--- /dev/null
+<?php
+/************************************************************************
+ * Mailer v0.2.1-FINAL Start: 04/04/2015 *
+ * =================== Last change: 04/04/2015 *
+ * *
+ * -------------------------------------------------------------------- *
+ * File : encryption-functions.php *
+ * -------------------------------------------------------------------- *
+ * Short description : Functions for encryption *
+ * -------------------------------------------------------------------- *
+ * Kurzbeschreibung : Funktionen fuer Verschluesselung *
+ * -------------------------------------------------------------------- *
+ * Copyright (c) 2003 - 2009 by Roland Haeder *
+ * Copyright (c) 2009 - 2015 by Mailer Developer Team *
+ * For more information visit: http://mxchange.org *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the Free Software *
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
+ * MA 02110-1301 USA *
+ ************************************************************************/
+
+if (!defined('__SECURITY')) {
+ exit();
+} // END - if
+
+// Generate salt if not set
+function generateSalt ($salt = '', $hashLength = 48) {
+ // The length should not be shorter than 48 to have 8 byte as salt
+ assert(($hashLength >= 48) && ($hashLength <= 80));
+
+ // Is the salt set?
+ if (empty($salt)) {
+ // Then generate it from various data
+ $salt = hashSha256($hashLength . ':' . mt_rand(100000, 999999) . ':' . getSiteKey());
+ } // END - if
+
+ // Shorten salt ...
+ $salt = substr($salt, 0, $hashLength - 64);
+
+ // Return salt
+ return $salt;
+}
+
+// Hashes a string with SHA256, salts it and returns it hexdecimal-encoded
+function hashString ($str, $salt = '') {
+ // Generate salt
+ $salt = generateSalt($salt, 64);
+
+ // Generate salt
+ $hash = hashSha256($salt . $str);
+
+ // Return it
+ return $salt . $hash;
+}
+
+// Hash string with SHA256 and encode it to hex
+function hashSha256 ($str) {
+ /// Hash string
+ $hash = mhash(MHASH_SHA256, $str);
+
+ // Encode it to hexadecimal
+ $hex = '';
+ for ($i = 0; $i < strlen($hash); $i++) {
+ // Encode char to decimal, pad it with zero, add it
+ $hex .= padLeftZero(dechex(ord(substr($hash, $i, 1))), 2);
+ } // END - if
+
+ // Make sure 'length modulo 2' = 0
+ assert((strlen($hex) % 2) == 0);
+
+ // Return it
+ return $hex;
+}
+
+// "Calculates" password strength
+function calculatePasswordStrength ($password, $configEntry = 'min_password_length') {
+ // Default score
+ $score = 1;
+
+ if ((strlen($password) < 1) || (strlen($password) < getConfig($configEntry))) {
+ // Is to weak
+ return 0;
+ } // END - if
+
+ // At least 8 chars long?
+ if (strlen($password) >= 8) {
+ // Add score
+ $score++;
+ } // END - if
+
+ // At least 10 chars long?
+ if (strlen($password) >= 10) {
+ // Add score
+ $score++;
+ } // END - if
+
+ // Lower and upper cases?
+ if ((preg_match('/[a-z]/', $password)) && (preg_match('/[A-Z]/', $password))) {
+ // Add score
+ $score++;
+ } // END - if
+
+ // Also numbers?
+ if (preg_match('/[0-9]/', $password)) {
+ // Add score
+ $score++;
+ } // END - if
+
+ // Special characters?
+ if (preg_match('/.[!,@,#,$,%,^,&,*,?,\/,_,~,+,-,(,)]/', $password)) {
+ // Add score
+ $score++;
+ } // END - if
+
+ // Return password score
+ return $score;
+}
+
+// "Translates" password strength/score
+function translatePasswordStrength ($strength) {
+ // Return it translated
+ return '{--PASSWORD_SCORE_' . bigintval($strength) . '--}';
+}
+
+// Checks whether given password is strong enough
+function isStrongPassword ($password) {
+ // Determine it
+ return (calculatePasswordStrength($password) >= getConfig('min_password_score'));
+}
+
+// "Translates" encryption algorithm
+function translateEncryptionAlgorithm ($algo) {
+ // Default is 'NONE'
+ $translated = '{--SELECT_NONE--}';
+
+ // Is a valid number? Also '0' is valid.
