[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Fmsystem-commits] [16492] preparing for php7.1
|
From: |
sigurdne |
|
Subject: |
[Fmsystem-commits] [16492] preparing for php7.1 |
|
Date: |
Wed, 29 Mar 2017 09:26:42 -0400 (EDT) |
Revision: 16492
http://svn.sv.gnu.org/viewvc/?view=rev&root=fmsystem&revision=16492
Author: sigurdne
Date: 2017-03-29 09:26:42 -0400 (Wed, 29 Mar 2017)
Log Message:
-----------
preparing for php7.1
Modified Paths:
--------------
trunk/phpgwapi/inc/class.common.inc.php
trunk/phpgwapi/inc/class.crypto.inc.php
trunk/phpgwapi/inc/class.setup_detection.inc.php
trunk/phpgwapi/inc/class.setup_html.inc.php
trunk/phpgwapi/inc/class.uicommon.inc.php
Added Paths:
-----------
trunk/phpgwapi/inc/class.crypto_libsodium.inc.php
trunk/phpgwapi/inc/class.crypto_mcrypt.inc.php
Modified: trunk/phpgwapi/inc/class.common.inc.php
===================================================================
--- trunk/phpgwapi/inc/class.common.inc.php 2017-03-28 16:08:27 UTC (rev
16491)
+++ trunk/phpgwapi/inc/class.common.inc.php 2017-03-29 13:26:42 UTC (rev
16492)
@@ -1591,7 +1591,7 @@
// $prev_helper =
$GLOBALS['phpgw']->translation->translator_helper;
// $GLOBALS['phpgw']->translation->translator_helper = '';
- $data = '';
+ $data = array();
if (is_array($text))
{
foreach($text as $key => $value)
Modified: trunk/phpgwapi/inc/class.crypto.inc.php
===================================================================
--- trunk/phpgwapi/inc/class.crypto.inc.php 2017-03-28 16:08:27 UTC (rev
16491)
+++ trunk/phpgwapi/inc/class.crypto.inc.php 2017-03-29 13:26:42 UTC (rev
16492)
@@ -1,25 +1,41 @@
<?php
/**
- * Handles encrypting strings based on various encryption schemes
- * @author Joseph Engo <address@hidden>
- * @copyright Copyright (C) 2000-2004 Free Software Foundation, Inc.
http://www.fsf.org/
- * @license http://www.gnu.org/licenses/lgpl.html GNU Lesser General
Public License
- * @package phpgwapi
- * @subpackage network
- * @version $Id$
- */
+ * Handles encrypting strings based on various encryption schemes
+ * @author Joseph Engo <address@hidden>
+ * @copyright Copyright (C) 2000-2004 Free Software Foundation, Inc.
http://www.fsf.org/
+ * @license http://www.gnu.org/licenses/lgpl.html GNU Lesser General
Public License
+ * @package phpgwapi
+ * @subpackage network
+ * @version $Id$
+ */
+
+ if(!empty($GLOBALS['phpgw_info']['server']['mcrypt_enabled']) ||
$GLOBALS['phpgw_info']['server']['enable_crypto'] == 'mcrypt' )
+ {
+ require_once PHPGW_API_INC . '/class.crypto_mcrypt.inc.php';
+ }
+ else if( $GLOBALS['phpgw_info']['server']['enable_crypto'] ==
'libsodium' )
+ {
+ require_once PHPGW_API_INC . '/class.crypto_libsodium.inc.php';
+ }
+ else
+ {
+ //Dummy
+ class phpgwapi_crypto extends phpgwapi_crypto_
+ {
+ }
+ }
+
/**
- * Handles encrypting strings based on various encryption schemes
- *
- * @package phpgwapi
- * @subpackage network
- */
- class crypto
+ * Handles encrypting strings based on various encryption schemes
+ *
+ * @package phpgwapi
+ * @subpackage network
+ */
+ class phpgwapi_crypto_
{
var $enabled = false;
var $debug = false;
-
var $algo;
var $mode;
var $td; /* Handle for mcrypt */
@@ -26,9 +42,9 @@
var $iv = '';
var $key = '';
- function __construct($vars='')
+ function __construct( $vars = '' )
{
- if(is_array($vars))
+ if (is_array($vars))
{
$this->init($vars);
}
@@ -35,210 +51,56 @@
register_shutdown_function(array(&$this, 'cleanup'));
}
- function init($vars)
+ function init( $vars )
{
- /* _debug_array(mcrypt_list_algorithms()); */
- $key = $vars[0];
- $iv = $vars[1];
-
- if ($GLOBALS['phpgw_info']['server']['mcrypt_enabled']
- && extension_loaded('mcrypt')
- && !$this->enabled )
- {
- $this->algo = MCRYPT_TRIPLEDES;
- $this->mode = MCRYPT_MODE_CBC;
-
- if (
isset($GLOBALS['phpgw_info']['server']['mcrypt_algo']) )
- {
- $this->algo =
$GLOBALS['phpgw_info']['server']['mcrypt_algo'];
- }
- if (
isset($GLOBALS['phpgw_info']['server']['mcrypt_mode']) )
- {
- $this->mode =
$GLOBALS['phpgw_info']['server']['mcrypt_mode'];
- }
-
- if($this->debug)
- {
- echo '<br>crypto: algorithm=' .
