/** * XOR two-way encryption/decryption, with a base64 wrapper. * * @package s2Member\Utilities * @since 3.5 * * @param str $string A string of data to encrypt. * @param str $key Optional. Key used for encryption. Defaults to the one configured for s2Member. Short of that, defaults to: ``wp_salt()``. * @param bool $w_md5_cs Optional. Defaults to true. When true, an MD5 checksum is used in the encrypted string *(recommended)*. * @return str Encrypted string. */ public static function xencrypt($string = FALSE, $key = FALSE, $w_md5_cs = TRUE) { $string = is_string($string) ? $string : ""; $string = strlen($string) ? "~xe|" . $string : ""; $key = c_ws_plugin__s2member_utils_encryption::key($key); for ($i = 1, $e = ""; $i <= strlen($string); $i++) { $char = substr($string, $i - 1, 1); $keychar = substr($key, $i % strlen($key) - 1, 1); $e .= chr(ord($char) + ord($keychar)); } $e = strlen($e) ? "~xe" . ($w_md5_cs ? ":" . md5($e) : "") . "|" . $e : ""; return strlen($e) ? $base64 = c_ws_plugin__s2member_utils_strings::base64_url_safe_encode($e) : ""; }
/** * Creates an Amazon CloudFront RSA-SHA1 signature URL. * * @package s2Member\Files * @since 110926 * * @param string $file Input file path, to be signed by this routine. * @param bool $stream Is this resource file to be served as streaming media? * @param bool $inline Is this resource file to be served inline, or no? * @param bool $ssl Is this resource file to be served via SSL, or no? * @param string $basename The absolute basename of the resource file. * @param string $mimetype The MIME content-type of the resource file. * * @return string An RSA-SHA1 signature URL for Amazon CloudFront. */ public static function amazon_cf_url($file = '', $stream = FALSE, $inline = FALSE, $ssl = FALSE, $basename = '', $mimetype = '') { $file = trim((string) $file, '/'); // Trim & force string. $url_e_file = c_ws_plugin__s2member_utils_strings::urldecode_ur_chars_deep(urlencode($file)); $url_e_file = str_ireplace('%2F', '/', $url_e_file); foreach ($GLOBALS['WS_PLUGIN__']['s2member']['o'] as $option => $option_value) { if (preg_match('/^amazon_cf_files_/', $option) && ($option = preg_replace('/^amazon_cf_files_/', '', $option))) { $cfc[$option] = $option_value; } } $cfc['expires'] = strtotime('+' . apply_filters('ws_plugin__s2member_amazon_cf_file_expires_time', '24 hours', get_defined_vars())); $cf_extn = strtolower(substr($file, strrpos($file, '.') + 1)); // Parses the file extension out so we can scan it in some special scenarios. $cf_ip_res = c_ws_plugin__s2member_utils_conds::is_localhost() ? FALSE : TRUE; // Do NOT restrict access to a particular IP during `localhost` development. The IP may NOT be the same one Amazon CloudFront sees. $cf_stream_extn_resource_exclusions = array_unique((array) apply_filters('ws_plugin__s2member_amazon_cf_file_streaming_extension_resource_exclusions', array('mp3'), get_defined_vars())); // MP3 files should NOT include an extension in their resource reference. $cf_resource = $stream ? in_array($cf_extn, $cf_stream_extn_resource_exclusions) ? substr($file, 0, strrpos($file, '.')) : $file : 'http' . ($ssl ? 's' : '') . '://' . ($cfc['distro_downloads_cname'] ? $cfc['distro_downloads_cname'] : $cfc['distro_downloads_dname']) . '/' . $url_e_file; $cf_url = $stream ? 'rtmp' . ($ssl ? 'e' : '') . '://' . ($cfc['distro_streaming_cname'] ? $cfc['distro_streaming_cname'] : $cfc['distro_streaming_dname']) . '/cfx/st/' . $file : 'http' . ($ssl ? 's' : '') . '://' . ($cfc['distro_downloads_cname'] ? $cfc['distro_downloads_cname'] : $cfc['distro_downloads_dname']) . '/' . $url_e_file; $cf_policy = '{"Statement":[{"Resource":"' . c_ws_plugin__s2member_utils_strings::esc_dq($cf_resource) . '","Condition":{' . ($cf_ip_res ? '"IpAddress":{"AWS:SourceIp":"' . c_ws_plugin__s2member_utils_strings::esc_dq($_SERVER['REMOTE_ADDR']) . '/32"},' : '') . '"DateLessThan":{"AWS:EpochTime":' . (int) $cfc['expires'] . '}}}]}'; $cf_signature = c_ws_plugin__s2member_files_in::amazon_cf_rsa_sign($cf_policy); $cf_base64_url_safe_policy = c_ws_plugin__s2member_utils_strings::base64_url_safe_encode($cf_policy, array('+', '=', '/'), array('-', '_', '~'), FALSE); $cf_base64_url_safe_signature = c_ws_plugin__s2member_utils_strings::base64_url_safe_encode($cf_signature, array('+', '=', '/'), array('-', '_', '~'), FALSE); return add_query_arg(c_ws_plugin__s2member_utils_strings::urldecode_ur_chars_deep(urlencode_deep(array('Policy' => $cf_base64_url_safe_policy, 'Signature' => $cf_base64_url_safe_signature, 'Key-Pair-Id' => $cfc['private_key_id']))), $cf_url); }