+ if ((isValidNumber($algo)) || ($algo === '0')) {
+ // Get array
+ $algos = getSupportedEncryptionAlgorithms();
+
+ // Is it there?
+ if (isset($algos[$algo])) {
+ // "Translate" it
+ $translated = strtoupper($algos[$algo]);
+ } else {
+ // Unknown/unsupported
+ $translated = '{--UNSUPPORTED_ENCRYPTION_ALGO--}';
+ }
+ } // END - if
+
+ // Return it
+ return $translated;
+}
+
+// "Translates" encryption mode
+function translateEncryptionMode ($mode) {
+ // Default is 'NONE'
+ $translated = '{--SELECT_NONE--}';
+
+ // Is a valid number?
+ if ((isValidNumber($mode)) || (is_numeric($mode))) {
+ // Get array
+ $modes = getSupportedEncryptionModes();
+
+ // Is it there?
+ if (isset($modes[$mode])) {
+ // "Translate" it
+ $translated = strtoupper($modes[$mode]);
+ } else {
+ // Unknown/unsupported
+ $translated = '{--UNSUPPORTED_ENCRYPTION_MODE--}';
+ }
+ } // END - if
+
+ // Return it
+ return $translated;
+}
+
+// "Getter" for an array of supported ("safe") encryption algorithms
+function getSupportedEncryptionAlgorithms () {
+ // Get full list
+ $algos = mcrypt_list_algorithms();
+
+ // Remove any unsecure (e.g. DES/3DES)
+ foreach (array('des', 'tripledes') as $unsecure) {
+ // Search for it
+ $id = array_search($unsecure, $algos, TRUE);
+
+ // Is it found?
+ if (isValidNumber($id)) {
+ // Remove it
+ unset($algos[$id]);
+ } // END - if
+ } // END - foreach
+
+ // Return it
+ return $algos;
+}
+
+// "Getter" for an array of supported encryption modes
+function getSupportedEncryptionModes () {
+ // Get full list
+ $modes = mcrypt_list_modes();
+
+ // Return it
+ return $modes;
+}
+
+// Determines whether given encryption algorithm number is valid
+function isValidEncryptionAlgorithm ($algo) {
+ // Default is not valid
+ $isValid = FALSE;
+
+ // Is valid number?
+ if (isValidNumber($algo)) {
+ // Get supported algorithms
+ $algos = getSupportedEncryptionAlgorithms();
+
+ // Is it there?
+ $isValid = (isset($algos[$algo]));
+ } // END - if
+
+ // Return status
+ return $isValid;
+}
+
+// Determines whether given encryption mode number is valid
+function isValidEncryptionMode ($mode) {
+ // Default is not valid
+ $isValid = FALSE;
+
+ // Is valid number?
+ if ((isValidNumber($mode)) || (is_numeric($mode))) {
+ // Get supported algorithms
+ $modes = getSupportedEncryptionModes();
+
+ // Is it there?
+ $isValid = (isset($modes[$mode]));
+ } // END - if
+
+ // Return status
+ return $isValid;
+}
+
+// Encrypts a string by given algorithm and key
+function encrytStringByCipher ($str, $algo, $mode, $key) {
+ // Init encryption
+ $cipher = initEncryption($algo, $mode, $key);
+
+ // Encrypt it
+ $encrypted = mcrypt_generic($cipher, $str);
+
+ // Deinit/close cipher
+ deinitEncryption($cipher);
+
+ // Return encrypted
+ return $encrypted;
+}
+
+// Decrypts a string by given algorithm and key
+function decrytStringByCipher ($str, $algo, $mode, $key, $iv) {
+ // Init encryption
+ $cipher = initEncryption($algo, $mode, $key, $iv);
+
+ // Decrypt it
+ $encrypted = mdecrypt_generic($cipher, $str);
+
+ // Deinit/close cipher
+ deinitEncryption($cipher);
+
+ // Return encrypted
+ return $encrypted;
+}
+
+// Initializes encryption/decryption
+function initEncryption ($algo, $mode, $key, $iv = NULL) {
+ // Must be valid algo/mode
+ assert((isValidEncryptionAlgorithm($algo)) && (isValidEncryptionMode($mode)));
+
+ // Get algorithms/modes
+ $algos = getSupportedEncryptionAlgorithms();
+ $modes = getSupportedEncryptionModes();
+
+ // Open encryption module
+ $cipher = mcrypt_module_open($algos[$algo], '', $modes[$mode], '');
+
+ // Ist not a resource?