$this->algo;
- echo '<br>crypto: mode =' .
$this->mode;
- }
-
- $this->enabled = True;
- /* Start up mcrypt */
- $this->td = mcrypt_module_open ($this->algo,
'', $this->mode, '');
-
- $ivsize = mcrypt_enc_get_iv_size($this->td);
- $keysize = mcrypt_enc_get_key_size($this->td);
-
- /* Hack IV to be the correct size */
- $x = strlen($iv);
- for ($i = 0; $i < $ivsize; $i++)
- {
- $this->iv .= $iv[$i % $x];
- }
-
- /* Hack Key to be the correct size */
- $x = strlen($key);
-
- for ($i = 0; $i < $keysize; $i++)
- {
- $this->key .= $key[$i % $x];
- }
- }
- /* If mcrypt isn't loaded, key and iv are not needed. */
}
function cleanup()
{
- if ($this->enabled && $this->td)
- {
- @mcrypt_generic_deinit($this->td);
- }
}
- function hex2bin($data)
+ function hex2bin( $data )
{
$len = strlen($data);
- return pack('H'.$len, $data);
+ return pack('H' . $len, $data);
}
- function encrypt($data, $bypass = false)
+ function encrypt( $data, $bypass = false )
{
- $_obj = false;
- if($this->debug)
- {
- echo '<br>' . time() . ' crypto->encrypt()
unencrypted data: ---->>>>' . $data . "\n";
- }
- if ( $data === '' || is_null($data) )
+ if ($data === '' || is_null($data))
{
// no point in encrypting an empty string
return $data;
}
- if(is_array($data) || is_object($data))
- {
- if($this->debug)
- {
- echo '<br>' . time() . '
crypto->encrypt() found an "' . gettype($data) . '". Serializing...' . "\n";
- }
- $data = serialize($data);
- $_obj = true;
- }
- else
- {
- if($this->debug)
- {
- echo '<br>' . time() . '
crypto->encrypt() found "' . gettype($data) . '". No serialization...' . "\n";
- }
- //FIXME - Strings are not decrypted correctly
- $data = serialize($data);
- $_obj = true;
- }
-
- /* Disable all encryption if the admin didn't set it up
*/
- if ($this->enabled && !$bypass)
- {
- if($_obj)
- {
- if($this->debug)
- {
- echo '<br>' . time() . '
crypto->encrypt() adding slashes' . "\n";
- }
- $data = addslashes($data);
- }
-
- if($this->debug)
- {
- echo '<br>' . time() . '
crypto->encrypt() data: ---->>>>' . $data;
- }
-
- mcrypt_generic_init ($this->td, $this->key,
$this->iv);
-
- $encrypteddata = mcrypt_generic($this->td,
$data);
- $encrypteddata = bin2hex($encrypteddata);
-
- if($this->debug)
- {
- echo '<br>' . time() . '
crypto->encrypt() crypted data: ---->>>>' . $encrypteddata;
- }
- return $encrypteddata;
- }
- else
- {
- /* No mcrypt == insecure ! */
- if($this->debug)
- {
- echo '<br>' . time() . '
crypto->encrypt() crypted data: ---->>>>' . $data;
- }
- return $data;
- }
+ return serialize($data);
}
- function decrypt($encrypteddata, $bypass = false)
+ function decrypt( $encrypteddata, $bypass = false )
{
- if($this->debug)
+ if ($this->debug)
{
echo '<br>' . time() . ' crypto->decrypt()
crypted data: ---->>>>' . $encrypteddata;
}
- if ( $encrypteddata === '' || is_null($encrypteddata) )
+ if ($encrypteddata === '' || is_null($encrypteddata))
{
