static function register() { if (!MValidate::password(MGet::string('pass'))) { return mapi_report('Invalid password.'); } if (MGet::string('pass') !== MGet::string('pass_repeat')) { return mapi_report('Passwords do not match.'); } $user = MObject::create('user'); $user->set_username(MGet::string('user')); $user->set_name(MGet::string('name')); $user->set_email(MGet::string('email')); $reg_group = MObject::get('preference', 'new_user_default_group'); $group = null; if (!$reg_group || $reg_group->get_value()) { $group = 3; } if ($reg_group->get_value() < 1 || $reg_group->get_value() > 3) { $group = 3; } if (!$group) { $group = $reg_group->get_value(); } $user->set_group_id($group); $user->set_activation(urlencode(MCrypt::encrypt(mapi_random(24)))); $user->set_enabled(0); $user->add(MGet::string('pass')); if (0 == MMessaging::any_errors() + MMessaging::any_warnings()) { self::send_reg_email($user); $_POST['user'] = ''; $_POST['name'] = ''; $_POST['email'] = ''; } }
/** * Confirms the existence of the user. * * @param string $user * @param string $password * @return integer */ private function searchUser($user, $password) { /* Search for the user in the database */ $sql = "SELECT * FROM user WHERE user = '******'"; $res = DB::query($sql); $row = mysqli_fetch_assoc($res); /* If the user exists verify the password */ if (mysqli_num_rows($res)) { DB::free($res); $mcrypt = new MCrypt(); //echo $mcrypt->encrypt(""); if ($row["password"] === $mcrypt->encrypt($password)) { $res = 1; } else { $res = 0; } } else { $res = 0; } return $res; }
$row1 = mysql_fetch_array($result); $secret_value_set = unserialize($row1[0]); //分配 secret value for ($i = 0; $i < 3; $i++) { $n = rand(0, 4); $secret_value[] = $secret_value_set[$n]; } //get personal keys $sql = "SELECT personal_key,personal_key2,personal_key3 FROM member WHERE deviceid='" . $_SESSION['deviceid'] . "';"; $result = mysql_query($sql) or die(mysql_error()); $row2 = mysql_fetch_array($result); // echo ("pk1 : ".$row2[0]."sv1 : ".$secret_value[0]."<br>"); // echo ("pk2 : ".$row2[1]."sv2 : ".$secret_value[1]."<br>"); // echo ("pk3 : ".$row2[2]."sv3 : ".$secret_value[2]."<br>"); //ebs $enable_block1 = $mcrypt->encrypt($row2[0], $secret_value[0]); $enable_block2 = $mcrypt->encrypt($row2[1], $secret_value[1]); $enable_block3 = $mcrypt->encrypt($row2[2], $secret_value[2]); // echo $enable_block3."<br>"; // $test=$mcrypt->decrypt($row2[2],$enable_block3); // echo $test."<br>"; //xor secret value to session key $xor_key = xor_string($secret_value[0], $secret_value[1]); $xor_key = xor_string($xor_key, $secret_value[2]); // echo $xor_key."<br>"; // //get jar contents // $sql = "SELECT ".$jarname." FROM app WHERE app_id='".$_SESSION['app_id']."';"; // $sql = "SELECT ".$jarname." FROM app WHERE app_id2='".$_SESSION['app_id2']."';"; // $result = mysql_query($sql) or die(mysql_error()); // $row3=mysql_fetch_array($result); // $jar_contents=file_get_contents($row3[0]);
/** * Modify a client saved in the database. * * @param Client $client * @return integer */ public function editClient(Client $client) { $mcrypt = new MCrypt(); $sql = "UPDATE client \n\t\t\tSET id_client = '" . $client->getIdClient() . "', client_name = '" . replaceCharacters($client->getClientName()) . "', agent = '" . replaceCharacters($client->getAgent()) . "', address = '" . replaceCharacters($client->getAddress()) . "', phone = '" . $client->getPhone() . "', email = '" . $client->getEmail() . "', website = '" . $client->getWebsite() . "', user = '******', password = '******' WHERE id_client = '" . $client->getIdClient() . "'"; return DB::query($sql); }
