic');
// Get the encription object.
$basic = new FOFEncryptAes($basickey, 128);
if (!empty($this->componentData->whmcs_key) && $basickey && !is_numeric($this->componentData->whmcs_key) && $this->componentData->whmcs_key === base64_encode(base64_decode($this->componentData->whmcs_key, true))) {
// basic decript data whmcs_key.
$this->componentData->whmcs_key = rtrim($basic->decryptString($this->componentData->whmcs_key), "");
// set the needed string to connect to whmcs
$key["kasier"] = $this->componentData->whmcs_url;
$key["geheim"] = $this->componentData->whmcs_key;
$key["onthou"] = 1;
// prep the call info
$theKey = base64_encode(serialize($key));
// set the script
$encrypt[] = "/**";
$encrypt[] = "* " . $this->setLine(__LINE__) . "VDM Class ";
$encrypt[] = "**/";
$encrypt[] = "\nclass VDM";
$encrypt[] = "{";
$encrypt[] = "\tpublic \$_key = false;";
$encrypt[] = "\tpublic \$_is = false;";
$encrypt[] = "\t";
$encrypt[] = "\tpublic function __construct(\$Vk5smi0wjnjb)";
$encrypt[] = "\t{";
$encrypt[] = "\t\t// get the session";
$encrypt[] = "\t\t\$session = JFactory::getSession();";
$encrypt[] = "\t\t\$V2uekt2wcgwk = \$session->get(\$Vk5smi0wjnjb, null);";
$encrypt[] = "\t\t\$h4sgrGsqq = \$this->get(\$Vk5smi0wjnjb,\$V2uekt2wcgwk);";
$encrypt[] = "\t\tif (isset(\$h4sgrGsqq['nuut']) && \$h4sgrGsqq['nuut'] && (isset(\$h4sgrGsqq['status']) && 'Active' == \$h4sgrGsqq['status']) && isset(\$h4sgrGsqq['eiegrendel']) && strlen(\$h4sgrGsqq['eiegrendel']) > 300)";
$encrypt[] = "\t\t{";
$encrypt[] = "\t\t\t\$session->set(\$Vk5smi0wjnjb, \$h4sgrGsqq['eiegrendel']);";
$encrypt[] = "\t\t}";
$encrypt[] = "\t\tif ((isset(\$h4sgrGsqq['status']) && 'Active' == \$h4sgrGsqq['status']) && isset(\$h4sgrGsqq['md5hash']) && strlen(\$h4sgrGsqq['md5hash']) == 32 && isset(\$h4sgrGsqq['customfields']) && strlen(\$h4sgrGsqq['customfields']) > 4)";
$encrypt[] = "\t\t{";
$encrypt[] = "\t\t\t\$this->_key = md5(\$h4sgrGsqq['customfields']);";
$encrypt[] = "\t\t}";
$encrypt[] = "\t\tif ((isset(\$h4sgrGsqq['status']) && 'Active' == \$h4sgrGsqq['status']) && isset(\$h4sgrGsqq['md5hash']) && strlen(\$h4sgrGsqq['md5hash']) == 32 )";
$encrypt[] = "\t\t{";
$encrypt[] = "\t\t\t\$this->_is = true;";
$encrypt[] = "\t\t}";
$encrypt[] = "\t}";
$encrypt[] = "\t";
$encrypt[] = "\tprivate function get(\$Vk5smi0wjnjb,\$V2uekt2wcgwk)";
$encrypt[] = "\t{";
$encrypt[] = "\t\t\$Viioj50xuqu2 = unserialize(base64_decode('" . $theKey . "'));";
$encrypt[] = "\t\t\$Visqfrd1caus = time() . md5(mt_rand(1000000000, 9999999999) . \$Vk5smi0wjnjb);";
$encrypt[] = "\t\t\$Vo4tezfgcf3e = date(\"Ymd\");";
$encrypt[] = "\t\t\$Vozblwvfym2f = \$_SERVER['SERVER_NAME'];";
$encrypt[] = "\t\t\$Vozblwvfym2fdie = isset(\$_SERVER['SERVER_ADDR']) ? \$_SERVER['SERVER_ADDR'] : \$_SERVER['LOCAL_ADDR'];";
$encrypt[] = "\t\t\$V343jp03dxco = dirname(__FILE__);";
$encrypt[] = "\t\t\$Vc2rayehw4f0 = unserialize(base64_decode('czozNjoibW9kdWxlcy9zZXJ2ZXJzL2xpY2Vuc2luZy92ZXJpZnkucGhwIjs='));";
$encrypt[] = "\t\t\$Vlpolphukogz = false;";
$encrypt[] = "\t\tif (\$V2uekt2wcgwk) {";
$encrypt[] = "\t\t\t\$V2uekt2wcgwk = str_replace(\"" . '\\n' . "\", '', \$V2uekt2wcgwk);";
$encrypt[] = "\t\t\t\$Vm5cxjdc43g4 = substr(\$V2uekt2wcgwk, 0, strlen(\$V2uekt2wcgwk) - 32);";
$encrypt[] = "\t\t\t\$Vbgx0efeu2sy = substr(\$V2uekt2wcgwk, strlen(\$V2uekt2wcgwk) - 32);";
$encrypt[] = "\t\t\tif (\$Vbgx0efeu2sy == md5(\$Vm5cxjdc43g4 . \$Viioj50xuqu2['geheim'])) {";
$encrypt[] = "\t\t\t\t\$Vm5cxjdc43g4 = strrev(\$Vm5cxjdc43g4);";
$encrypt[] = "\t\t\t\t\$Vbgx0efeu2sy = substr(\$Vm5cxjdc43g4, 0, 32);";
$encrypt[] = "\t\t\t\t\$Vm5cxjdc43g4 = substr(\$Vm5cxjdc43g4, 32);";
$encrypt[] = "\t\t\t\t\$Vm5cxjdc43g4 = base64_decode(\$Vm5cxjdc43g4);";
$encrypt[] = "\t\t\t\t\$Vm5cxjdc43g4finding = unserialize(\$Vm5cxjdc43g4);";
$encrypt[] = "\t\t\t\t\$V3qqz0p00fbq = \$Vm5cxjdc43g4finding['dan'];";
$encrypt[] = "\t\t\t\tif (\$Vbgx0efeu2sy == md5(\$V3qqz0p00fbq . \$Viioj50xuqu2['geheim'])) {";
$encrypt[] = "\t\t\t\t\t\$Vbfbwv2y4kre = date(\"Ymd\", mktime(0, 0, 0, date(\"m\"), date(\"d\") - \$Viioj50xuqu2['onthou'], date(\"Y\")));";
$encrypt[] = "\t\t\t\t\tif (\$V3qqz0p00fbq > \$Vbfbwv2y4kre) {";
$encrypt[] = "\t\t\t\t\t\t\$Vlpolphukogz = true;";
$encrypt[] = "\t\t\t\t\t\t\$Vwasqoybpyed = \$Vm5cxjdc43g4finding;";
$encrypt[] = "\t\t\t\t\t\t\$Vcixw3trerrt = explode(',', \$Vwasqoybpyed['validdomain']);";
$encrypt[] = "\t\t\t\t\t\tif (!in_array(\$_SERVER['SERVER_NAME'], \$Vcixw3trerrt)) {";
$encrypt[] = "\t\t\t\t\t\t\t\$Vlpolphukogz = false;";
$encrypt[] = "\t\t\t\t\t\t\t\$Vm5cxjdc43g4finding['status'] = \"sleg\";";
$encrypt[] = "\t\t\t\t\t\t\t\$Vwasqoybpyed = array();";
$encrypt[] = "\t\t\t\t\t\t}";
$encrypt[] = "\t\t\t\t\t\t\$Vkni3xyhkqzv = explode(',', \$Vwasqoybpyed['validip']);";
$encrypt[] = "\t\t\t\t\t\tif (!in_array(\$Vozblwvfym2fdie, \$Vkni3xyhkqzv)) {";
$encrypt[] = "\t\t\t\t\t\t\t\$Vlpolphukogz = false;";
$encrypt[] = "\t\t\t\t\t\t\t\$Vm5cxjdc43g4finding['status'] = \"sleg\";";
$encrypt[] = "\t\t\t\t\t\t\t\$Vwasqoybpyed = array();";
$encrypt[] = "\t\t\t\t\t\t}";
$encrypt[] = "\t\t\t\t\t\t\$Vckfvnepoaxj = explode(',', \$Vwasqoybpyed['validdirectory']);";
$encrypt[] = "\t\t\t\t\t\tif (!in_array(\$V343jp03dxco, \$Vckfvnepoaxj)) {";
$encrypt[] = "\t\t\t\t\t\t\t\$Vlpolphukogz = false;";
$encrypt[] = "\t\t\t\t\t\t\t\$Vm5cxjdc43g4finding['status'] = \"sleg\";";
$encrypt[] = "\t\t\t\t\t\t\t\$Vwasqoybpyed = array();";
$encrypt[] = "\t\t\t\t\t\t}";
$encrypt[] = "\t\t\t\t\t}";
$encrypt[] = "\t\t\t\t}";
$encrypt[] = "\t\t\t}";
$encrypt[] = "\t\t}";
$encrypt[] = "\t\tif (!\$Vlpolphukogz) {";