+ assert(is_resource($cipher));
+
+ // Is iv set?
+ if (is_null($iv)) {
+ // Create IV
+ $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($cipher), MCRYPT_DEV_RANDOM);
+ } // END - if
+
+ // Generate key size
+ $keySize = mcrypt_enc_get_key_size($cipher);
+
+ // Key size must be smaller/equal key's size
+ assert($keySize <= strlen($key));
+
+ // Initialize encryption
+ mcrypt_generic_init($cipher, substr($key, 0, $keySize), $iv);
+
+ // Return prepared cipher
+ return $cipher;
+}
+
+// Deinitializes encryption cipher
+function deinitEncryption ($cipher) {
+ // Ist not a resource?
+ assert(is_resource($cipher));
+
+ // Deinit/close cipher
+ mcrypt_generic_deinit($cipher);
+ mcrypt_module_close($cipher);
+}
+
+// [EOF]
+?>
} // END - if
// Version of this extension
-setThisExtensionVersion('0.0.9');
+setThisExtensionVersion('0.1.0');
// Version history array (add more with , '0.0.1' and so on)
-setExtensionVersionHistory(array('0.0.0', '0.0.1', '0.0.2', '0.0.3', '0.0.4', '0.0.5', '0.0.6', '0.0.7', '0.0.8', '0.0.9'));
+setExtensionVersionHistory(array('0.0.0', '0.0.1', '0.0.2', '0.0.3', '0.0.4', '0.0.5', '0.0.6', '0.0.7', '0.0.8', '0.0.9', '0.1.0'));
switch (getExtensionMode()) {
case 'setup': // Do stuff when installation is running
// Update notes (these will be set as task text!)
setExtensionUpdateNotes("Basis-URL für alle Scripte (Referral-Link, auth.php-Umleitung usw. nicht aber API) und Tabelle für API-Aufrufe von auth.php hinzugefügt.");
break;
+
+ case '0.1.0': // SQL queries for v0.1.0
+ addConfigAddSql('wernis_encryption_algorithm', "VARCHAR(10) NOT NULL DEFAULT 'NULL'");
+ addConfigAddSql('wernis_encryption_mode', "VARCHAR(10) NOT NULL DEFAULT 'NULL'");
+ addConfigAddSql('wernis_private_key', "TINYTEXT NOT NULL");
+
+ // Update notes (these will be set as task text!)
+ setExtensionUpdateNotes("Daten für verschlüsselte Übertragungen hinzugefügt.");
+ break;
+
} // END - switch
// [EOF]
}
// Redirects to an URL and if neccessarry extends it with own base URL
-function redirectToUrl ($url, $allowSpider = TRUE) {
+function redirectToUrl ($url, $allowSpider = TRUE, $compileCode = TRUE) {
// Is the output mode -2?
if (isAjaxOutputMode()) {
// This is always (!) an AJAX request and shall not be redirected
$url = substr($url, 6, -2);
} // END - if
- // Compile out codes
- eval('$url = "' . compileRawCode(encodeUrl($url)) . '";');
+ // Compile codes out?
+ if ($compileCode === TRUE) {
+ // Compile out codes
+ eval('$url = "' . compileRawCode(encodeUrl($url)) . '";');
+ } // END - if
// Default 'rel' value is external, nofollow is evil from Google and hurts the Internet
$rel = ' rel="external"';
// Three different ways to debug...
//* DEBUG: */ reportBug(__FUNCTION__, __LINE__, 'URL=' . $url);
//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'URL=' . $url);
- //* DEBUG: */ die($url);
+ //* DEBUG-DIE: */ die(__METHOD__ . ':url=' . $url . '<br />compileCode=' . intval($compileCode));
// We should not sent a redirect if headers are already sent
if (!headers_sent()) {
+ // Compile again?