public function login($credentials, $options = array()) { // Get the global MAuthentication object. mimport('framework.user.authentication'); $authenticate = MAuthentication::getInstance(); $response = $authenticate->authenticate($credentials, $options); if ($response->status === MAuthentication::STATUS_SUCCESS) { // validate that the user should be able to login (different to being authenticated) // this permits authentication plugins blocking the user $authorisations = $authenticate->authorise($response, $options); foreach ($authorisations as $authorisation) { $denied_states = array(MAuthentication::STATUS_EXPIRED, MAuthentication::STATUS_DENIED); if (in_array($authorisation->status, $denied_states)) { // Trigger onUserAuthorisationFailure Event. $this->triggerEvent('onUserAuthorisationFailure', array((array) $authorisation)); // If silent is set, just return false. if (isset($options['silent']) && $options['silent']) { return false; } // Return the error. switch ($authorisation->status) { case MAuthentication::STATUS_EXPIRED: return MError::raiseWarning('102002', MText::_('MLIB_LOGIN_EXPIRED')); break; case MAuthentication::STATUS_DENIED: return MError::raiseWarning('102003', MText::_('MLIB_LOGIN_DENIED')); break; default: return MError::raiseWarning('102004', MText::_('MLIB_LOGIN_AUTHORISATION')); break; } } } // Import the user plugin group. MPluginHelper::importPlugin('user'); // OK, the credentials are authenticated and user is authorised. Lets fire the onLogin event. $results = $this->triggerEvent('onUserLogin', array((array) $response, $options)); if (!in_array(false, $results, true)) { // Set the remember me cookie if enabled. if (isset($options['remember']) && $options['remember']) { // Create the encryption key, apply extra hardening using the user agent string. $privateKey = self::getHash(@$_SERVER['HTTP_USER_AGENT']); $key = new MCryptKey('simple', $privateKey, $privateKey); $crypt = new MCrypt(new MCryptCipherSimple(), $key); $rcookie = $crypt->encrypt(json_encode($credentials)); $lifetime = time() + 365 * 24 * 60 * 60; // Use domain and path set in config for cookie if it exists. $cookie_domain = $this->getCfg('cookie_domain', ''); $cookie_path = $this->getCfg('cookie_path', '/'); // Check for SSL connection $secure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' || getenv('SSL_PROTOCOL_VERSION'); setcookie(self::getHash('MLOGIN_REMEMBER'), $rcookie, $lifetime, $cookie_path, $cookie_domain, $secure, true); } return true; } } // Trigger onUserLoginFailure Event. $this->triggerEvent('onUserLoginFailure', array((array) $response)); // If silent is set, just return false. if (isset($options['silent']) && $options['silent']) { return false; } // If status is success, any error will have been raised by the user plugin if ($response->status !== MAuthentication::STATUS_SUCCESS) { MError::raiseWarning('102001', $response->error_message); } return false; }
$db = new DB_CONNECT(); $mcrypt = new MCrypt(); //get the encrypted query and use the mycrypt libary to unencrypt it $encrypted_data = $_REQUEST["query"]; $query = $mcrypt->decrypt($encrypted_data); //run the query $result = mysql_query($query) or die(mysql_error()); // check for empty result if (mysql_num_rows($result) > 0) { /* Take all the results and encrypt them and display them. */ $response["responce"] = array(); $product = array(); $data = ""; while ($row = mysql_fetch_array($result)) { for ($i = 0; $i < count($row) / 2; $i = $i + 1) { $data .= $row[$i]; if ($i < count($row) / 2 - 1) { $data .= ","; } } $data .= "</br>"; } // successful; echo $mcrypt->encrypt($data); } else { // no products found echo $mcrypt->encrypt("null"); //json_encode($response); }
<?php /* ------------------------------------------------------------------------ Copyright (C) 2015 Albert Weerman This library/program is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ------------------------------------------------------------------------ */ require_once 'ximcrypt.php'; $mcrypt = new MCrypt(); echo $mcrypt->encrypt(json_encode(array('api' => 'xiIsRemoteServerUp'))); echo '<hr>'; echo '<hr>'; //echo base64_encode(json_encode(array('api' => 'xiUploadToRemoteServer', 'tables' => array('data'), 'urid' => 1))); echo $mcrypt->encrypt(json_encode(array('api' => 'xiUploadToRemoteServer', 'tables' => array('data'), 'urid' => 1))); echo '<hr>'; echo json_encode(array('api' => 'xiUploadToRemoteServer', 'tables' => array('data', 'log'), 'urid' => 1));
function sendToServer($str, $id) { $postUrl = XI_REMOTE_SERVER; //$str = urlencode($this->encryptAndCompress($str)); // $str = encryptAndCompress($str); // $data['q'] = encryptAndCompress(json_encode(array('api' => 'upload', 'id' => $id, 'query' => $str))); // echo 'length before json' . strlen($str) . '---'; $mcrypt = new MCrypt(); $strToEncrypt = json_encode(array('API' => 'upload', 'ID' => $id, 'QUERY' => base64_encode($str))); // echo 'length after json:' . strlen($strToEncrypt); $data['q'] = $mcrypt->encrypt($strToEncrypt); $result = curlToServer($data, $postUrl); return trim($result); }