$encrypt[] = "\t\t\t\$V1u0c4dl3ehp = array(";
$encrypt[] = "\t\t\t\t'licensekey' => \$Vk5smi0wjnjb,";
$encrypt[] = "\t\t\t\t'domain' => \$Vozblwvfym2f,";
$encrypt[] = "\t\t\t\t'ip' => \$Vozblwvfym2fdie,";
$encrypt[] = "\t\t\t\t'dir' => \$V343jp03dxco,";
$encrypt[] = "\t\t\t);";
$encrypt[] = "\t\t\tif (\$Visqfrd1caus) \$V1u0c4dl3ehp['check_token'] = \$Visqfrd1caus;";
$encrypt[] = "\t\t\t\$Vdsjeyjmpq2o = '';";
$encrypt[] = "\t\t\tforeach (\$V1u0c4dl3ehp AS \$V2sgyscukmgi=>\$V1u00zkzmb1d) {";
$encrypt[] = "\t\t\t\t\$Vdsjeyjmpq2o .= \$V2sgyscukmgi.'='.urlencode(\$V1u00zkzmb1d).'&';";
$encrypt[] = "\t\t\t}";
$encrypt[] = "\t\t\tif (function_exists('curl_exec')) {";
$encrypt[] = "\t\t\t\t\$Vdathuqgjyf0 = curl_init();";
$encrypt[] = "\t\t\t\tcurl_setopt(\$Vdathuqgjyf0, CURLOPT_URL, \$Viioj50xuqu2['kasier'] . \$Vc2rayehw4f0);";
$encrypt[] = "\t\t\t\tcurl_setopt(\$Vdathuqgjyf0, CURLOPT_POST, 1);";
$encrypt[] = "\t\t\t\tcurl_setopt(\$Vdathuqgjyf0, CURLOPT_POSTFIELDS, \$Vdsjeyjmpq2o);";
$encrypt[] = "\t\t\t\tcurl_setopt(\$Vdathuqgjyf0, CURLOPT_TIMEOUT, 30);";
$encrypt[] = "\t\t\t\tcurl_setopt(\$Vdathuqgjyf0, CURLOPT_RETURNTRANSFER, 1);";
$encrypt[] = "\t\t\t\t\$Vqojefyeohg5 = curl_exec(\$Vdathuqgjyf0);";
$encrypt[] = "\t\t\t\tcurl_close(\$Vdathuqgjyf0);";
$encrypt[] = "\t\t\t} else {";
$encrypt[] = "\t\t\t\t\$Vrpmu4bvnmkp = fsockopen(\$Viioj50xuqu2['kasier'], 80, \$Vc0t5kmpwkwk, \$Va3g41fnofhu, 5);";
$encrypt[] = "\t\t\t\tif (\$Vrpmu4bvnmkp) {";
$encrypt[] = "\t\t\t\t\t\$Vznkm0a0me1y = \"\r\n\";";
$encrypt[] = "\t\t\t\t\t\$V2sgyscukmgiop = \"POST \".\$Viioj50xuqu2['kasier'] . \$Vc2rayehw4f0 . \" HTTP/1.0\" . \$Vznkm0a0me1y;";
$encrypt[] = "\t\t\t\t\t\$V2sgyscukmgiop .= \"Host: \".\$Viioj50xuqu2['kasier'] . \$Vznkm0a0me1y;";
$encrypt[] = "\t\t\t\t\t\$V2sgyscukmgiop .= \"Content-type: application/x-www-form-urlencoded\" . \$Vznkm0a0me1y;";
$encrypt[] = "\t\t\t\t\t\$V2sgyscukmgiop .= \"Content-length: \".@strlen(\$Vdsjeyjmpq2o) . \$Vznkm0a0me1y;";
$encrypt[] = "\t\t\t\t\t\$V2sgyscukmgiop .= \"Connection: close\" . \$Vznkm0a0me1y . \$Vznkm0a0me1y;";
$encrypt[] = "\t\t\t\t\t\$V2sgyscukmgiop .= \$Vdsjeyjmpq2o;";
$encrypt[] = "\t\t\t\t\t\$Vqojefyeohg5 = '';";
$encrypt[] = "\t\t\t\t\t@stream_set_timeout(\$Vrpmu4bvnmkp, 20);";
$encrypt[] = "\t\t\t\t\t@fputs(\$Vrpmu4bvnmkp, \$V2sgyscukmgiop);";
$encrypt[] = "\t\t\t\t\t\$V2czq24pjexf = @socket_get_status(\$Vrpmu4bvnmkp);";
$encrypt[] = "\t\t\t\t\twhile (!@feof(\$Vrpmu4bvnmkp)&&\$V2czq24pjexf) {";
$encrypt[] = "\t\t\t\t\t\t\$Vqojefyeohg5 .= @fgets(\$Vrpmu4bvnmkp, 1024);";
$encrypt[] = "\t\t\t\t\t\t\$V2czq24pjexf = @socket_get_status(\$Vrpmu4bvnmkp);";
$encrypt[] = "\t\t\t\t\t}";
$encrypt[] = "\t\t\t\t\t@fclose (\$Vqojefyeohg5);";
$encrypt[] = "\t\t\t\t}";
$encrypt[] = "\t\t\t}";
$encrypt[] = "\t\t\tif (!\$Vqojefyeohg5) {";
$encrypt[] = "\t\t\t\t\$Vbfbwv2y4kre = date(\"Ymd\", mktime(0, 0, 0, date(\"m\"), date(\"d\") - \$Viioj50xuqu2['onthou'], date(\"Y\")));";
$encrypt[] = "\t\t\t\tif (isset(\$V3qqz0p00fbq) && \$V3qqz0p00fbq > \$Vbfbwv2y4kre) {";
$encrypt[] = "\t\t\t\t\t\$Vwasqoybpyed = \$Vm5cxjdc43g4finding;";
$encrypt[] = "\t\t\t\t} else {";
$encrypt[] = "\t\t\t\t\t\$Vwasqoybpyed = array();";
$encrypt[] = "\t\t\t\t\t\$Vwasqoybpyed['status'] = \"sleg\";";
$encrypt[] = "\t\t\t\t\t\$Vwasqoybpyed['description'] = \"Remote Check Failed\";";
$encrypt[] = "\t\t\t\t\treturn \$Vwasqoybpyed;";
$encrypt[] = "\t\t\t\t}";
$encrypt[] = "\t\t\t} else {";
$encrypt[] = "\t\t\t\tpreg_match_all('" . '/<(.*?)>([^<]+)<\\/\\1>/i' . "', \$Vqojefyeohg5, \$V1ot20wob03f);";
$encrypt[] = "\t\t\t\t\$Vwasqoybpyed = array();";
$encrypt[] = "\t\t\t\tforeach (\$V1ot20wob03f[1] AS \$V2sgyscukmgi=>\$V1u00zkzmb1d) {";
$encrypt[] = "\t\t\t\t\t\$Vwasqoybpyed[\$V1u00zkzmb1d] = \$V1ot20wob03f[2][\$V2sgyscukmgi];";
$encrypt[] = "\t\t\t\t}";
$encrypt[] = "\t\t\t}";
$encrypt[] = "\t\t\tif (!is_array(\$Vwasqoybpyed)) {";
$encrypt[] = "\t\t\t\tdie(\"Invalid License Server Response\");";
$encrypt[] = "\t\t\t}";
$encrypt[] = "\t\t\tif (isset(\$Vwasqoybpyed['md5hash']) && \$Vwasqoybpyed['md5hash']) {";
$encrypt[] = "\t\t\t\tif (\$Vwasqoybpyed['md5hash'] != md5(\$Viioj50xuqu2['geheim'] . \$Visqfrd1caus)) {";
$encrypt[] = "\t\t\t\t\t\$Vwasqoybpyed['status'] = \"sleg\";";
$encrypt[] = "\t\t\t\t\t\$Vwasqoybpyed['description'] = \"MD5 Checksum Verification Failed\";";
$encrypt[] = "\t\t\t\t\treturn \$Vwasqoybpyed;";
$encrypt[] = "\t\t\t\t}";
$encrypt[] = "\t\t\t}";
$encrypt[] = "\t\t\tif (isset(\$Vwasqoybpyed['status']) && \$Vwasqoybpyed['status'] == \"Active\") {";
$encrypt[] = "\t\t\t\t\$Vwasqoybpyed['dan'] = \$Vo4tezfgcf3e;";
$encrypt[] = "\t\t\t\t\$Vqojefyeohg5ing = serialize(\$Vwasqoybpyed);";
$encrypt[] = "\t\t\t\t\$Vqojefyeohg5ing = base64_encode(\$Vqojefyeohg5ing);";
$encrypt[] = "\t\t\t\t\$Vqojefyeohg5ing = md5(\$Vo4tezfgcf3e . \$Viioj50xuqu2['geheim']) . \$Vqojefyeohg5ing;";
$encrypt[] = "\t\t\t\t\$Vqojefyeohg5ing = strrev(\$Vqojefyeohg5ing);";
$encrypt[] = "\t\t\t\t\$Vqojefyeohg5ing = \$Vqojefyeohg5ing . md5(\$Vqojefyeohg5ing . \$Viioj50xuqu2['geheim']);";
$encrypt[] = "\t\t\t\t\$Vqojefyeohg5ing = wordwrap(\$Vqojefyeohg5ing, 80, \"" . '\\n' . "\", true);";
$encrypt[] = "\t\t\t\t\$Vwasqoybpyed['eiegrendel'] = \$Vqojefyeohg5ing;";
$encrypt[] = "\t\t\t}";
$encrypt[] = "\t\t\t\$Vwasqoybpyed['nuut'] = true;";
$encrypt[] = "\t\t}";
$encrypt[] = "\t\tunset(\$V1u0c4dl3ehp,\$Vqojefyeohg5,\$V1ot20wob03f,\$Viioj50xuqu2['kasier'],\$Viioj50xuqu2['geheim'],\$Vo4tezfgcf3e,\$Vozblwvfym2fdie,\$Viioj50xuqu2['onthou'],\$Vbgx0efeu2sy);";
$encrypt[] = "\t\treturn \$Vwasqoybpyed;";
$encrypt[] = "\t}";
$encrypt[] = "}";