+ if ($compileCode === TRUE) {
+ // Do final compilation
+ $url = doFinalCompilation(str_replace('&', '&', $url), FALSE);
+ } // END - if
+
// Load URL when headers are not sent
- sendRawRedirect(doFinalCompilation(str_replace('&', '&', $url), FALSE));
+ sendRawRedirect($url);
} else {
// Output error message
loadPageHeader();
return $str;
}
-// Hash string with SHA256 and encode it to hex
-function hashSha256 ($str) {
- /// Hash string
- $hash = mhash(MHASH_SHA256, $str);
-
- // Encode it to hexadecimal
- $hex = '';
- for ($i = 0; $i < strlen($hash); $i++) {
- // Encode char to decimal, pad it with zero, add it
- $hex .= padLeftZero(dechex(ord(substr($hash, $i, 1))), 2);
- } // END - if
-
- // Make sure 'length modulo 2' = 0
- assert((strlen($hex) % 2) == 0);
-
- // Return it
- return $hex;
-}
-
// ----------------------------------------------------------------------------
// "Translatation" functions for points_data table
// ----------------------------------------------------------------------------
}
} // END - if
-// "Calculates" password strength
-function calculatePasswordStrength ($password, $configEntry = 'min_password_length') {
- // Default score
- $score = 1;
-
- if ((strlen($password) < 1) || (strlen($password) < getConfig($configEntry))) {
- // Is to weak
- return 0;
- } // END - if
-
- // At least 8 chars long?
- if (strlen($password) >= 8) {
- // Add score
- $score++;
- } // END - if
-
- // At least 10 chars long?
- if (strlen($password) >= 10) {
- // Add score
- $score++;
- } // END - if
-
- // Lower and upper cases?
- if ((preg_match('/[a-z]/', $password)) && (preg_match('/[A-Z]/', $password))) {
- // Add score
- $score++;
- } // END - if
-
- // Also numbers?
- if (preg_match('/[0-9]/', $password)) {
- // Add score
- $score++;
- } // END - if
-
- // Special characters?
- if (preg_match('/.[!,@,#,$,%,^,&,*,?,\/,_,~,+,-,(,)]/', $password)) {
- // Add score
- $score++;
- } // END - if
-
- // Return password score
- return $score;
-}
-
-// "Translates" password strength/score
-function translatePasswordStrength ($strength) {
- // Return it translated
- return '{--PASSWORD_SCORE_' . bigintval($strength) . '--}';
-}
-
-// Checks whether given password is strong enough
-function isStrongPassword ($password) {
- // Determine it
- return (calculatePasswordStrength($password) >= getConfig('min_password_score'));
-}
-
// "Getter" for base path from theme
function getBasePathFromTheme ($theme) {
return sprintf('%stheme/%s/css/', getPath(), $theme);
// Adds a HTTP header to array
function addHttpHeader ($header) {
// Send the header
- //* DEBUG: */ logDebugMessage(__FUNCTION__ . ': header=' . $header);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, ': header=' . $header);
array_push($GLOBALS['http_header'], trim($header));
}
assert(is_array($response));
// Test it
- $isOkay = ((isset($response['status'])) && ($response['status'] == 'OK') && (!empty($response['response'])));
+ $isOkay = ((isset($response['status'])) && ($response['status'] == 'OK'));
// Return result
return $isOkay;
'ADMIN_CONFIG_WERNIS_BASE_URL' => "Basis-URL für Reflink usw.",
'ADMIN_CONFIG_WERNIS_REFID' => "Ihre Referral-Id bei WDS66-Portal (= Ihr Username!)",