function write($sessionId, $data) { // Get unique key $key = $this->getkey($sessionId); // $this->err($key); // TODO::sudo php5enmod mcrypt // $crypt = new Crypt (); // $crypt->setComplexTypes(TRUE); // $crypt->setKey($key); // $crypt->setData($data); // $encrypt = $crypt->encrypt(); // $crypt = new \Crypt\AES (); // $encrypt = $crypt->encrypt($data, $this->key, $this->iv); // $security = new Security(); // $encrypt = $security->encrypt($data, $key); $crypt = new MCrypt($key); $encrypt = $crypt->encrypt($data); // $this->err($data); // $this->err($encrypt); return file_put_contents("{$this->savePath}/sess_{$sessionId}", $encrypt) === false ? false : true; }
private static function send_auth_cookie($rand, $time = '', $browser = '') { if (empty($time) || empty($browser)) { return false; } if (self::$remember) { $timeout = 60 * 60 * 24 * 7; } else { $timeout = 60 * 60; } $cookie_of_rand = MCrypt::encrypt($rand); $cookie_of_time = MCrypt::encrypt($time); $cookie_of_browser = MCrypt::encrypt($browser); setcookie('mpmi_r', $cookie_of_rand, time() + $timeout); setcookie('mpmi_t', $cookie_of_time, time() + $timeout); setcookie('mpmi_b', $cookie_of_browser, time() + $timeout); }
{ $bindata = ''; for ($i = 0; $i < strlen($hexdata); $i += 2) { $bindata .= chr(hexdec(substr($hexdata, $i, 2))); } return $bindata; } } $mcrypt = new MCrypt(); // Get the connexion parameter $dbname = $mcrypt->decrypt($_REQUEST['dbname']); $host = $mcrypt->decrypt($_REQUEST['host']); $username = $mcrypt->decrypt($_REQUEST['username']); $password = $mcrypt->decrypt($_REQUEST['password']); //Open the connexion to the database $connect = new PDO('mysql:host=' . $host . ';dbname=' . $dbname, $username, $password); $connect->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $connect->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); $connect->exec("SET CHARACTER SET utf8"); //Execute the request $result = $connect->prepare(str_replace("\\'", "'", $_REQUEST['request'])); $result->execute(); //If we need to get de last insert id if (isset($_REQUEST['isNeedToGetId'])) { echo $mcrypt->encrypt($connect->lastInsertId()); } else { print $mcrypt->encrypt(json_encode($result->fetchAll())); } //Show the JSON value //Close the MYSQL connexion $result->closeCursor();
function getDateSuscription($name, $password) { require_once "../ap-admin/extensions/mcrypt/MCrypt.php"; $mcrypt = new MCrypt(); $sql = "SELECT date_suscription FROM client WHERE user = '******' AND password = '******'"; //var_dump($sql); $res = query($sql); $row = mysqli_fetch_assoc($res); //var_dump($res); //var_dump($row); return $row['date_suscription']; }
$row1 = mysql_fetch_array($result); $secret_value_set = unserialize($row1[0]); //分配 secret value for ($i = 0; $i < 3; $i++) { $n = rand(0, 4); $secret_value[] = $secret_value_set[$n]; } //get personal keys $sql = "SELECT personal_key,personal_key2,personal_key3 FROM member WHERE deviceid='" . $_SESSION['deviceid'] . "';"; $result = mysql_query($sql) or die(mysql_error()); $row2 = mysql_fetch_array($result); // echo ("pk1 : ".$row2[0]."sv1 : ".$secret_value[0]."<br>"); // echo ("pk2 : ".$row2[1]."sv2 : ".$secret_value[1]."<br>"); // echo ("pk3 : ".$row2[2]."sv3 : ".$secret_value[2]."<br>"); // eb $enable_block1 = $mcrypt->encrypt($row2[0], $secret_value[0]); $enable_block2 = $mcrypt->encrypt($row2[1], $secret_value[1]); $enable_block3 = $mcrypt->encrypt($row2[2], $secret_value[2]); // echo $enable_block3."<br>"; // $test=$mcrypt->decrypt($row2[2],$enable_block3); // echo $test."<br>"; // xor personal keys $xor_key = xor_string($row2[0], $row2[1]); $xor_key = xor_string($xor_key, $row2[2]); // echo $xor_key."<br>"; /* // get jar contents $sql = "SELECT ".$jarname." FROM app WHERE app_id2='".$_SESSION['app_id2']."';"; $result = mysql_query($sql) or die(mysql_error()); $row3=mysql_fetch_array($result); $jar_contents=file_get_contents($row3[0]);