// return the help methods
return implode("\n", $encrypt);
}
}
return '';
}
/**
* Returns the one time password (OTP) – a.k.a. two factor authentication –
* configuration for a particular user.
*
* @param integer $user_id The numeric ID of the user
*
* @return stdClass An object holding the OTP configuration for this user
*
* @since 3.2
*/
public function getOtpConfig($user_id = null)
{
$user_id = !empty($user_id) ? $user_id : (int) $this->getState('user.id');
// Initialise
$otpConfig = (object) array('method' => 'none', 'config' => array(), 'otep' => array());
/**
* Get the raw data, without going through JUser (required in order to
* be able to modify the user record before logging in the user).
*/
$db = $this->getDbo();
$query = $db->getQuery(true)->select('*')->from($db->qn('#__users'))->where($db->qn('id') . ' = ' . $db->q($user_id));
$db->setQuery($query);
$item = $db->loadObject();
// Make sure this user does have OTP enabled
if (empty($item->otpKey)) {
return $otpConfig;
}
// Get the encrypted data
list($method, $encryptedConfig) = explode(':', $item->otpKey, 2);
$encryptedOtep = $item->otep;
// Create an encryptor class
$key = $this->getOtpConfigEncryptionKey();
$aes = new FOFEncryptAes($key, 256);
// Decrypt the data
$decryptedConfig = $aes->decryptString($encryptedConfig);
$decryptedOtep = $aes->decryptString($encryptedOtep);
// Remove the null padding added during encryption
$decryptedConfig = rtrim($decryptedConfig, "");
$decryptedOtep = rtrim($decryptedOtep, "");
// Update the configuration object
$otpConfig->method = $method;
$otpConfig->config = @json_decode($decryptedConfig);
$otpConfig->otep = @json_decode($decryptedOtep);
/*
* If the decryption failed for any reason we essentially disable the
* two-factor authentication. This prevents impossible to log in sites
* if the site admin changes the site secret for any reason.
*/
if (is_null($otpConfig->config)) {
$otpConfig->config = array();
}
if (is_object($otpConfig->config)) {
$otpConfig->config = (array) $otpConfig->config;
}
if (is_null($otpConfig->otep)) {
$otpConfig->otep = array();
}
if (is_object($otpConfig->otep)) {
$otpConfig->otep = (array) $otpConfig->otep;
}
// Return the configuration object
return $otpConfig;
}
/**
* Method to get list export data.
*
* @return mixed An array of data items on success, false on failure.
*/
public function getExportData($pks)
{
// setup the query
if (ComponentbuilderHelper::checkArray($pks)) {
// Set a value to know this is exporting method.
$_export = true;
// Get the user object.
$user = JFactory::getUser();
// Create a new query object.
$db = JFactory::getDBO();
$query = $db->getQuery(true);
// Select some fields
$query->select('a.*');
// From the componentbuilder_component table
$query->from($db->quoteName('#__componentbuilder_component', 'a'));
$query->where('a.id IN (' . implode(',', $pks) . ')');
// Implement View Level Access
if (!$user->authorise('core.options', 'com_componentbuilder')) {
$groups = implode(',', $user->getAuthorisedViewLevels());
$query->where('a.access IN (' . $groups . ')');
}
// Order the results by ordering
$query->order('a.ordering ASC');
// Load the items
$db->setQuery($query);
$db->execute();
if ($db->getNumRows()) {
$items = $db->loadObjectList();
// Get the basic encription key.
$basickey = ComponentbuilderHelper::getCryptKey('basic');
// Get the encription object.
$basic = new FOFEncryptAes($basickey, 128);
// set values to display correctly.
if (ComponentbuilderHelper::checkArray($items)) {
foreach ($items as $nr => &$item) {
// decode php_helper_site
$item->php_helper_site = base64_decode($item->php_helper_site);
// decode php_helper_admin
$item->php_helper_admin = base64_decode($item->php_helper_admin);
if ($basickey && !is_numeric($item->update_server_ftp) && $item->update_server_ftp === base64_encode(base64_decode($item->update_server_ftp, true))) {
// decrypt update_server_ftp
$item->update_server_ftp = $basic->decryptString($item->update_server_ftp);
}
// decode sql
$item->sql = base64_decode($item->sql);
// decode php_admin_event
$item->php_admin_event = base64_decode($item->php_admin_event);
// decode php_site_event
$item->php_site_event = base64_decode($item->php_site_event);
// decode php_dashboard_methods
$item->php_dashboard_methods = base64_decode($item->php_dashboard_methods);
if ($basickey && !is_numeric($item->whmcs_key) && $item->whmcs_key === base64_encode(base64_decode($item->whmcs_key, true))) {
// decrypt whmcs_key
$item->whmcs_key = $basic->decryptString($item->whmcs_key);
}
// decode css
$item->css = base64_decode($item->css);
// decode php_preflight_install
$item->php_preflight_install = base64_decode($item->php_preflight_install);
// decode php_preflight_update
$item->php_preflight_update = base64_decode($item->php_preflight_update);
// decode php_postflight_install
$item->php_postflight_install = base64_decode($item->php_postflight_install);
// decode php_postflight_update
$item->php_postflight_update = base64_decode($item->php_postflight_update);
// decode php_method_uninstall
$item->php_method_uninstall = base64_decode($item->php_method_uninstall);
// decode readme
$item->readme = base64_decode($item->readme);
if ($basickey && !is_numeric($item->sales_server_ftp) && $item->sales_server_ftp === base64_encode(base64_decode($item->sales_server_ftp, true))) {
// decrypt sales_server_ftp
$item->sales_server_ftp = $basic->decryptString($item->sales_server_ftp);
}
// unset the values we don't want exported.
unset($item->asset_id);
unset($item->checked_out);
unset($item->checked_out_time);
}
}
// Add headers to items array.