'ADMIN_CONFIG_WERNIS_WPASS' => "Wernis-Passwort (nicht Account-Passwort!)",
+ 'ADMIN_CONFIG_WERNIS_ENCRYPTION_ALGORITHM' => "Verschlüsselungsalgorithmus",
+ 'ADMIN_CONFIG_WERNIS_ENCRYPTION_MODE' => "Verschlüsselungsmodus",
+ 'ADMIN_CONFIG_WERNIS_PRIVATE_KEY' => ""Privater" Schlüssel",
'ADMIN_CONFIG_WERNIS_NOTICE' => "[<a href=\"{?wernis_base_url?}/ref.php?refid=10437\" target=\"_blank\">Hier</a>] können Sie schon für <strong>einmalig kostenlos</strong> <strong>25.000 Abfragen</strong> ein API-Account beantragen (dazu ist ein <strong>kostenloses</strong> Wernis-Account dennoch nötig!) Geben Sie immer Ihren Usernamen von WDS66-Hauptaccount ein und überprüfen Sie diesen mehrmals! Er wird zum Überweisen von und nach WDS66-Wernis-Portal benötigt. Die Betreibergebühren und Umrechnungsfaktoren sind für den Betrieb Ihres {?mt_word2?} komplett in Wernis ausgelegt, diese müssen Sie also noch anpassen, wenn Sie z.B. Punkte haben und in Wernis auszahlen lassen wollen. Sollten Sie sowohl einen feste als auch eine prozentuale Betreibergebühr eingestellt haben, gilt die prozentuale.",
'ADMIN_CONFIG_WERNIS_AUTH_NOTICE' => "Die URLs für Authorisierungen (Datentransfer) lauten wie folgt:
<ul>
-<li><em>An URL weiterleiten bei Annahme:</em> <strong>{?URL?}/modules.php?provider=wernis&status=1&challenge=</strong></li>
-<li><em>An URL weiterleiten bei Ablehnung:</em> <strong>{?URL?}/modules.php?provider=wernis&status=0&challenge=</strong></li>
+<li><em>An URL weiterleiten bei Annahme:</em> <strong>{?URL?}/modules.php?registration_provider=wernis&status=1&challenge=</strong></li>
+<li><em>An URL weiterleiten bei Ablehnung:</em> <strong>{?URL?}/modules.php?registration_provider=wernis&status=0&challenge=</strong></li>
</ul>",
'ADMIN_WERNIS_NO_TRANSFERS' => "Derzeit keine Wernis transferiert.",
'ADMIN_WERNIS_WDS66_ACCOUNT' => "Account bei WDS66-Portal",
'WERNIS_API_REQUEST_FAILED_OWN' => "Überweisung an eigenes Account nicht möglich.",
'WERNIS_API_REQUEST_FAILED_AMOUNT' => "Konto weist nicht genügend Deckung auf.",
'WERNIS_API_REQUEST_FAILED_API_AMOUNT' => "API-Konto weist nicht genügend Deckung auf.",
+ 'WERNIS_API_REQUEST_FAILED_GENERIC' => "API-Abfrage fehlgeschlagen oder Auswertung der Antwort fehlgeschlagen.",
'WERNIS_API_PURPOSE_WITHDRAW' => "Einzahlung auf {?MAIN_TITLE?} ({?URL?}), id: <span class=\"data\">%s</span>",
'WERNIS_API_PURPOSE_PAYOUT' => "Auszahlung von {?MAIN_TITLE?} ({?URL?}), id: <span class=\"data\">%s</span>",
// Sends out a request to the API and returns it's result
function sendWernisApiRequest ($scriptName, $requestData = array()) {
+ // Debug call
+ //* DEBUG */ reportBug(__FUNCTION__, __LINE__, 'scriptName=' . $scriptName . ',requestData=<pre>' . print_r($requestData, TRUE) . '</pre>');
+
// Is the requestData an array?
if (!is_array($requestData)) {
// Then abort here!
break;
}
} else {
- // All fine here
- $return = array(
- 'status' => 'OK',
- 'response' => $responseLine
- );
+ // All fine, then analyze API response
+ $return = convertApiResponseToArray($responseLine, '&', '=');
+
+ // Nothing is fine now
+ $return['status'] = 'generic_failed';
+ $return['message'] = '--WERNIS_API_REQUEST_FAILED_GENERIC--}';
+
+ // Are 'encrypted', 'key' and 'iv' set?