// an empty string is always a usless empty
string
return $encrypteddata;
}
- /* Disable all encryption if the admin didn't set it up
*/
- if ($this->enabled && !$bypass)
- {
- $data = $this->hex2bin($encrypteddata);
- mcrypt_generic_init ($this->td, $this->key,
$this->iv);
- $data = mdecrypt_generic($this->td, $data);
+ $data = $encrypteddata;
+
- if($this->debug)
- {
- echo '<br>' . time() . '
crypto->decrypt() decrypted data: ---->>>>' . $data;
- }
- $test = stripslashes($data);
- if( $test )
- {
- if($this->debug)
- {
- echo '<br>' . time() . '
crypto->decrypt() stripping slashes' . "\n";
- }
- $data = $test;
- }
- unset($test);
-
- if($this->debug)
- {
- echo '<br>' . time() . '
crypto->decrypt() data: ---->>>>' . $data . "\n";
- }
- }
- else
- {
- /* No mcrypt == insecure ! */
- $data = $encrypteddata;
- }
-
$newdata = @unserialize($data);
- if($newdata || is_array($newdata)) // Check for empty
array
+ if ($newdata || is_array($newdata)) // Check for empty
array
{
- if($this->debug)
- {
- echo '<br>' . time() . '
crypto->decrypt() found serialized "' . gettype($newdata) . '".
Unserializing...' . "\n";
- echo '<br>' . time() . '
crypto->decrypt() returning: '; _debug_array($newdata);
- }
return $newdata;
}
else
{
- if($this->debug)
- {
- echo '<br>' . time() . '
crypto->decrypt() found UNserialized "' . gettype($data) . '". No
unserialization...' . "\n";
- echo '<br>' . time() . '
crypto->decrypt() returning: ' . $data;
- }
return $data;
}
}
- } // class crypto
+ }
\ No newline at end of file
Added: trunk/phpgwapi/inc/class.crypto_libsodium.inc.php
===================================================================
--- trunk/phpgwapi/inc/class.crypto_libsodium.inc.php
(rev 0)
+++ trunk/phpgwapi/inc/class.crypto_libsodium.inc.php 2017-03-29 13:26:42 UTC
(rev 16492)
@@ -0,0 +1,257 @@
+<?php
+ /**
+ * Handles encrypting strings based on various encryption schemes
+ * @author Joseph Engo <address@hidden>
+ * @copyright Copyright (C) 2000-2004 Free Software Foundation, Inc.
http://www.fsf.org/
+ * @license http://www.gnu.org/licenses/lgpl.html GNU Lesser General
Public License
+ * @package phpgwapi
+ * @subpackage network
+ * @version $Id: class.crypto.inc.php 13891 2015-09-14 19:31:31Z
sigurdne $
+ */
+
+ /**
+ * Handles encrypting strings based on various encryption schemes
+ *
+ * @package phpgwapi
+ * @subpackage network
+ */
+
+ class phpgwapi_crypto extends phpgwapi_crypto_
+ {
+
+ function __construct( $vars = '' )
+ {
+ parent::__construct($vars);
+ }
+
+ function init( $vars )
+ {
+ // $key = base64_decode($vars[0]);
+ $key = $vars[0];
+ $iv = $vars[1];
+
+ // _debug_array(\Sodium\CRYPTO_SECRETBOX_KEYBYTES);
+ //
_debug_array(mb_strlen(base64_decode('mUVoE1U1atXQ91RgjDV0a4S2fzevs6K4GlgAEIOnu1g='),'8bit'));
die();
+
+ if ($GLOBALS['phpgw_info']['server']['enable_crypto']
== 'libsodium' && extension_loaded('libsodium') && !$this->enabled)
+ {
+ //For now...