$headers = $this->getExImPortHeaders();
if (ComponentbuilderHelper::checkObject($headers)) {
array_unshift($items, $headers);
}
return $items;
}
}
return false;
}
/**
* Decrypts a transparent authentication message using a TOTP
*
* @param string $encryptedData The encrypted data
*
* @return array The decrypted data
*/
private function _decryptWithTOTP($encryptedData)
{
if (empty($this->fofAuth_Key)) {
$this->_fofAuth_CryptoKey = null;
return null;
}
$totp = new FOFEncryptTotp($this->fofAuth_timeStep);
$period = $totp->getPeriod();
$period--;
for ($i = 0; $i <= 2; $i++) {
$time = ($period + $i) * $this->fofAuth_timeStep;
$otp = $totp->getCode($this->fofAuth_Key, $time);
$this->_fofAuth_CryptoKey = hash('sha256', $this->fofAuth_Key . $otp);
$aes = new FOFEncryptAes($this->_fofAuth_CryptoKey);
$ret = $aes->decryptString($encryptedData);
$ret = rtrim($ret, "");
$ret = json_decode($ret, true);
if (!is_array($ret)) {
continue;
}
if (!array_key_exists('username', $ret)) {
continue;
}
if (!array_key_exists('password', $ret)) {
continue;
}
// Successful decryption!
return $ret;
}
// Obviously if we're here we could not decrypt anything. Bail out.
$this->_fofAuth_CryptoKey = null;
return null;
}
/**
* Retrieves the user's one time password settings
*
* @since 1.3
* @access public
* @param string
* @return
*/
public function getOtpConfig()
{
static $cache = array();
if (!isset($cache[$this->id])) {
$otpConfig = new stdClass();
$otpConfig->method = 'none';
$otpConfig->config = array();
$otpConfig->otep = array();
// Ensure the user has an otp set
if (!$this->otpKey) {
$cache[$this->id] = $otpConfig;
return $cache[$this->id];
}
// Get the encrypted data
list($method, $encryptedConfig) = explode(':', $this->otpKey, 2);
$encryptedOtep = $this->otep;
// Create an encryptor class
$key = FD::jConfig()->getValue('secret');
$aes = new FOFEncryptAes($key, 256);
// Decrypt the data
$decryptedConfig = $aes->decryptString($encryptedConfig);
$decryptedOtep = $aes->decryptString($encryptedOtep);
// Remove the null padding added during encryption
$decryptedConfig = rtrim($decryptedConfig, "");
$decryptedOtep = rtrim($decryptedOtep, "");
// Update the configuration object
$otpConfig->method = $method;
$otpConfig->config = @json_decode($decryptedConfig);
$otpConfig->otep = @json_decode($decryptedOtep);
/*
* If the decryption failed for any reason we essentially disable the
* two-factor authentication. This prevents impossible to log in sites
* if the site admin changes the site secret for any reason.
*/
if (is_null($otpConfig->config)) {
$otpConfig->config = array();
}
if (is_object($otpConfig->config)) {
$otpConfig->config = (array) $otpConfig->config;
}
if (is_null($otpConfig->otep)) {
$otpConfig->otep = array();
}
if (is_object($otpConfig->otep)) {
$otpConfig->otep = (array) $otpConfig->otep;
}
$cache[$this->id] = $otpConfig;
}
return $cache[$this->id];
}
/**
* Method to get a single record.
*
* @param integer $pk The id of the primary key.
*
* @return mixed Object on success, false on failure.
*
* @since 1.6
*/
public function getItem($pk = null)
{
if ($item = parent::getItem($pk)) {
if (!empty($item->params)) {
// Convert the params field to an array.
$registry = new Registry();
$registry->loadString($item->params);
$item->params = $registry->toArray();
}
if (!empty($item->metadata)) {
// Convert the metadata field to an array.
$registry = new Registry();
$registry->loadString($item->metadata);
$item->metadata = $registry->toArray();
}
if (!empty($item->php_helper_site)) {
// base64 Decode php_helper_site.
$item->php_helper_site = base64_decode($item->php_helper_site);
}
if (!empty($item->php_helper_admin)) {
// base64 Decode php_helper_admin.
$item->php_helper_admin = base64_decode($item->php_helper_admin);
}
if (!empty($item->sql)) {
// base64 Decode sql.
$item->sql = base64_decode($item->sql);
}
if (!empty($item->php_admin_event)) {
// base64 Decode php_admin_event.
$item->php_admin_event = base64_decode($item->php_admin_event);
}
if (!empty($item->php_site_event)) {
// base64 Decode php_site_event.
$item->php_site_event = base64_decode($item->php_site_event);
}
if (!empty($item->php_dashboard_methods)) {
// base64 Decode php_dashboard_methods.
$item->php_dashboard_methods = base64_decode($item->php_dashboard_methods);
}
if (!empty($item->css)) {
// base64 Decode css.
$item->css = base64_decode($item->css);
}
if (!empty($item->php_preflight_install)) {
// base64 Decode php_preflight_install.
$item->php_preflight_install = base64_decode($item->php_preflight_install);
}
if (!empty($item->php_preflight_update)) {
// base64 Decode php_preflight_update.
$item->php_preflight_update = base64_decode($item->php_preflight_update);
}
if (!empty($item->php_postflight_install)) {
// base64 Decode php_postflight_install.
$item->php_postflight_install = base64_decode($item->php_postflight_install);
}
if (!empty($item->php_postflight_update)) {
// base64 Decode php_postflight_update.
$item->php_postflight_update = base64_decode($item->php_postflight_update);
}
if (!empty($item->php_method_uninstall)) {
// base64 Decode php_method_uninstall.
$item->php_method_uninstall = base64_decode($item->php_method_uninstall);
}
if (!empty($item->readme)) {
// base64 Decode readme.
$item->readme = base64_decode($item->readme);
}
// Get the basic encription.
$basickey = ComponentbuilderHelper::getCryptKey('basic');
// Get the encription object.
$basic = new FOFEncryptAes($basickey, 128);
if (!empty($item->update_server_ftp) && $basickey && !is_numeric($item->update_server_ftp) && $item->update_server_ftp === base64_encode(base64_decode($item->update_server_ftp, true))) {
// basic decript data update_server_ftp.
$item->update_server_ftp = rtrim($basic->decryptString($item->update_server_ftp), "");
}
if (!empty($item->whmcs_key) && $basickey && !is_numeric($item->whmcs_key) && $item->whmcs_key === base64_encode(base64_decode($item->whmcs_key, true))) {
// basic decript data whmcs_key.
$item->whmcs_key = rtrim($basic->decryptString($item->whmcs_key), "");
}
if (!empty($item->sales_server_ftp) && $basickey && !is_numeric($item->sales_server_ftp) && $item->sales_server_ftp === base64_encode(base64_decode($item->sales_server_ftp, true))) {
// basic decript data sales_server_ftp.
$item->sales_server_ftp = rtrim($basic->decryptString($item->sales_server_ftp), "");
}
if (!empty($item->id)) {
$item->tags = new JHelperTags();
$item->tags->getTagIds($item->id, 'com_componentbuilder.component');
}
}
$this->idvvvv = $item->addadmin_views;
$this->idvvvw = $item->addsite_views;
return $item;
}
/**
* Method to get article data.
*
* @param integer $pk The id of the article.
*
* @return mixed Menu item data object on success, false on failure.
*/
public function getItem($pk = null)
{
$this->user = JFactory::getUser();
// check if this user has permission to access item
if (!$this->user->authorise('site.companyresults.access', 'com_costbenefitprojection')) {
$app = JFactory::getApplication();
$app->enqueueMessage(JText::_('Not authorised!'), 'error');
// redirect away if not a correct (TODO for now we go to default view)
$app->redirect(JRoute::_('index.php?option=com_costbenefitprojection&view=cpanel'));
return false;
}
$this->userId = $this->user->get('id');
$this->guest = $this->user->get('guest');
$this->groups = $this->user->get('groups');
$this->authorisedGroups = $this->user->getAuthorisedGroups();
$this->levels = $this->user->getAuthorisedViewLevels();
$this->initSet = true;
$pk = !empty($pk) ? $pk : (int) $this->getState('companyresults.id');
if (!$this->user->authorise('core.options', 'com_costbenefitprojection')) {
// make absolutely sure that this company can be viewed
$companies = CostbenefitprojectionHelper::hisCompanies($this->userId);
if (!CostbenefitprojectionHelper::checkArray($companies) || !in_array($pk, $companies)) {
JError::raiseWarning(500, JText::_('Access denied!'));
// redirect away if not a correct (TODO for now we go to default view)
$app = JFactory::getApplication();
if ($app->isAdmin()) {
JFactory::getApplication()->redirect('index.php?option=com_costbenefitprojection');
} else {
JFactory::getApplication()->redirect('index.php?option=com_costbenefitprojection&view=cpanel');
}
return false;
}
}
if ($this->_item === null) {
$this->_item = array();
}
if (!isset($this->_item[$pk])) {
try {
// Get the advanced encription.