include 'conn.php'; mysql_query("set names utf8"); // 檢測用戶身份是否正確 $check_query = mysql_query("select purchase.app_id, purchase.app_id2, member.deviceid from purchase, member where purchase.username=member.username and purchase.app_id2='{$app_id2}' and member.deviceid='{$deviceid}' limit 1"); $arr = array(); //空的陣列 if ($result = mysql_fetch_array($check_query)) { // 登入成功 $_SESSION['app_id'] = $result['app_id']; $_SESSION['app_id2'] = $result['app_id2']; $_SESSION['deviceid'] = $result['deviceid']; // $_SESSION['androidid'] = $result['androidid']; $sessionid = session_id(); $_SESSION['$sessionid'] = $sessionid; // AES $mcrypt = new MCrypt(); // AES Encrypt(secret_value) $enable_block = $mcrypt->encrypt("1111111111123456"); //secret_value $enable_block2 = $mcrypt->encrypt("222222222123456"); //secret_value2 $enable_block3 = $mcrypt->encrypt("333333333123456"); //secret_value3 // $enable_block = $mcrypt->encrypt("9999999999123456"); //java.lang.StringIndexOutOfBoundsException // $enable_block2 = $mcrypt->encrypt("888888888123456"); //java.lang.StringIndexOutOfBoundsException $arr = array('flag' => 'success', 'enable_block' => $enable_block, 'enable_block2' => $enable_block2, 'enable_block3' => $enable_block3, 'sessionid' => $sessionid); echo json_encode($arr); } else { $arr = array('flag' => 'error', 'sessionid' => $sessionid); echo json_encode($arr); }
for ($i = 0; $i < 3; $i++) { $n = rand(0, 4); $secret_value[] = $secret_value_set[$n]; } //get personal keys $sql = "SELECT personal_key,personal_key2,personal_key3 FROM member WHERE deviceid='" . $_SESSION['deviceid'] . "';"; $result = mysql_query($sql) or die(mysql_error()); $row2 = mysql_fetch_array($result); // echo ("pk1 : ".$row2[0]."sv1 : ".$secret_value[0]."<br>"); // echo ("pk2 : ".$row2[1]."sv2 : ".$secret_value[1]."<br>"); // echo ("pk3 : ".$row2[2]."sv3 : ".$secret_value[2]."<br>"); //ebs // $enable_block1 = $mcrypt->encrypt($row2[0],$secret_value[0]); // $enable_block2 = $mcrypt->encrypt($row2[1],$secret_value[1]); // $enable_block3 = $mcrypt->encrypt($row2[2],$secret_value[2]); $enable_block1 = $mcrypt->encrypt($row2[0], $secret_value[0], false); $enable_block2 = $mcrypt->encrypt($row2[1], $secret_value[1], false); $enable_block3 = $mcrypt->encrypt($row2[2], $secret_value[2], false); // echo $enable_block3."<br>"; // $test=$mcrypt->decrypt($row2[2],$enable_block3); // echo $test."<br>"; //xor secret value to session key $xor_key = xor_string($secret_value[0], $secret_value[1]); $xor_key = xor_string($xor_key, $secret_value[2]); // echo $xor_key."<br>"; // //get jar contents // $sql = "SELECT ".$jarname." FROM app WHERE app_id='".$_SESSION['app_id']."';"; // $sql = "SELECT ".$jarname." FROM app WHERE app_id2='".$_SESSION['app_id2']."';"; // $result = mysql_query($sql) or die(mysql_error()); // $row3=mysql_fetch_array($result); // $jar_contents=file_get_contents($row3[0]);
$len = strlen($string); $pad = $blocksize - $len % $blocksize; $string .= str_repeat(chr($pad), $pad); return $string; } private function strippadding($string) { $slast = ord(substr($string, -1)); $slastc = chr($slast); $pcheck = substr($string, -$slast); if (preg_match("/{$slastc}{" . $slast . "}/", $string)) { $string = substr($string, 0, strlen($string) - $slast); return $string; } else { return false; } } function hexToStr($hex) { $string = ''; for ($i = 0; $i < strlen($hex) - 1; $i += 2) { $string .= chr(hexdec($hex[$i] . $hex[$i + 1])); } return $string; } } $encryption = new MCrypt(); $str = '我是中国人大佛傲东方那份难'; echo $en = $encryption->encrypt($str) . PHP_EOL; echo $de = $encryption->decrypt($en); var_dump($de == $str);
<?php include 'include/config.php'; include 'include/db.php'; include 'include/gcm.php'; include 'include/mcrypt.php'; dbconnect(); include 'include/checklogin.php'; if (isset($_POST["regId"]) && isset($_POST["message"]) && isset($_POST["token"])) { $regId = $_POST["regId"]; $message = $_POST["message"]; $token = $_POST["token"]; $mcrypt = new MCrypt(); $key = $mcrypt->formatKey($token); $encrypted = $mcrypt->encrypt($message, $key); $registration_ids = array($regId); $messageA = array("message" => $encrypted); $result = send_notification($registration_ids, $messageA); } dbclose();