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':return=<pre>' . print_r($return, TRUE) . '</pre>');
+ if ((isset($return['encrypted'])) && (isset($return['key'])) && (isset($return['iv']))) {
+ // Fully decode it (URL-encoded BASE64)
+ $decoded = decodeString($return['encrypted']);
+ $iv = decodeString($return['iv']);
+
+ // Generate decryption key
+ $decryptionKey = generateWernisDecryptionKey($return['key']);
+
+ // Decrypt string
+ $decrypted = decrytStringByCipher($decoded, getWernisEncryptionAlgorithm(), getWernisEncryptionMode(), $decryptionKey, $iv);
+ //* DEBUG-DIE */ die('key="' . $return['key'] . '"<br />decryptionKey="' . $decryptionKey . '"<br />decoded="' . $decoded . '"<br />decrypted="' . $decrypted . '"');
+
+ // First char must be an &
+ assert(substr($decrypted, 0, 1) == '&');
+
+ // Now the string needs to be turned into an array, first explode all &
+ $elements = explode('&', $decrypted);
+
+ // And remove first element
+ array_shift($elements);
+ //* DEBUG-DIE */ die('elements=<pre>' . print_r($elements, TRUE) . '</pre>');
+
+ // Now "walk" all ements
+ foreach ($elements as $idx => $element) {
+ // Explode element
+ $keyValue = explode('=', $element);
+
+ // Make sure it is valid
+ assert(count($keyValue) == 2);
+
+ // Now handle all over
+ $return[$keyValue[0]] = $keyValue[1];
+ } // END - foreach
+
+ // Remove encryption stuff
+ unset($return['encrypted'], $return['key'], $return['iv']);
+ } // END - if
+
+ // All fine ...
+ $return['status'] = 'OK';
+ $return['message'] = NULL;
}
// Return the result
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':return=<pre>' . print_r($return, TRUE) . '</pre>');
return $return;
}
'sub_request' => $subRequest,
'fields' => $fields,
't_uid' => bigintval($authData['wernis_userid']),
+ 't_md5' => getWernisPassMd5(),
'auth_key' => $authData['api_auth_key'],
'challenge' => $authData['api_redirect_challenge']
);
displayMessage('{--GUEST_WERNIS_REGISTRATION_PASSWORD_NOT_SET--}');
} else {
// So far, all fine, then let's do the call-back on auth.php ...
- $response = executeWernisApiAuth(postRequestElement('wernis_id'), postRequestElement('wernis_password'));
-
- // Was the status okay?
- if (isHttpResponseStatusOkay($response)) {
- // All fine, then analyze API response
- $args = convertApiResponseToArray($response['response'], '&', '=');
+ $args = executeWernisApiAuth(postRequestElement('wernis_id'), postRequestElement('wernis_password'));
+ // Status was okay?
+ if (isHttpResponseStatusOkay($args)) {
// Is status set?
//* DEBUG-DIE */ die('response=<pre>' . print_r($response, TRUE) . '</pre>,args=' . '<pre>'.print_r($args, TRUE).'</pre>');
assert(isset($args['auth_status']));
die(__FUNCTION__ . ':' . __LINE__ . ': status[' . gettype($status) . ']=' . $status . ' - Unfinished.');
} else {
// Something bad happened
- displayMessage($response['message']);
+ displayMessage($args['message']);
}
}
} // END - if
$return = getWernisMappedDataFromApiByChallenge($challenge, $status);
// Is the array filled?
- if ((count($return['mapped_data']) > 0) && (empty($return['message']))) {
+ //* DEBUG-DIE */ die(__METHOD__ . ':return=<pre>' . print_r($return, TRUE) . '</pre> - EXIT!');
+ if ((isset($return['mapped_data'])) && (count($return['mapped_data']) > 0) && (empty($return['message']))) {
// Set must-fillout fields
$return['mapped_data'] = runFilterChain('register_must_fillout', $return['mapped_data']);
$response = executeWernisApiGet($rows[0], 'data', 'vorname|name|strasse|plz|ort|birth_day|birth_month|birth_year|email|werber');
// Was the status okay?