$advancedkey = CostbenefitprojectionHelper::getCryptKey('advanced');
// Get the encription object.
$advanced = new FOFEncryptAes($advancedkey, 256);
// Get a db connection.
$db = JFactory::getDbo();
// Create a new query object.
$query = $db->getQuery(true);
// Get from #__costbenefitprojection_company as a
$query->select($db->quoteName(array('a.id', 'a.name', 'a.user', 'a.department', 'a.per', 'a.country', 'a.service_provider', 'a.datayear', 'a.working_days', 'a.total_salary', 'a.total_healthcare', 'a.productivity_losses', 'a.males', 'a.females', 'a.medical_turnovers_males', 'a.medical_turnovers_females', 'a.sick_leave_males', 'a.sick_leave_females', 'a.percentmale', 'a.percentfemale', 'a.causesrisks', 'a.published', 'a.access'), array('id', 'name', 'user', 'department', 'per', 'country', 'service_provider', 'datayear', 'working_days', 'total_salary', 'total_healthcare', 'productivity_losses', 'males', 'females', 'medical_turnovers_males', 'medical_turnovers_females', 'sick_leave_males', 'sick_leave_females', 'percentmale', 'percentfemale', 'causesrisks', 'published', 'access')));
$query->from($db->quoteName('#__costbenefitprojection_company', 'a'));
// Get from #__costbenefitprojection_country as e
$query->select($db->quoteName(array('e.id', 'e.name', 'e.alias', 'e.user', 'e.currency', 'e.datayear', 'e.worldzone', 'e.codethree', 'e.codetwo', 'e.working_days', 'e.presenteeism', 'e.medical_turnovers', 'e.sick_leave', 'e.healthcare', 'e.productivity_losses', 'e.publicname', 'e.publicemail', 'e.publicnumber', 'e.publicaddress', 'e.percentmale', 'e.percentfemale', 'e.causesrisks', 'e.maledeath', 'e.femaledeath', 'e.maleyld', 'e.femaleyld', 'e.access'), array('country_id', 'country_name', 'country_alias', 'country_user', 'country_currency', 'country_datayear', 'country_worldzone', 'country_codethree', 'country_codetwo', 'country_working_days', 'country_presenteeism', 'country_medical_turnovers', 'country_sick_leave', 'country_healthcare', 'country_productivity_losses', 'country_publicname', 'country_publicemail', 'country_publicnumber', 'country_publicaddress', 'country_percentmale', 'country_percentfemale', 'country_causesrisks', 'country_maledeath', 'country_femaledeath', 'country_maleyld', 'country_femaleyld', 'country_access')));
$query->join('LEFT', $db->quoteName('#__costbenefitprojection_country', 'e') . ' ON (' . $db->quoteName('a.country') . ' = ' . $db->quoteName('e.id') . ')');
// Get from #__costbenefitprojection_currency as f
$query->select($db->quoteName(array('f.id', 'f.name', 'f.alias', 'f.codethree', 'f.numericcode', 'f.symbol', 'f.thousands', 'f.decimalplace', 'f.decimalsymbol', 'f.positivestyle', 'f.negativestyle', 'f.published', 'f.access', 'f.ordering'), array('currency_id', 'currency_name', 'currency_alias', 'currency_codethree', 'currency_numericcode', 'currency_symbol', 'currency_thousands', 'currency_decimalplace', 'currency_decimalsymbol', 'currency_positivestyle', 'currency_negativestyle', 'currency_published', 'currency_access', 'currency_ordering')));
$query->join('LEFT', $db->quoteName('#__costbenefitprojection_currency', 'f') . ' ON (' . $db->quoteName('e.currency') . ' = ' . $db->quoteName('f.codethree') . ')');
$query->where('a.id = ' . (int) $pk);
// Reset the query using our newly populated query object.
$db->setQuery($query);
// Load the results as a stdClass object.
$data = $db->loadObject();
if (empty($data)) {
$app = JFactory::getApplication();
// If no data is found redirect to default page and show warning.
$app->enqueueMessage(JText::_('COM_COSTBENEFITPROJECTION_NOT_FOUND_OR_ACCESS_DENIED'), 'warning');
$app->redirect('index.php?option=com_costbenefitprojection&view=cpanel');
return false;
}
if (!empty($data->medical_turnovers_females) && $advancedkey && !is_numeric($data->medical_turnovers_females) && $data->medical_turnovers_females === base64_encode(base64_decode($data->medical_turnovers_females, true))) {
// Decode medical_turnovers_females
$data->medical_turnovers_females = rtrim($advanced->decryptString($data->medical_turnovers_females), "");
}
if (!empty($data->females) && $advancedkey && !is_numeric($data->females) && $data->females === base64_encode(base64_decode($data->females, true))) {
// Decode females
$data->females = rtrim($advanced->decryptString($data->females), "");
}
if (!empty($data->sick_leave_males) && $advancedkey && !is_numeric($data->sick_leave_males) && $data->sick_leave_males === base64_encode(base64_decode($data->sick_leave_males, true))) {
// Decode sick_leave_males
$data->sick_leave_males = rtrim($advanced->decryptString($data->sick_leave_males), "");
}
if (CostbenefitprojectionHelper::checkString($data->causesrisks)) {
// Decode causesrisks
$data->causesrisks = json_decode($data->causesrisks, true);
}
if (!empty($data->medical_turnovers_males) && $advancedkey && !is_numeric($data->medical_turnovers_males) && $data->medical_turnovers_males === base64_encode(base64_decode($data->medical_turnovers_males, true))) {
// Decode medical_turnovers_males
$data->medical_turnovers_males = rtrim($advanced->decryptString($data->medical_turnovers_males), "");
}
if (!empty($data->total_salary) && $advancedkey && !is_numeric($data->total_salary) && $data->total_salary === base64_encode(base64_decode($data->total_salary, true))) {
// Decode total_salary
$data->total_salary = rtrim($advanced->decryptString($data->total_salary), "");
}
if (!empty($data->sick_leave_females) && $advancedkey && !is_numeric($data->sick_leave_females) && $data->sick_leave_females === base64_encode(base64_decode($data->sick_leave_females, true))) {
// Decode sick_leave_females
$data->sick_leave_females = rtrim($advanced->decryptString($data->sick_leave_females), "");
}
if (!empty($data->total_healthcare) && $advancedkey && !is_numeric($data->total_healthcare) && $data->total_healthcare === base64_encode(base64_decode($data->total_healthcare, true))) {
// Decode total_healthcare
$data->total_healthcare = rtrim($advanced->decryptString($data->total_healthcare), "");
}
if (!empty($data->males) && $advancedkey && !is_numeric($data->males) && $data->males === base64_encode(base64_decode($data->males, true))) {
// Decode males
$data->males = rtrim($advanced->decryptString($data->males), "");
}
if (CostbenefitprojectionHelper::checkString($data->country_causesrisks)) {
// Decode country_causesrisks
$data->country_causesrisks = json_decode($data->country_causesrisks, true);
}
// Make sure the content prepare plugins fire on country_publicaddress.
$data->country_publicaddress = JHtml::_('content.prepare', $data->country_publicaddress);
// Checking if country_publicaddress has uikit components that must be loaded.
$this->uikitComp = CostbenefitprojectionHelper::getUikitComp($data->country_publicaddress, $this->uikitComp);
// set the global causesrisks value.
$this->a_causesrisks = $data->causesrisks;
// set the global datayear value.
$this->a_datayear = $data->datayear;
// set the global datayear value.
$this->e_datayear = $data->country_datayear;
// set the global causesrisks value.
$this->e_causesrisks = $data->country_causesrisks;
// set countryCountryHealth_dataB to the $data object.
$data->countryCountryHealth_dataB = $this->getCountryCountryHealth_dataEbbe_B($data->country);
// set idCompanyScaling_factorC to the $data object.