+ $this->enabled = false;
+
+ $keysize = \Sodium\CRYPTO_SECRETBOX_KEYBYTES;
+ //_debug_array($keysize);
+ /* Hack Key to be the correct size */
+ $x = strlen($key);
+
+ for ($i = 0; $i < $keysize; $i++)
+ {
+ $this->key .= $key[$i % $x];
+ }
+ }
+ }
+
+ function cleanup()
+ {
+ if ($this->enabled)
+ {
+// @mcrypt_generic_deinit($this->td);
+ }
+ }
+
+ function hex2bin( $data )
+ {
+ $len = strlen($data);
+ return pack('H' . $len, $data);
+ }
+
+ function encrypt( $data, $bypass = false )
+ {
+ $_obj = false;
+ if ($this->debug)
+ {
+ echo '<br>' . time() . ' crypto->encrypt()
unencrypted data: ---->>>>' . $data . "\n";
+ }
+
+ if ($data === '' || is_null($data))
+ {
+ // no point in encrypting an empty string
+ return $data;
+ }
+
+ if (is_array($data) || is_object($data))
+ {
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->encrypt() found an "' . gettype($data) . '". Serializing...' . "\n";
+ }
+ $data = serialize($data);
+ $_obj = true;
+ }
+ else
+ {
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->encrypt() found "' . gettype($data) . '". No serialization...' . "\n";
+ }
+ //FIXME - Strings are not decrypted correctly
+ $data = serialize($data);
+ $_obj = true;
+ }
+
+ /* Disable all encryption if the admin didn't set it up
*/
+ if ($this->enabled && !$bypass)
+ {
+ if ($_obj)
+ {
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->encrypt() adding slashes' . "\n";
+ }
+ $data = addslashes($data);
+ }
+
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->encrypt() data: ---->>>>' . $data;
+ }
+ $encrypteddata = $this->safeEncrypt( $data,
$this->key );
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->encrypt() crypted data: ---->>>>' . $encrypteddata;
+ }
+ return $encrypteddata;
+ }
+ else
+ {
+ /* No mcrypt == insecure ! */
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->encrypt() crypted data: ---->>>>' . $data;
+ }
+ return $data;
+ }
+ }
+
+ function decrypt( $encrypteddata, $bypass = false )
+ {
+ if ($this->debug)
+ {
+ echo '<br>' . time() . ' crypto->decrypt()
crypted data: ---->>>>' . $encrypteddata;
+ }
+
+ if ($encrypteddata === '' || is_null($encrypteddata))
+ {
+ // an empty string is always a usless empty
string
+ return $encrypteddata;
+ }
+
+ /* Disable all encryption if the admin didn't set it up
*/
+ if ($this->enabled && !$bypass)
+ {
+ $data = $this->safeDecrypt( $encrypteddata,
$this->key );
+
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->decrypt() decrypted data: ---->>>>' . $data;
+ }
+ $test = stripslashes($data);
+ if ($test)
+ {
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->decrypt() stripping slashes' . "\n";
+ }
+ $data = $test;
+ }
+ unset($test);
+
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->decrypt() data: ---->>>>' . $data . "\n";
+ }
+ }
+ else
+ {
+ /* No mcrypt == insecure ! */
+ $data = $encrypteddata;
+ }
+
+ $newdata = @unserialize($data);
+ if ($newdata || is_array($newdata)) // Check for empty
array
+ {
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->decrypt() found serialized "' . gettype($newdata) . '".
Unserializing...' . "\n";
+ echo '<br>' . time() . '
crypto->decrypt() returning: ';
+ _debug_array($newdata);
+ }
+ return $newdata;
+ }
+ else
+ {
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->decrypt() found UNserialized "' . gettype($data) . '". No
unserialization...' . "\n";
+ echo '<br>' . time() . '
crypto->decrypt() returning: ' . $data;
+ }
+ return $data;
+ }
+ }
+
+ /**
+ * Encrypt a message
+ *
+ * @param string $message - message to encrypt
+ * @param string $key - encryption key
+ * @return string
+ */
+ function safeEncrypt( $message, $key )
+ {
+ $nonce = \Sodium\randombytes_buf(
+ \Sodium\CRYPTO_SECRETBOX_NONCEBYTES
+ );
+
+ $cipher = base64_encode(
+ $nonce .
