本文整理汇总了PHP中JCrypt类的典型用法代码示例。如果您正苦于以下问题:PHP JCrypt类的具体用法?PHP JCrypt怎么用?PHP JCrypt使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了JCrypt类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: decrypt
/**
* Decrypt data.
*
* @param array $keys That must be an array that contains private and public keys.
* @param mixed $data Encrypted data that has to be decrypted.
*
* @return mixed
*/
public static function decrypt(array $keys, $data)
{
$chiper = new JCryptCipherRijndael256();
$key = new JCryptKey("rijndael256", $keys["private"], $keys["public"]);
$crypt = new JCrypt($chiper, $key);
return $crypt->decrypt($data);
}示例2: onMembershipActive
/**
* Run when a membership activated
* @param PlanOsMembership $row
*/
function onMembershipActive($row)
{
if (!$row->user_id && $row->username && $row->user_password) {
//Need to create the account here
$data['name'] = trim($row->first_name . ' ' . $row->last_name);
//Decrypt the password
$data['username'] = $row->username;
//Password
$privateKey = md5(JFactory::getConfig()->get('secret'));
$key = new JCryptKey('simple', $privateKey, $privateKey);
$crypt = new JCrypt(new JCryptCipherSimple(), $key);
$data['password'] = $data['password2'] = $data['password'] = $crypt->decrypt($row->user_password);
$data['email1'] = $data['email2'] = $data['email'] = $row->email;
$params = JComponentHelper::getParams('com_users');
$data['groups'] = array();
$data['groups'][] = $params->get('new_usertype', 2);
$user = new JUser();
if (!$user->bind($data)) {
return false;
}
// Store the data.
if (!$user->save()) {
return false;
}
$row->user_id = $user->get('id');
$row->store();
}
}示例3: onAfterInitialise
function onAfterInitialise()
{
$app = JFactory::getApplication();
// No remember me for admin
if ($app->isAdmin()) {
return;
}
$user = JFactory::getUser();
if ($user->get('guest')) {
$hash = JApplication::getHash('JLOGIN_REMEMBER');
if ($str = JRequest::getString($hash, '', 'cookie', JREQUEST_ALLOWRAW | JREQUEST_NOTRIM)) {
jimport('joomla.utilities.simplecrypt');
$credentials = array();
$goodCookie = true;
$filter = JFilterInput::getInstance();
// Create the encryption key, apply extra hardening using the user agent string.
// Since we're decoding, no UA validity check is required.
$privateKey = JApplication::getHash(@$_SERVER['HTTP_USER_AGENT']);
$key = new JCryptKey('simple', $privateKey, $privateKey);
$crypt = new JCrypt(new JCryptCipherSimple(), $key);
try {
$str = $crypt->decrypt($str);
if (!is_string($str)) {
throw new Exception('Decoded cookie is not a string.');
}
$cookieData = json_decode($str);
if (null === $cookieData) {
throw new Exception('JSON could not be docoded.');
}
if (!is_object($cookieData)) {
throw new Exception('Decoded JSON is not an object.');
}
// json_decoded cookie could be any object structure, so make sure the
// credentials are well structured and only have user and password.
if (isset($cookieData->username) && is_string($cookieData->username)) {
$credentials['username'] = $filter->clean($cookieData->username, 'username');
} else {
throw new Exception('Malformed username.');
}
if (isset($cookieData->password) && is_string($cookieData->password)) {
$credentials['password'] = $filter->clean($cookieData->password, 'string');
} else {
throw new Exception('Malformed password.');
}
$return = $app->login($credentials, array('silent' => true));
if (!$return) {
throw new Exception('Log-in failed.');
}
} catch (Exception $e) {
$config = JFactory::getConfig();
$cookie_domain = $config->get('cookie_domain', '');
$cookie_path = $config->get('cookie_path', '/');
// Clear the remember me cookie
setcookie(JApplication::getHash('JLOGIN_REMEMBER'), false, time() - 86400, $cookie_path, $cookie_domain);
JLog::add('A remember me cookie was unset for the following reason: ' . $e->getMessage(), JLog::WARNING, 'security');
}
}
}
}示例4: onAfterInitialise
function onAfterInitialise()
{
$app = JFactory::getApplication();
// No remember me for admin
if ($app->isAdmin()) {
return;
}
$user = JFactory::getUser();
if ($user->get('guest')) {
$hash = JApplication::getHash('JLOGIN_REMEMBER');
if ($str = JRequest::getString($hash, '', 'cookie', JREQUEST_ALLOWRAW | JREQUEST_NOTRIM)) {
jimport('joomla.utilities.simplecrypt');
// Create the encryption key, apply extra hardening using the user agent string.
// Since we're decoding, no UA validity check is required.