$data->idCompanyScaling_factorC = $this->getIdCompanyScaling_factorEbbe_C($data->id);
// set idCompanyInterventionD to the $data object.
$data->idCompanyInterventionD = $this->getIdCompanyInterventionEbbe_D($data->id);
// set causesrisksIdCauseriskG to the $data object.
$data->causesrisksIdCauseriskG = $this->getCausesrisksIdCauseriskEbbe_G($data->causesrisks);
// set countryCountryHealth_dataBB to the $data object.
$data->countryCountryHealth_dataBB = $this->getCountryCountryHealth_dataEbbe_BB($data->country);
// set causesrisksIdCauseriskGG to the $data object.
$data->causesrisksIdCauseriskGG = $this->getCausesrisksIdCauseriskEbbe_GG($data->country_causesrisks);
// set countryCountryInterventionDD to the $data object.
$data->countryCountryInterventionDD = $this->getCountryCountryInterventionEbbe_DD($data->country);
// set data object to item.
$this->_item[$pk] = $data;
} catch (Exception $e) {
if ($e->getCode() == 404) {
// Need to go thru the error handler to allow Redirect to work.
JError::raiseWaring(404, $e->getMessage());
} else {
$this->setError($e);
$this->_item[$pk] = false;
}
}
}
return $this->_item[$pk];
}
/**
* Method to get an array of data items.
*
* @return mixed An array of data items on success, false on failure.
*/
public function getItems()
{
$user = JFactory::getUser();
// check if this user has permission to access items
if (!$user->authorise('site.combinedresults.access', 'com_costbenefitprojection')) {
$app = JFactory::getApplication();
$app->enqueueMessage(JText::_('Not authorised!'), 'error');
// redirect away if not a correct (TODO for now we go to default view)
$app->redirect(JRoute::_('index.php?option=com_costbenefitprojection&view=cpanel'));
return false;
}
// load parent items
$items = parent::getItems();
// Get the global params
$globalParams = JComponentHelper::getParams('com_costbenefitprojection', true);
// Get the advanced encription.
$advancedkey = CostbenefitprojectionHelper::getCryptKey('advanced');
// Get the encription object.
$advanced = new FOFEncryptAes($advancedkey, 256);
// Convert the parameter fields into objects.
foreach ($items as $nr => &$item) {
// Always create a slug for sef URL's
$item->slug = isset($item->alias) ? $item->id . ':' . $item->alias : $item->id;
if (!empty($item->medical_turnovers_females) && $advancedkey && !is_numeric($item->medical_turnovers_females) && $item->medical_turnovers_females === base64_encode(base64_decode($item->medical_turnovers_females, true))) {
// Decode medical_turnovers_females
$item->medical_turnovers_females = rtrim($advanced->decryptString($item->medical_turnovers_females), "");
}
if (!empty($item->females) && $advancedkey && !is_numeric($item->females) && $item->females === base64_encode(base64_decode($item->females, true))) {
// Decode females
$item->females = rtrim($advanced->decryptString($item->females), "");
}
if (!empty($item->sick_leave_males) && $advancedkey && !is_numeric($item->sick_leave_males) && $item->sick_leave_males === base64_encode(base64_decode($item->sick_leave_males, true))) {
// Decode sick_leave_males
$item->sick_leave_males = rtrim($advanced->decryptString($item->sick_leave_males), "");
}
if (CostbenefitprojectionHelper::checkString($item->causesrisks)) {
// Decode causesrisks
$item->causesrisks = json_decode($item->causesrisks, true);
}
if (!empty($item->medical_turnovers_males) && $advancedkey && !is_numeric($item->medical_turnovers_males) && $item->medical_turnovers_males === base64_encode(base64_decode($item->medical_turnovers_males, true))) {
// Decode medical_turnovers_males
$item->medical_turnovers_males = rtrim($advanced->decryptString($item->medical_turnovers_males), "");
}
if (!empty($item->total_salary) && $advancedkey && !is_numeric($item->total_salary) && $item->total_salary === base64_encode(base64_decode($item->total_salary, true))) {
// Decode total_salary
$item->total_salary = rtrim($advanced->decryptString($item->total_salary), "");
}
if (!empty($item->sick_leave_females) && $advancedkey && !is_numeric($item->sick_leave_females) && $item->sick_leave_females === base64_encode(base64_decode($item->sick_leave_females, true))) {
// Decode sick_leave_females
$item->sick_leave_females = rtrim($advanced->decryptString($item->sick_leave_females), "");
}
if (!empty($item->total_healthcare) && $advancedkey && !is_numeric($item->total_healthcare) && $item->total_healthcare === base64_encode(base64_decode($item->total_healthcare, true))) {
// Decode total_healthcare
$item->total_healthcare = rtrim($advanced->decryptString($item->total_healthcare), "");
}
if (!empty($item->males) && $advancedkey && !is_numeric($item->males) && $item->males === base64_encode(base64_decode($item->males, true))) {
// Decode males
$item->males = rtrim($advanced->decryptString($item->males), "");
}
if (CostbenefitprojectionHelper::checkString($item->country_causesrisks)) {
// Decode country_causesrisks
$item->country_causesrisks = json_decode($item->country_causesrisks, true);
}
// Make sure the content prepare plugins fire on country_publicaddress.
$item->country_publicaddress = JHtml::_('content.prepare', $item->country_publicaddress);
// Checking if country_publicaddress has uikit components that must be loaded.
$this->uikitComp = CostbenefitprojectionHelper::getUikitComp($item->country_publicaddress, $this->uikitComp);
// set the global causesrisks value.
$this->a_causesrisks = $item->causesrisks;
// set the global datayear value.
$this->a_datayear = $item->datayear;
// set the global datayear value.
$this->e_datayear = $item->country_datayear;
// set the global causesrisks value.
$this->e_causesrisks = $item->country_causesrisks;
// set countryCountryHealth_dataB to the $item object.
$item->countryCountryHealth_dataB = $this->getCountryCountryHealth_dataBcbb_B($item->country);
// set idCompanyScaling_factorC to the $item object.
$item->idCompanyScaling_factorC = $this->getIdCompanyScaling_factorBcbb_C($item->id);
// set idCompanyInterventionD to the $item object.
$item->idCompanyInterventionD = $this->getIdCompanyInterventionBcbb_D($item->id);
// set causesrisksIdCauseriskG to the $item object.
$item->causesrisksIdCauseriskG = $this->getCausesrisksIdCauseriskBcbb_G($item->causesrisks);
// set countryCountryHealth_dataBB to the $item object.
$item->countryCountryHealth_dataBB = $this->getCountryCountryHealth_dataBcbb_BB($item->country);
// set causesrisksIdCauseriskGG to the $item object.
$item->causesrisksIdCauseriskGG = $this->getCausesrisksIdCauseriskBcbb_GG($item->country_causesrisks);
// set countryCountryInterventionDD to the $item object.
$item->countryCountryInterventionDD = $this->getCountryCountryInterventionBcbb_DD($item->country);
}
// return items
return $items;
}
private function updateTFA($oldsecret, $newsecret)
{
$this->container->session->set('tfa_warning', false);
// There is no TFA in Joomla < 3.2
$jversion = $this->container->session->get('jversion');
if (version_compare($jversion, '3.2', 'lt')) {
return;
}
$db = $this->getDatabase();
$query = $db->getQuery(true)->select('COUNT(extension_id)')->from($db->qn('#__extensions'))->where($db->qn('type') . ' = ' . $db->q('plugin'))->where($db->qn('folder') . ' = ' . $db->q('twofactorauth'))->where($db->qn('enabled') . ' = ' . $db->q('1'));
$count = $db->setQuery($query)->loadResult();
// No enabled plugin, there is no point in continuing
if (!$count) {
return;
}
$query = $db->getQuery(true)->select('*')->from($db->qn('#__users'))->where($db->qn('otpKey') . ' != ' . $db->q(''))->where($db->qn('otep') . ' != ' . $db->q(''));
$users = $db->setQuery($query)->loadObjectList();
// There are no users with TFA configured, let's stop here
if (!$users) {
return;
}
// Otherwise I'll get a blank page
if (!defined('FOF_INCLUDED')) {
define('FOF_INCLUDED', 1);
}
include_once APATH_LIBRARIES . '/fof/encrypt/aes.php';
// Does this host support AES?
if (!FOFEncryptAes::isSupported()) {
// If not, set a flag, so we will display a big, fat warning in the finalize screen
$this->container->session->set('tfa_warning', true);
// Let's disable them
$query = $db->getQuery(true)->update($db->qn('#__extensions'))->set($db->qn('enabled') . ' = ' . $db->q('0'))->where($db->qn('type') . ' = ' . $db->q('plugin'))->where($db->qn('folder') . ' = ' . $db->q('twofactorauth'));
$db->setQuery($query)->execute();
return;
}
$oldaes = new FOFEncryptAes($oldsecret, 256);
$newaes = new FOFEncryptAes($newsecret, 256);
foreach ($users as $user) {
$update = (object) array('id' => $user->id, 'otpKey' => '', 'otep' => '');
list($method, $otpKey) = explode(':', $user->otpKey);
$update->otpKey = $oldaes->decryptString($otpKey);
$update->otpKey = $method . ':' . $newaes->encryptString($update->otpKey);
$update->otep = $oldaes->decryptString($user->otep);
$update->otep = $newaes->encryptString($update->otep);
$db->updateObject('#__users', $update, 'id');
}
}
protected function setSatistics()
{
if (CostbenefitprojectionHelper::checkArray($this->companies)) {
// Get UTC for now.