+ \Sodium\crypto_secretbox(
+ $message, $nonce, $key
+ )
+ );
+ \Sodium\memzero($message);
+ \Sodium\memzero($key);
+ return $cipher;
+ }
+
+ /**
+ * Decrypt a message
+ *
+ * @param string $encrypted - message encrypted with
safeEncrypt()
+ * @param string $key - encryption key
+ * @return string
+ */
+ function safeDecrypt( $encrypted, $key )
+ {
+ $decoded = base64_decode($encrypted);
+ if ($decoded === false)
+ {
+ throw new \Exception('Scream bloody murder, the
encoding failed');
+ }
+ if (mb_strlen($decoded, '8bit') <
(\Sodium\CRYPTO_SECRETBOX_NONCEBYTES + \Sodium\CRYPTO_SECRETBOX_MACBYTES))
+ {
+ throw new \Exception('Scream bloody murder, the
message was truncated');
+ }
+ $nonce = mb_substr($decoded, 0,
\Sodium\CRYPTO_SECRETBOX_NONCEBYTES, '8bit');
+ $ciphertext = mb_substr($decoded,
\Sodium\CRYPTO_SECRETBOX_NONCEBYTES, null, '8bit');
+
+ $plain = \Sodium\crypto_secretbox_open(
+ $ciphertext, $nonce, $key
+ );
+ if ($plain === false)
+ {
+ throw new \Exception('Scream bloody murder, the
message was tampered with in transit');
+ }
+ \Sodium\memzero($ciphertext);
+ \Sodium\memzero($key);
+ return $plain;
+ }
+ }
Added: trunk/phpgwapi/inc/class.crypto_mcrypt.inc.php
===================================================================
--- trunk/phpgwapi/inc/class.crypto_mcrypt.inc.php
(rev 0)
+++ trunk/phpgwapi/inc/class.crypto_mcrypt.inc.php 2017-03-29 13:26:42 UTC
(rev 16492)
@@ -0,0 +1,233 @@
+<?php
+ /**
+ * Handles encrypting strings based on various encryption schemes
+ * @author Joseph Engo <address@hidden>
+ * @copyright Copyright (C) 2000-2004 Free Software Foundation, Inc.
http://www.fsf.org/
+ * @license http://www.gnu.org/licenses/lgpl.html GNU Lesser General
Public License
+ * @package phpgwapi
+ * @subpackage network
+ * @version $Id: class.crypto.inc.php 13891 2015-09-14 19:31:31Z
sigurdne $
+ */
+
+
+ /**
+ * Handles encrypting strings based on various encryption schemes
+ *
+ * @package phpgwapi
+ * @subpackage network
+ */
+ class phpgwapi_crypto extends phpgwapi_crypto_
+ {
+
+ function __construct( $vars = '' )
+ {
+ parent::__construct($vars);
+ }
+
+ function init( $vars )
+ {
+ /* _debug_array(mcrypt_list_algorithms()); */
+ $key = $vars[0];
+ $iv = $vars[1];
+
+ if ($GLOBALS['phpgw_info']['server']['mcrypt_enabled']
&& extension_loaded('mcrypt') && !$this->enabled)
+ {
+ $this->algo = MCRYPT_TRIPLEDES;
+ $this->mode = MCRYPT_MODE_CBC;
+
+ if
(isset($GLOBALS['phpgw_info']['server']['mcrypt_algo']))
+ {
+ $this->algo =
$GLOBALS['phpgw_info']['server']['mcrypt_algo'];
+ }
+ if
(isset($GLOBALS['phpgw_info']['server']['mcrypt_mode']))
+ {
+ $this->mode =
$GLOBALS['phpgw_info']['server']['mcrypt_mode'];
+ }
+
+ if ($this->debug)
+ {
+ echo '<br>crypto: algorithm=' .