/** * XOR two-way encryption/decryption, with a base64 wrapper. * * @package s2Member\Utilities * @since 3.5 * * @param string $string A string of data to encrypt. * @param string $key Optional. Key used for encryption. Defaults to the one configured for s2Member. Short of that, defaults to: ``wp_salt()``. * @param bool $w_md5_cs Optional. Defaults to true. When true, an MD5 checksum is used in the encrypted string *(recommended)*. * * @return string Encrypted string. */ public static function xencrypt($string = '', $key = '', $w_md5_cs = TRUE) { $string = is_string($string) ? $string : ''; $string = isset($string[0]) ? '~xe|' . $string : ''; $key = c_ws_plugin__s2member_utils_encryption::key($key); for ($i = 1, $e = ''; $i <= strlen($string); $i++) { $char = substr($string, $i - 1, 1); $keychar = substr($key, $i % strlen($key) - 1, 1); $e .= chr(ord($char) + ord($keychar)); } $e = isset($e[0]) ? '~xe' . ($w_md5_cs ? ':' . md5($e) : '') . '|' . $e : ''; return isset($e) && is_string($e) && isset($e[0]) ? $base64 = c_ws_plugin__s2member_utils_strings::base64_url_safe_encode($e) : ''; // Default to empty string. }
/** * Creates an Amazon CloudFront RSA-SHA1 signature URL. * * @package s2Member\Files * @since 110926 * * @param str $file Input file path, to be signed by this routine. * @param bool $stream Is this resource file to be served as streaming media? * @param bool $inline Is this resource file to be served inline, or no? * @param bool $ssl Is this resource file to be served via SSL, or no? * @param str $basename The absolute basename of the resource file. * @param str $mimetype The MIME content-type of the resource file. * @return str An RSA-SHA1 signature URL for Amazon CloudFront. */ public static function amazon_cf_url($file = FALSE, $stream = FALSE, $inline = FALSE, $ssl = FALSE, $basename = FALSE, $mimetype = FALSE) { $file = trim((string) $file, "/"); $url_e_file = c_ws_plugin__s2member_utils_strings::urldecode_ur_chars_deep(urlencode($file)); $url_e_file = str_ireplace("%2F", "/", $url_e_file); foreach ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"] as $option => $option_value) { if (preg_match("/^amazon_cf_files_/", $option) && ($option = preg_replace("/^amazon_cf_files_/", "", $option))) { $cfc[$option] = $option_value; } } $cfc["expires"] = strtotime("+" . apply_filters("ws_plugin__s2member_amazon_cf_file_expires_time", "24 hours", get_defined_vars())); $cf_extn = strtolower(substr($file, strrpos($file, ".") + 1)); $cf_ip_res = c_ws_plugin__s2member_utils_conds::is_localhost() ? false : true; $cf_stream_extn_resource_exclusions = array_unique((array) apply_filters("ws_plugin__s2member_amazon_cf_file_streaming_extension_resource_exclusions", array("mp3"), get_defined_vars())); $cf_resource = $stream ? in_array($cf_extn, $cf_stream_extn_resource_exclusions) ? substr($file, 0, strrpos($file, ".")) : $file : "http" . ($ssl ? "s" : "") . "://" . ($cfc["distro_downloads_cname"] ? $cfc["distro_downloads_cname"] : $cfc["distro_downloads_dname"]) . "/" . $url_e_file; $cf_url = $stream ? "rtmp" . ($ssl ? "e" : "") . "://" . ($cfc["distro_streaming_cname"] ? $cfc["distro_streaming_cname"] : $cfc["distro_streaming_dname"]) . "/cfx/st/" . $file : "http" . ($ssl ? "s" : "") . "://" . ($cfc["distro_downloads_cname"] ? $cfc["distro_downloads_cname"] : $cfc["distro_downloads_dname"]) . "/" . $url_e_file; $cf_policy = '{"Statement":[{"Resource":"' . c_ws_plugin__s2member_utils_strings::esc_dq($cf_resource) . '","Condition":{' . ($cf_ip_res ? '"IpAddress":{"AWS:SourceIp":"' . c_ws_plugin__s2member_utils_strings::esc_dq($_SERVER["REMOTE_ADDR"]) . '/32"},' : '') . '"DateLessThan":{"AWS:EpochTime":' . (int) $cfc["expires"] . '}}}]}'; $cf_signature = c_ws_plugin__s2member_files_in::amazon_cf_rsa_sign($cf_policy); $cf_base64_url_safe_policy = c_ws_plugin__s2member_utils_strings::base64_url_safe_encode($cf_policy, array("+", "=", "/"), array("-", "_", "~"), false); $cf_base64_url_safe_signature = c_ws_plugin__s2member_utils_strings::base64_url_safe_encode($cf_signature, array("+", "=", "/"), array("-", "_", "~"), false); return add_query_arg(c_ws_plugin__s2member_utils_strings::urldecode_ur_chars_deep(urlencode_deep(array("Policy" => $cf_base64_url_safe_policy, "Signature" => $cf_base64_url_safe_signature, "Key-Pair-Id" => $cfc["private_key_id"]))), $cf_url); }