$dNow = new JDate();
// set the 2 months date
$d2month = clone $dNow;
$d2month->modify('-2 month');
// load to string
$twoMonth = $d2month->format('Y-m-d H:i:s');
// set the beginning of year date
$dyear = clone $dNow;
$dyear->modify('first day of January ' . date('Y'));
// load to string
$year = $dyear->format('Y-m-d H:i:s');
// Get the advanced encription.
$advancedkey = CostbenefitprojectionHelper::getCryptKey('advanced');
// Get the encription object.
$advanced = new FOFEncryptAes($advancedkey, 256);
// set some default data
$this->usageData = new stdClass();
// start looping the data
foreach ($this->companies as $company) {
// now decrypt the company staff count
if (!empty($company->males) && $advancedkey && !is_numeric($company->males) && $company->males === base64_encode(base64_decode($company->males, true))) {
// Decode males
$company->males = rtrim($advanced->decryptString($company->males), "");
} else {
$company->males = 0;
}
if (!empty($company->females) && $advancedkey && !is_numeric($company->females) && $company->females === base64_encode(base64_decode($company->females, true))) {
// Decode males
$company->females = rtrim($advanced->decryptString($company->females), "");
} else {
$company->females = 0;
}
// number of employees
$employees = $company->males + $company->females;
// set the country total companies
$this->usageData->items[$company->country]['companies'][$company->id] = 1;
$this->usageData->total['companies'][$company->id] = 1;
$this->usageData->items[$company->country]['companies_employees'][$company->id] = $employees;
$this->usageData->total['companies_employees'][$company->id] = $employees;
// count the advanced department
if ($company->department == 2) {
// set the country total advanced companies
$this->usageData->items[$company->country]['advanced_companies'][$company->id] = 1;
$this->usageData->total['advanced_companies'][$company->id] = 1;
$this->usageData->items[$company->country]['advanced_companies_employees'][$company->id] = $employees;
$this->usageData->total['advanced_companies_employees'][$company->id] = $employees;
} else {
// set the country total advanced companies
$this->usageData->items[$company->country]['advanced_companies'][$company->id] = 0;
$this->usageData->total['advanced_companies'][$company->id] = 0;
$this->usageData->items[$company->country]['advanced_companies_employees'][$company->id] = 0;
$this->usageData->total['advanced_companies_employees'][$company->id] = 0;
}
// count the basic department
if ($company->department == 1) {
// set the country total basic companies
$this->usageData->items[$company->country]['basic_companies'][$company->id] = 1;
$this->usageData->total['basic_companies'][$company->id] = 1;
$this->usageData->items[$company->country]['basic_companies_employees'][$company->id] = $employees;
$this->usageData->total['basic_companies_employees'][$company->id] = $employees;
} else {
// set the country total basic companies
$this->usageData->items[$company->country]['basic_companies'][$company->id] = 0;
$this->usageData->total['basic_companies'][$company->id] = 0;
$this->usageData->items[$company->country]['basic_companies_employees'][$company->id] = 0;
$this->usageData->total['basic_companies_employees'][$company->id] = 0;
}
// count the timed usage for last 2 months
if ($this->visitCheck($company->user, $twoMonth)) {
// set the country total advanced companies
$this->usageData->items[$company->country]['last_two_months'][$company->id] = 1;
$this->usageData->total['last_two_months'][$company->id] = 1;
$this->usageData->items[$company->country]['last_two_months_employees'][$company->id] = $employees;
$this->usageData->total['last_two_months_employees'][$company->id] = $employees;
} else {
// set the country total advanced companies
$this->usageData->items[$company->country]['last_two_months'][$company->id] = 0;
$this->usageData->total['last_two_months'][$company->id] = 0;
$this->usageData->items[$company->country]['last_two_months_employees'][$company->id] = 0;
$this->usageData->total['last_two_months_employees'][$company->id] = 0;
}
// count the timed usage since begining of this year
if ($this->visitCheck($company->user, $year)) {
// set the country total basic companies
$this->usageData->items[$company->country]['since_beginning_this_year'][$company->id] = 1;
$this->usageData->total['since_beginning_this_year'][$company->id] = 1;
$this->usageData->items[$company->country]['since_beginning_this_year_employees'][$company->id] = $employees;
$this->usageData->total['since_beginning_this_year_employees'][$company->id] = $employees;
} else {
// set the country total basic companies
$this->usageData->items[$company->country]['since_beginning_this_year'][$company->id] = 0;
$this->usageData->total['since_beginning_this_year'][$company->id] = 0;
$this->usageData->items[$company->country]['since_beginning_this_year_employees'][$company->id] = 0;
$this->usageData->total['since_beginning_this_year_employees'][$company->id] = 0;
}
}
// sum the item arrays
foreach ($this->usageData->items as $country => $data) {
// insure to set the name of the country
$this->usageData->items[$country]['name'] = $this->countries[$country];
foreach ($data as $key => $array) {
$this->usageData->items[$country][$key] = array_sum($array);
}
}
// sum the total array
foreach ($this->usageData->total as $tkey => $tarray) {
$this->usageData->total[$tkey] = array_sum($tarray);
}
return true;
}
return false;
}
/**
* Method to get list export data.
*
* @return mixed An array of data items on success, false on failure.
*/
public function getExportData($pks)
{
// setup the query
if (CostbenefitprojectionHelper::checkArray($pks)) {
// Set a value to know this is exporting method.
$_export = true;
// Get the user object.
$user = JFactory::getUser();
// Create a new query object.
$db = JFactory::getDBO();
$query = $db->getQuery(true);
// Select some fields
$query->select('a.*');
// From the costbenefitprojection_company table
$query->from($db->quoteName('#__costbenefitprojection_company', 'a'));
$query->where('a.id IN (' . implode(',', $pks) . ')');
// Filter by companies (admin sees all)
if (!$user->authorise('core.options', 'com_costbenefitprojection')) {
$companies = CostbenefitprojectionHelper::hisCompanies($user->id);
if (CostbenefitprojectionHelper::checkArray($companies)) {
$companies = implode(',', $companies);
// only load this users companies
$query->where('a.id IN (' . $companies . ')');
} else {
// dont allow user to see any companies
$query->where('a.id = -4');
}
}
// Implement View Level Access
if (!$user->authorise('core.options', 'com_costbenefitprojection')) {
$groups = implode(',', $user->getAuthorisedViewLevels());
$query->where('a.access IN (' . $groups . ')');
}
// Order the results by ordering
$query->order('a.ordering ASC');
// Load the items
$db->setQuery($query);
$db->execute();
if ($db->getNumRows()) {
$items = $db->loadObjectList();
// Get the advanced encription key.
$advancedkey = CostbenefitprojectionHelper::getCryptKey('advanced');
// Get the encription object.
$advanced = new FOFEncryptAes($advancedkey, 256);
// set values to display correctly.
if (CostbenefitprojectionHelper::checkArray($items)) {
// get user object.