$this->algo;
+ echo '<br>crypto: mode =' .
$this->mode;
+ }
+
+ $this->enabled = True;
+ /* Start up mcrypt */
+ $this->td = mcrypt_module_open($this->algo, '',
$this->mode, '');
+
+ $ivsize = mcrypt_enc_get_iv_size($this->td);
+ $keysize = mcrypt_enc_get_key_size($this->td);
+
+ /* Hack IV to be the correct size */
+ $x = strlen($iv);
+ for ($i = 0; $i < $ivsize; $i++)
+ {
+ $this->iv .= $iv[$i % $x];
+ }
+
+ /* Hack Key to be the correct size */
+ $x = strlen($key);
+
+ for ($i = 0; $i < $keysize; $i++)
+ {
+ $this->key .= $key[$i % $x];
+ }
+ }
+ /* If mcrypt isn't loaded, key and iv are not needed. */
+ }
+
+ function cleanup()
+ {
+ if ($this->enabled && $this->td)
+ {
+ @mcrypt_generic_deinit($this->td);
+ }
+ }
+
+ function hex2bin( $data )
+ {
+ $len = strlen($data);
+ return pack('H' . $len, $data);
+ }
+
+ function encrypt( $data, $bypass = false )
+ {
+ $_obj = false;
+ if ($this->debug)
+ {
+ echo '<br>' . time() . ' crypto->encrypt()
unencrypted data: ---->>>>' . $data . "\n";
+ }
+
+ if ($data === '' || is_null($data))
+ {
+ // no point in encrypting an empty string
+ return $data;
+ }
+
+ if (is_array($data) || is_object($data))
+ {
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->encrypt() found an "' . gettype($data) . '". Serializing...' . "\n";
+ }
+ $data = serialize($data);
+ $_obj = true;
+ }
+ else
+ {
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->encrypt() found "' . gettype($data) . '". No serialization...' . "\n";
+ }
+ //FIXME - Strings are not decrypted correctly
+ $data = serialize($data);
+ $_obj = true;
+ }
+
+ /* Disable all encryption if the admin didn't set it up
*/
+ if ($this->enabled && !$bypass)
+ {
+ if ($_obj)
+ {
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->encrypt() adding slashes' . "\n";
+ }
+ $data = addslashes($data);
+ }
+
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->encrypt() data: ---->>>>' . $data;
+ }
+
+ mcrypt_generic_init($this->td, $this->key,
$this->iv);
+
+ $encrypteddata = mcrypt_generic($this->td,
$data);
+ $encrypteddata = bin2hex($encrypteddata);
+
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->encrypt() crypted data: ---->>>>' . $encrypteddata;
+ }
+ return $encrypteddata;
+ }
+ else
+ {
+ /* No mcrypt == insecure ! */
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->encrypt() crypted data: ---->>>>' . $data;
+ }
+ return $data;
+ }
+ }
+
+ function decrypt( $encrypteddata, $bypass = false )
+ {
+ if ($this->debug)
+ {
+ echo '<br>' . time() . ' crypto->decrypt()
crypted data: ---->>>>' . $encrypteddata;
+ }
+
+ if ($encrypteddata === '' || is_null($encrypteddata))
+ {
+ // an empty string is always a usless empty
string
+ return $encrypteddata;
+ }
+
+ /* Disable all encryption if the admin didn't set it up
*/
+ if ($this->enabled && !$bypass)
+ {
+ $data = $this->hex2bin($encrypteddata);
+ mcrypt_generic_init($this->td, $this->key,
$this->iv);
+ $data = mdecrypt_generic($this->td, $data);
+
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->decrypt() decrypted data: ---->>>>' . $data;
+ }
+ $test = stripslashes($data);
+ if ($test)
+ {
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->decrypt() stripping slashes' . "\n";
+ }
+ $data = $test;
+ }
+ unset($test);
+
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->decrypt() data: ---->>>>' . $data . "\n";
+ }
+ }
+ else
+ {
+ /* No mcrypt == insecure ! */
+ $data = $encrypteddata;
+ }
+
+ $newdata = @unserialize($data);
+ if ($newdata || is_array($newdata)) // Check for empty
array
+ {
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->decrypt() found serialized "' . gettype($newdata) . '".
