gnh1201/reasonableframework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update security.php

Browse Source
This commit is contained in:
Namhyeon Go 2019-02-26 15:23:21 +09:00 committed by GitHub
parent d2b871cb5a
commit e7ce41ddba
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
system/security.php
View File

@ -233,7 +233,7 @@ if(!check_function_exists("get_hashed_text")) {
if(!check_function_exists("hash_algo_exists")) { if(!check_function_exists("hash_algo_exists")) {
function hash_algo_exists($algo) { function hash_algo_exists($algo) {
$flag = false; $flag = false;
if(!check_function_exists("hash_algos")) { if(check_function_exists("hash_algos")) {
$flag = in_array($algo, hash_algos()); $flag = in_array($algo, hash_algos());
} }
return $flag; return $flag;
@ -494,10 +494,12 @@ if(!check_function_exists("encapsulate_text")) {
$init_key = empty($key) ? $config['masterkey'] : $key; $init_key = empty($key) ? $config['masterkey'] : $key;
$init_iv = empty($iv) ? $config['masteriv'] : $iv; $init_iv = empty($iv) ? $config['masteriv'] : $iv;
if(!check_function_exists("openssl_encrypt")) { if(check_function_exists("openssl_encrypt")) {
$encrypted_text = @openssl_encrypt($init_text, $algo, $init_key, true, $init_iv); $encrypted_text = @openssl_encrypt($init_text, $algo, $init_key, true, $init_iv);
} else { } else {
$encrypted_text = xor_this($init_key, $init_text); $encrypted_text = get_hashed_text(get_xor_text($init_key, $init_text), "base64", array(
"decode" => true,
));
} }
if(!empty($encrypted_text)) { if(!empty($encrypted_text)) {
@ -517,7 +519,9 @@ if(!check_function_exists("decapsulate_text")) {
$decrypted_text = ""; $decrypted_text = "";
// initialize text // initialize text
$init_text = get_hashed_text($text, "base64", array("decode" => true)); $init_text = get_hashed_text($text, "base64", array(
"decode" => true,
));
if($algo = "base64") { if($algo = "base64") {
$decapsulate_text = $init_text; $decapsulate_text = $init_text;
@ -528,11 +532,15 @@ if(!check_function_exists("decapsulate_text")) {
if(!check_function_exists("openssl_decrypt")) { if(!check_function_exists("openssl_decrypt")) {
$decrypted_text = @openssl_decrypt($init_text, $algo, $init_key, true, $init_iv); $decrypted_text = @openssl_decrypt($init_text, $algo, $init_key, true, $init_iv);
} else { } else {
$decrypted_text = xor_this($init_key, $init_text); $encrypted_text = get_hashed_text(get_xor_text($init_key, $init_text), "base64", array(
"decode" => true,
));
} }
if(!empty($encrypted_text)) { if(!empty($encrypted_text)) {
$decapsulate_text = get_hashed_text($decrypted_text, "base64", array("decode" => true)); $decapsulate_text = get_hashed_text($decrypted_text, "base64", array(
"decode" => true,
));
} }
} }
@ -554,8 +562,8 @@ if(!check_function_exists("make_safe_argument")) {
} }
// https://stackoverflow.com/questions/14673551/encrypt-decrypt-with-xor-in-php // https://stackoverflow.com/questions/14673551/encrypt-decrypt-with-xor-in-php
if(!check_function_exists("xor_this")) { if(!check_function_exists("get_xor_text")) {
function xor_this($key, $string, $debug=false) { function get_xor_text($key, $string, $debug=false) {
$text = $string; $text = $string;
$outText = ""; $outText = "";
@ -569,7 +577,7 @@ if(!check_function_exists("xor_this")) {
} }
} }
return $outText; return get_hashed_text($outText, "base64");
} }
} }