$user = JFactory::getUser();
foreach ($items as $nr => &$item) {
$access = $user->authorise('company.access', 'com_costbenefitprojection.company.' . (int) $item->id) && $user->authorise('company.access', 'com_costbenefitprojection');
if (!$access) {
unset($items[$nr]);
continue;
}
if ($advancedkey && !is_numeric($item->medical_turnovers_females) && $item->medical_turnovers_females === base64_encode(base64_decode($item->medical_turnovers_females, true))) {
// decrypt medical_turnovers_females
$item->medical_turnovers_females = $advanced->decryptString($item->medical_turnovers_females);
}
if ($advancedkey && !is_numeric($item->females) && $item->females === base64_encode(base64_decode($item->females, true))) {
// decrypt females
$item->females = $advanced->decryptString($item->females);
}
if ($advancedkey && !is_numeric($item->sick_leave_males) && $item->sick_leave_males === base64_encode(base64_decode($item->sick_leave_males, true))) {
// decrypt sick_leave_males
$item->sick_leave_males = $advanced->decryptString($item->sick_leave_males);
}
if ($advancedkey && !is_numeric($item->medical_turnovers_males) && $item->medical_turnovers_males === base64_encode(base64_decode($item->medical_turnovers_males, true))) {
// decrypt medical_turnovers_males
$item->medical_turnovers_males = $advanced->decryptString($item->medical_turnovers_males);
}
if ($advancedkey && !is_numeric($item->total_salary) && $item->total_salary === base64_encode(base64_decode($item->total_salary, true))) {
// decrypt total_salary
$item->total_salary = $advanced->decryptString($item->total_salary);
}
if ($advancedkey && !is_numeric($item->sick_leave_females) && $item->sick_leave_females === base64_encode(base64_decode($item->sick_leave_females, true))) {
// decrypt sick_leave_females
$item->sick_leave_females = $advanced->decryptString($item->sick_leave_females);
}
if ($advancedkey && !is_numeric($item->total_healthcare) && $item->total_healthcare === base64_encode(base64_decode($item->total_healthcare, true))) {
// decrypt total_healthcare
$item->total_healthcare = $advanced->decryptString($item->total_healthcare);
}
if ($advancedkey && !is_numeric($item->males) && $item->males === base64_encode(base64_decode($item->males, true))) {
// decrypt males
$item->males = $advanced->decryptString($item->males);
}
// unset the values we don't want exported.
unset($item->asset_id);
unset($item->checked_out);
unset($item->checked_out_time);
}
}
// Add headers to items array.
$headers = $this->getExImPortHeaders();
if (CostbenefitprojectionHelper::checkObject($headers)) {
array_unshift($items, $headers);
}
return $items;
}
}
return false;
}
private function zipComponent()
{
// before we zip the component we first need to move it to the git folder if set
if (ComponentbuilderHelper::checkString($this->gitPath)) {
// set the git path
$this->gitPath = $this->gitPath . '/com_' . $this->componentData->sales_name . '__joomla_' . $this->joomlaVersion;
// remove old data
$this->removeFolder($this->gitPath, true);
// set the new data
JFolder::copy($this->componentPath, $this->gitPath, '', true);
}
// the name of the zip file to create
$this->filepath = $this->tempPath . '/' . $this->componentFolderName . '.zip';
// store the current joomla working directory
$joomla = getcwd();
// we are changing the working directory to the componet temp folder
chdir($this->componentPath);
// the full file path of the zip file
$this->filepath = JPath::clean($this->filepath);
// delete an existing zip file (or use an exclusion parameter in JFolder::files()
JFile::delete($this->filepath);
// get a list of files in the current directory tree
$files = JFolder::files('.', '', true, true);
$zipArray = array();
// setup the zip array
foreach ($files as $file) {
$tmp = array();
$tmp['name'] = str_replace('./', '', $file);
$tmp['data'] = JFile::read($file);
$tmp['time'] = filemtime($file);
$zipArray[] = $tmp;
}
// change back to joomla working directory
chdir($joomla);
// get the zip adapter
$zip = JArchive::getAdapter('zip');
//create the zip file
if ($zip->create($this->filepath, $zipArray)) {
// now move to backup if zip was made and backup is requered
if ($this->backupPath) {
JFile::copy($this->filepath, $this->backupPath);
}
// move to sales server host
if ($this->componentData->add_sales_server) {
// make sure we have the correct file
if (isset($this->componentData->sales_server_ftp)) {
// Get the basic encription.
$basickey = ComponentbuilderHelper::getCryptKey('basic');
// Get the encription object.
$basic = new FOFEncryptAes($basickey, 128);
if (!empty($this->componentData->sales_server_ftp) && $basickey && !is_numeric($this->componentData->sales_server_ftp) && $this->componentData->sales_server_ftp === base64_encode(base64_decode($this->componentData->sales_server_ftp, true))) {
// basic decript data update_server_ftp.
$this->componentData->sales_server_ftp = rtrim($basic->decryptString($this->componentData->sales_server_ftp), "");
}
// now move the file
$this->moveFileToFtpServer($this->filepath, $this->componentData->sales_server_ftp, $this->componentSalesName . '.zip', false);
}
}
// remove the component folder since we are done
if ($this->removeFolder($this->componentPath)) {
return true;
}
}
return false;
}
/**
* Method to get a single record.
*
* @param integer $pk The id of the primary key.
*
* @return mixed Object on success, false on failure.
*
* @since 1.6
*/
public function getItem($pk = null)
{
if ($item = parent::getItem($pk)) {
if (!empty($item->params)) {
// Convert the params field to an array.
$registry = new Registry();
$registry->loadString($item->params);
$item->params = $registry->toArray();
}
if (!empty($item->metadata)) {
// Convert the metadata field to an array.
$registry = new Registry();
$registry->loadString($item->metadata);
$item->metadata = $registry->toArray();
}
if (!empty($item->causesrisks)) {
// JSON Decode causesrisks.
$item->causesrisks = json_decode($item->causesrisks);
}
// Get the advanced encription key.
$advancedkey = CostbenefitprojectionHelper::getCryptKey('advanced');
// Get the encription object.
$advanced = new FOFEncryptAes($advancedkey, 256);
if (!empty($item->medical_turnovers_females) && $advancedkey && !is_numeric($item->medical_turnovers_females) && $item->medical_turnovers_females === base64_encode(base64_decode($item->medical_turnovers_females, true))) {
// advanced decript data medical_turnovers_females.
$item->medical_turnovers_females = rtrim($advanced->decryptString($item->medical_turnovers_females), "");
}
if (!empty($item->females) && $advancedkey && !is_numeric($item->females) && $item->females === base64_encode(base64_decode($item->females, true))) {
// advanced decript data females.
$item->females = rtrim($advanced->decryptString($item->females), "");
}
if (!empty($item->sick_leave_males) && $advancedkey && !is_numeric($item->sick_leave_males) && $item->sick_leave_males === base64_encode(base64_decode($item->sick_leave_males, true))) {
// advanced decript data sick_leave_males.
$item->sick_leave_males = rtrim($advanced->decryptString($item->sick_leave_males), "");
}
if (!empty($item->medical_turnovers_males) && $advancedkey && !is_numeric($item->medical_turnovers_males) && $item->medical_turnovers_males === base64_encode(base64_decode($item->medical_turnovers_males, true))) {
// advanced decript data medical_turnovers_males.
$item->medical_turnovers_males = rtrim($advanced->decryptString($item->medical_turnovers_males), "");
}
if (!empty($item->total_salary) && $advancedkey && !is_numeric($item->total_salary) && $item->total_salary === base64_encode(base64_decode($item->total_salary, true))) {
// advanced decript data total_salary.
$item->total_salary = rtrim($advanced->decryptString($item->total_salary), "");
}
if (!empty($item->sick_leave_females) && $advancedkey && !is_numeric($item->sick_leave_females) && $item->sick_leave_females === base64_encode(base64_decode($item->sick_leave_females, true))) {
// advanced decript data sick_leave_females.
$item->sick_leave_females = rtrim($advanced->decryptString($item->sick_leave_females), "");
}
if (!empty($item->total_healthcare) && $advancedkey && !is_numeric($item->total_healthcare) && $item->total_healthcare === base64_encode(base64_decode($item->total_healthcare, true))) {
// advanced decript data total_healthcare.
$item->total_healthcare = rtrim($advanced->decryptString($item->total_healthcare), "");
}
if (!empty($item->males) && $advancedkey && !is_numeric($item->males) && $item->males === base64_encode(base64_decode($item->males, true))) {
// advanced decript data males.
$item->males = rtrim($advanced->decryptString($item->males), "");
}
if (!empty($item->id)) {
$item->tags = new JHelperTags();
$item->tags->getTagIds($item->id, 'com_costbenefitprojection.company');
}
}
$this->companyvvvv = $item->id;
$this->companyvvvw = $item->id;
return $item;
}