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':response=<pre>' . print_r($response, TRUE) . '</pre>');
if (isHttpResponseStatusOkay($response)) {
// API returned non-errous response, 'data=' must be found
- assert(substr($response['response'], 0, 5) == 'data=');
-
- // And remove it, this is now BASE64-encoded
- $encodedData = urldecode(substr($response['response'], 5));
+ assert(isset($response['data']));
// And decode it (all steps separated to later "easily" debug them)
- $decodedData = base64_decode($encodedData);
+ $decodedData = base64_decode(urldecode($response['data']));
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':decodedData=' . $decodedData);
/*
* Do some checks on the decoded string, it should be a
// The array seems to be fine, unserialize it
$userData = unserialize($decodedData);
+ //* DEBUG-DIE */ die(__METHOD__ . ':userData=<pre>' . print_r($userData, TRUE) . '</pre> - EXIT!');
// All mappings WDS66->mailer
$mappings = array(
}
// Return mapped data array
+ //* DEBUG-DIE */ die(__METHOD__ . ':return=<pre>' . print_r($return, TRUE) . '</pre> - EXIT!');
return $return;
}
// Generic registration is finished, so add more data:
}
+// Generates decrption key based on private key, public key and API key
+function generateWernisDecryptionKey ($publicKey) {
+ // Generate key from most known data
+ $key = hashSha256(sprintf(
+ '%s:%s:%s',
+ getWernisApiMd5(),
+ getWernisPrivateKey(),
+ $publicKey
+ ));
+
+ // Return it
+ return $key;
+}
+
//-----------------------------------------------------------------------------
// Auth status callback functions
//-----------------------------------------------------------------------------
`api_redirect_challenge`='%s'
WHERE
`api_auth_key`='%s' AND
- `wernis_userid`=%s
+ `wernis_userid`=%s AND
`api_auth_status`='PENDING'
LIMIT 1",
array(
assert(sqlAffectedRows() == 1);
// Redirect to WDS66 module=auth ...
- redirectToUrl(getWernisBaseUrl() . '/modules.php?module=auth&auth_key=' . $args['auth_key'] . '&params=' . urlencode(base64_encode('&module=' . getModule() . '&what=' . getWhat())) . '&challenge=' . $challenge);
+ //* DEBUG-DIE */ die(__FUNCTION__ . ':' . __LINE__ . '<pre>' . print_r($args, TRUE) . '</pre>');
+ redirectToUrl(getWernisBaseUrl() . '/modules.php?module=auth&auth_key=' . trim($args['auth_key']) . '&params=' . urlencode(base64_encode('&module=' . getModule() . '&what=' . getWhat())) . '&challenge=' . $challenge, FALSE, FALSE);
}
// Handler for auth_status=ACCEPTED
die(__FUNCTION__ . ':' . __LINE__ . '<pre>' . print_r($args, TRUE) . '</pre>');
}
+//------------------------------------------------------------------------------
+// Template helper functions
+//------------------------------------------------------------------------------
+
+// Template helper to generate a selection box for encryption alogrithms
+function doTemplateSelectWernisEncryptionAlgorithm ($templateName, $clear = FALSE, $default = NULL) {
+ // Get all available algorithms
+ $algorithms = getSupportedEncryptionAlgorithms();
+ //* DEBUG-DIE */ die('algorithms=<pre>' . print_r($algorithms, TRUE) . '</pre>');
+
+ // Init array
+ $options = array();
+
+ // And fill it
+ foreach ($algorithms as $key => $dummy) {
+ $options[$key] = array('algorithms' => $key);
+ } // END - if
+
+ // Handle it over to generateSelectionBoxFromArray()
+ $content = generateSelectionBoxFromArray($options, 'wernis_encryption_algorithm', 'algorithms', '', '_wernis', '', $default, '', TRUE, FALSE);
+
+ // Return prepared content
+ return $content;
+}
+
+// Template helper to generate a selection box for encryption alogrithms
+function doTemplateSelectWernisEncryptionMode ($templateName, $clear = FALSE, $default = NULL) {
+ // Get all available modes
+ $modes = getSupportedEncryptionModes();
+
+ // Init array
+ $options = array();
+
+ // And fill it
