Add XOR Encryption when not supported OpenSSL
This commit is contained in:
GitHub
parent
e463c7ee80
commit
78265064df
|
|
@ -67,7 +67,7 @@ if(!function_exists("get_session_token")) {
|
|||
|
||||
if(!function_exists("check_token_abuse_by_requests")) {
|
||||
function check_token_abuse_by_requests($name, $method="_POST") {
|
||||
$requests = get_requests();
|
||||
global $requests;
|
||||
|
||||
$flag = false;
|
||||
if(array_key_empty($name, $requests[$method])) {
|
||||
|
|
@ -126,7 +126,7 @@ if(!function_exists("process_safe_login")) {
|
|||
|
||||
$flag = false;
|
||||
$ss_key = get_session("ss_key");
|
||||
|
||||
|
||||
$user_id = 0;
|
||||
$stored_password = "";
|
||||
if(!array_key_empty("user_id", $user_profile)) {
|
||||
|
|
@ -155,11 +155,15 @@ if(!function_exists("process_safe_login")) {
|
|||
}
|
||||
|
||||
if(!function_exists("check_empty_requests")) {
|
||||
function check_empty_requests($no_empty_fields, $method_get=true) {
|
||||
$requests = get_requests();
|
||||
function check_empty_requests($no_empty_fields, $method_get=true, $method_all=false) {
|
||||
global $requests;
|
||||
|
||||
$errors = array();
|
||||
$check_data = $method_get ? $requests['_GET'] : $requests['_POST'];
|
||||
if($method_all) {
|
||||
$check_data = $requests['_ALL'];
|
||||
} else {
|
||||
$check_data = $method_get ? $requests['_GET'] : $requests['_POST'];
|
||||
}
|
||||
|
||||
foreach($no_empty_fields as $fieldname) {
|
||||
if(array_key_empty($fieldname, $check_data)) {
|
||||
|
|
@ -277,7 +281,7 @@ if(!function_exists("session_logout")) {
|
|||
$config = get_config();
|
||||
|
||||
$flag = false;
|
||||
|
||||
|
||||
$ss_user_name = get_session("ss_user_name");
|
||||
$ss_key = get_session("ss_key");
|
||||
|
||||
|
|
@ -316,6 +320,20 @@ if(!function_exists("get_current_user_name")) {
|
|||
}
|
||||
}
|
||||
|
||||
if(!function_exists("check_user_logged")) {
|
||||
function check_user_logged() {
|
||||
$logged = false;
|
||||
$config = get_config();
|
||||
|
||||
if(get_current_user_id() > 0) {
|
||||
$ss_key = get_current_session_data("ss_key");
|
||||
$logged = check_login_session($ss_key, $config);
|
||||
}
|
||||
|
||||
return $logged;
|
||||
}
|
||||
}
|
||||
|
||||
if(!function_exists("get_current_session_data")) {
|
||||
function get_current_session_data($name) {
|
||||
$current_data = "";
|
||||
|
|
@ -350,7 +368,12 @@ if(!function_exists("get_fixed_id")) {
|
|||
$config = get_config();
|
||||
|
||||
$init_salt = empty($salt) ? $config['salt'] : $salt;
|
||||
$init_len = ($len < 1) ? $config['autolen'] : $len;
|
||||
$init_len = ($len < 3) ? $config['autolen'] : $len;
|
||||
|
||||
if($init_len < 3) {
|
||||
$init_len = 8;
|
||||
}
|
||||
|
||||
return substr(get_hashed_text(get_hashed_text($str, "sha1") . $init_salt, "sha1"), 0, $init_len);
|
||||
}
|
||||
}
|
||||
|
|
@ -453,9 +476,12 @@ if(!function_exists("encapsulate_text")) {
|
|||
|
||||
if(function_exists("openssl_encrypt")) {
|
||||
$encrypted_text = @openssl_encrypt($init_text, $algo, $init_key, true, $init_iv);
|
||||
if(!empty($encrypted_text)) {
|
||||
$encapsulated_text = base64_encode($encrypted_text);
|
||||
}
|
||||
} else {
|
||||
$encrypted_text = xor_this($init_key, $init_text);
|
||||
}
|
||||
|
||||
if(!empty($encrypted_text)) {
|
||||
$encapsulated_text = base64_encode($encrypted_text);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -480,10 +506,13 @@ if(!function_exists("decapsulate_text")) {
|
|||
$init_iv = empty($iv) ? $config['masteriv'] : $iv;
|
||||
|
||||
if(function_exists("openssl_decrypt")) {
|
||||
$encrypted_text = @openssl_decrypt($init_text, $algo, $init_key, true, $init_iv);
|
||||
if(!empty($encrypted_text)) {
|
||||
$decapsulate_text = base64_encode($decrypted_text);
|
||||
}
|
||||
$decrypted_text = @openssl_decrypt($init_text, $algo, $init_key, true, $init_iv);
|
||||
} else {
|
||||
$decrypted_text = xor_this($init_key, $init_text);
|
||||
}
|
||||
|
||||
if(!empty($encrypted_text)) {
|
||||
$decapsulate_text = base64_encode($decrypted_text);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -493,11 +522,31 @@ if(!function_exists("decapsulate_text")) {
|
|||
$decapsulate_text = "";
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
return $decapsulate_text;
|
||||
}
|
||||
}
|
||||
|
||||
// https://stackoverflow.com/questions/14673551/encrypt-decrypt-with-xor-in-php
|
||||
if(!function_exists("xor_this")) {
|
||||
function xor_this($key, $string, $debug=false) {
|
||||
$text = $string;
|
||||
$outText = "";
|
||||
|
||||
for($i = 0; $i<strlen($text); ) {
|
||||
for($j = 0; ($j < strlen($key) && $i < strlen($text)); $j++, $i++) {
|
||||
$outText .= $text{$i} ^ $key{$j};
|
||||
|
||||
if($debug) {
|
||||
echo 'i=' . $i . ', ' . 'j=' . $j . ', ' . $outText{$i} . '<br />';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return $outText;
|
||||
}
|
||||
}
|
||||
|
||||
// https://wiki.ubuntu.com/DevelopmentCodeNames
|
||||
if(!function_exists("get_generated_name")) {
|
||||
function get_generated_name() {
|
||||
|
|
@ -517,27 +566,5 @@ if(!function_exists("get_generated_name")) {
|
|||
}
|
||||
}
|
||||
|
||||
if(!function_exists("get_formatted_number")) {
|
||||
function get_formatted_number($value) {
|
||||
return number_format(floatval($value));
|
||||
}
|
||||
}
|
||||
|
||||
if(!function_exists("get_cutted_string")) {
|
||||
function get_cutted_string($str, $start, $len=0, $charset="utf-8") {
|
||||
$out_str = "";
|
||||
|
||||
if(function_exists("iconv_substr")) {
|
||||
$out_str = iconv_substr($str, $start, $len, $charset);
|
||||
} elseif(function_exists("mb_substr")) {
|
||||
$out_str = mb_substr($str, $start, $len, $charset);
|
||||
} else {
|
||||
$out_str = substr($str, $start, $len);
|
||||
}
|
||||
|
||||
return $out_str;
|
||||
}
|
||||
}
|
||||
|
||||
// start session (enable $_SESSION)
|
||||
session_start();
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user