Unserializing...' . "\n";
+ echo '<br>' . time() . '
crypto->decrypt() returning: ';
+ _debug_array($newdata);
+ }
+ return $newdata;
+ }
+ else
+ {
+ if ($this->debug)
+ {
+ echo '<br>' . time() . '
crypto->decrypt() found UNserialized "' . gettype($data) . '". No
unserialization...' . "\n";
+ echo '<br>' . time() . '
crypto->decrypt() returning: ' . $data;
+ }
+ return $data;
+ }
+ }
+ }
+ // class crypto
Modified: trunk/phpgwapi/inc/class.setup_detection.inc.php
===================================================================
--- trunk/phpgwapi/inc/class.setup_detection.inc.php 2017-03-28 16:08:27 UTC
(rev 16491)
+++ trunk/phpgwapi/inc/class.setup_detection.inc.php 2017-03-29 13:26:42 UTC
(rev 16492)
@@ -40,7 +40,7 @@
return $setup_info;
}
- function get_db_versions($setup_info='')
+ function get_db_versions($setup_info=array())
{
$tname = Array();
$GLOBALS['phpgw_setup']->db->Halt_On_Error = 'no';
@@ -493,4 +493,4 @@
return True;
}
}
- }
\ No newline at end of file
+ }
Modified: trunk/phpgwapi/inc/class.setup_html.inc.php
===================================================================
--- trunk/phpgwapi/inc/class.setup_html.inc.php 2017-03-28 16:08:27 UTC (rev
16491)
+++ trunk/phpgwapi/inc/class.setup_html.inc.php 2017-03-29 13:26:42 UTC (rev
16492)
@@ -35,8 +35,8 @@
$domains = array();
}
- $setting = phpgw::get_var('setting', 'string', 'POST');
- $settings = phpgw::get_var("settings", 'string',
'POST');
+ $setting = phpgw::get_var('setting', 'raw', 'POST');
+ $settings = phpgw::get_var("settings", 'raw', 'POST');
foreach($domains as $k => $v)
{
@@ -48,7 +48,7 @@
$GLOBALS['header_template']->set_var('DB_DOMAIN',$v);
foreach($dom as $x => $y)
{
- if( $setting['enable_mcrypt'] == 'True'
&& ($x == 'db_pass' || $x == 'db_host' || $x == 'db_name' || $x == 'db_user' ||
$x == 'config_pass'))
+ if( ($setting['enable_mcrypt'] ==
'True' || !empty($setting['enable_crypto'])) && ($x == 'db_pass' || $x ==
'db_host' || $x == 'db_name' || $x == 'db_user' || $x == 'config_pass'))
{
$y =
$GLOBALS['phpgw']->crypto->encrypt($y);
}
@@ -63,7 +63,7 @@
{
foreach($setting as $k => $v)
{
- if ($setting['enable_mcrypt'] == 'True'
&& $k == 'HEADER_ADMIN_PASSWORD')
+ if (($setting['enable_mcrypt'] ==
'True' || !empty($setting['enable_crypto']))&& $k == 'HEADER_ADMIN_PASSWORD')
{
$v =
$GLOBALS['phpgw']->crypto->encrypt($v);
}
Modified: trunk/phpgwapi/inc/class.uicommon.inc.php
===================================================================
--- trunk/phpgwapi/inc/class.uicommon.inc.php 2017-03-28 16:08:27 UTC (rev
16491)
+++ trunk/phpgwapi/inc/class.uicommon.inc.php 2017-03-29 13:26:42 UTC (rev
16492)
@@ -126,7 +126,18 @@
{
if (empty($this->permissions[PHPGW_ACL_ADD]))
{
- phpgw::no_access();
+ if ($ajax)
+ {
+ return array(
+ 'status_kode' => 'error',
+ 'status' => lang('error'),
+ 'msg' => lang('no access')
+ );
+ }
+ else
+ {
+ phpgw::no_access();
+ }
}
$active_tab = phpgw::get_var('active_tab', 'string',
'REQUEST', 'first_tab');
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Fmsystem-commits] [16492] preparing for php7.1,
sigurdne <=