+ foreach ($modes as $key => $dummy) {
+ $options[$key] = array('modes' => $key);
+ } // END - if
+
+ // Handle it over to generateSelectionBoxFromArray()
+ $content = generateSelectionBoxFromArray($options, 'wernis_encryption_mode', 'modes', '', '_wernis', '', $default, '', TRUE, FALSE);
+
+ // Return prepared content
+ return $content;
+}
+
//-----------------------------------------------------------------------------
// Wrapper functions
//-----------------------------------------------------------------------------
return $GLOBALS[__FUNCTION__];
}
+// Wrapper function for 'wernis_encryption_algorithm'
+function getWernisEncryptionAlgorithm () {
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__])) {
+ // Get config entry
+ $GLOBALS[__FUNCTION__] = getConfig('wernis_encryption_algorithm');
+ } // END - if
+
+ // Return cache
+ return $GLOBALS[__FUNCTION__];
+}
+
+// Wrapper function for 'wernis_encryption_mode'
+function getWernisEncryptionMode () {
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__])) {
+ // Get config entry
+ $GLOBALS[__FUNCTION__] = getConfig('wernis_encryption_mode');
+ } // END - if
+
+ // Return cache
+ return $GLOBALS[__FUNCTION__];
+}
+
+// Wrapper function for 'wernis_private_key'
+function getWernisPrivateKey () {
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__])) {
+ // Get config entry
+ $GLOBALS[__FUNCTION__] = getConfig('wernis_private_key');
+ } // END - if
+
+ // Return cache
+ return $GLOBALS[__FUNCTION__];
+}
+
// [EOF]
?>
'language',
'sql',
'expression',
+ 'encryption',
'filter',
'extensions') as $lib) {
// Allow none?
if ($allowNone === TRUE) {
// Then add it
- $OUT .= '<option value="0">{--SELECT_NONE--}</option>';
+ $OUT .= '<option value="">{--SELECT_NONE--}</option>';
} // END - if
// Walk through all options
//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'name=' . $name . ',default[' . gettype($default) . ']=' . $default . ',optionKey[' . gettype($optionKey) . ']=' . $optionKey);
// Is default value same as given value?
- if ((!is_null($default)) && (isset($option[$optionKey])) && ($default == $option[$optionKey])) {
+ if ((!is_null($default)) && (isset($option[$optionKey])) && ($default === $option[$optionKey])) {
// Then set default
$option['default'] = ' selected="selected"';
} // END - if
* @access private
*/
function sendRawRedirect ($url) {
+ //* DEBUG-DIE */ die(__METHOD__ . ':url=' . $url);
+
// Clear output buffer
clearOutputBuffer();
// Revert entity &
$url = str_replace('&', '&', $url);
+ //* DEBUG-DIE */ die(__METHOD__ . ':url=' . $url);
// check if running on IIS < 6 with CGI-PHP
if ((isset($_SERVER['SERVER_SOFTWARE'])) && (isset($_SERVER['GATEWAY_INTERFACE'])) &&
<input type="password" class="form_field" name="wernis_pass" size="15" maxlength="255" />
</td>
</tr>
+ <tr>
+ <td align="right">
+ {--ADMIN_CONFIG_WERNIS_ENCRYPTION_ALGORITHM--}
+ </td>
+ <td>
+ {%template,SelectWernisEncryptionAlgorithm=wernis_encryption_algo%}
+ </td>
+ </tr>
+ <tr>
+ <td align="right">
+ {--ADMIN_CONFIG_WERNIS_ENCRYPTION_MODE--}
+ </td>
+ <td>
+ {%template,SelectWernisEncryptionMode=wernis_encryption_mode%}
+ </td>
+ </tr>
+ <tr>
+ <td align="right">
+ {--ADMIN_CONFIG_WERNIS_PRIVATE_KEY--}
+ </td>
+ <td>
+ <input type="text" class="form_field" name="wernis_private_key" value="{?wernis_private_key?}" size="32" maxlength="10000" />
+ </td>
+ </tr>
<tr>
<td align="right">
{--ADMIN_CONFIG_WERNIS_MIN_PAYOUT--}
--- /dev/null
+<div align="center">
+ $content[selection_box]
+</div>
--- /dev/null
+<option value="$content[algorithms]"$content[default]>
+ {%pipe,translateEncryptionAlgorithm=$content[algorithms]%}
+</option>
--- /dev/null
+<div align="center">
+ $content[selection_box]
+</div>
--- /dev/null
+<option value="$content[modes]"$content[default]>
+ {%pipe,translateEncryptionMode=$content[modes]%}
+</option>
projects / mailer.git / commitdiff