$privateKey = JApplication::getHash(@$_SERVER['HTTP_USER_AGENT']);
$key = new JCryptKey('simple', $privateKey, $privateKey);
$crypt = new JCrypt(new JCryptCipherSimple(), $key);
$str = $crypt->decrypt($str);
$cookieData = @unserialize($str);
// Deserialized cookie could be any object structure, so make sure the
// credentials are well structured and only have user and password.
$credentials = array();
$filter = JFilterInput::getInstance();
$goodCookie = true;
if (is_array($credentials)) {
if (isset($cookieData['username']) && is_string($cookieData['username'])) {
$credentials['username'] = $filter->clean($cookieData['username'], 'username');
} else {
$goodCookie = false;
}
if (isset($cookieData['password']) && is_string($cookieData['password'])) {
$credentials['password'] = $filter->clean($cookieData['password'], 'string');
} else {
$goodCookie = false;
}
} else {
$goodCookie = false;
}
if (!$goodCookie || !$app->login($credentials, array('silent' => true))) {
$config = JFactory::getConfig();
$cookie_domain = $config->get('cookie_domain', '');
$cookie_path = $config->get('cookie_path', '/');
// Clear the remember me cookie
setcookie(JApplication::getHash('JLOGIN_REMEMBER'), false, time() - 86400, $cookie_path, $cookie_domain);
}
}
}
}示例5: testGenRandomBytes
/**
* @covers JCrypt::genRandomBytes
*/
public function testGenRandomBytes()
{
// We're just testing wether the value has the expected length,
// we obviously can't test the result since it's random.
$randomBytes16 = JCrypt::genRandomBytes();
$this->assertEquals(strlen($randomBytes16), 16);
$randomBytes8 = JCrypt::genRandomBytes(8);
$this->assertEquals(strlen($randomBytes8), 8);
$randomBytes17 = JCrypt::genRandomBytes(17);
$this->assertEquals(strlen($randomBytes17), 17);
}示例6: testGenerateKey
/**
* @testdox Validates keys are correctly generated
*
* @covers JCryptCipherCrypto::generateKey
*/
public function testGenerateKey()
{
$cipher = new JCryptCipherCrypto();
$key = $cipher->generateKey();
// Assert that the key is the correct type.
$this->assertInstanceOf('JCryptKey', $key);
// Assert the private key is our expected value.
$this->assertSame('unused', $key->private);
// Assert the public key is the expected length
$this->assertSame(Crypto::KEY_BYTE_SIZE, JCrypt::safeStrlen($key->public));
// Assert the key is of the correct type.
$this->assertAttributeEquals('crypto', 'type', $key);
}示例7: generateKey
protected static function generateKey()
{
jimport('joomla.crypt.crypt');
$key = JCrypt::genRandomBytes(32);
$salt = md5_file(JPATH_SITE . '/configuration.php');
$key = base64_encode(self::pbkdf2($key, $salt, 32));
$filecontents = "<?php defined('WF_EDITOR') or die(); define('WF_SERVERKEY', '{$key}'); ?>";
$filename = JPATH_COMPONENT_ADMINISTRATOR . '/serverkey.php';
$result = JFile::write($filename, $filecontents);
if (!$result) {
return '';
} else {
return base64_decode($key);
}
}示例8: getCURL
//.........这里部分代码省略.........
foreach ($matches[0] as $index => $match) {
// Extract the cookie-information
$cookieName = $matches[1][$index];
$cookieValue = $matches[2][$index];
// Strip the meta-data from the cookie
if (preg_match('/^([^\\;]+)\\;(.*)/', $cookieValue, $cookieValueMatch)) {
$cookieValue = $cookieValueMatch[1];
}
// Trim the cookie
$cookieValue = trim($cookieValue);
// Check if the cookie was dealt with or not
if (in_array($cookieName, $matchedCookies)) {
continue;
} else {
$matchedCookies[] = $cookieName;
}
// Set the cookie
if (!headers_sent()) {
if ($cookieName == 'persistent_shopping_cart' && isset($matches[3][$index]) && preg_match('/expires=([^\\;]+)/', $matches[3][$index], $paramsMatch)) {
$expires = strtotime($paramsMatch[1]);
} else {
$expires = 0;
}
setcookie($cookieName, $cookieValue, $expires, '/', '.' . JURI::getInstance()->toString(array('host')));
$_COOKIE[$cookieName] = $cookieValue;
}
// Store this cookie also in the default Joomal! session (in case extra cookies are disabled)
$session = JFactory::getSession();
$session->set('magebridge.cookie.' . $cookieName, $cookieValue);
}
}
// Handle the extra remember-me cookie
$user = JFactory::getUser();
if ($user->id > 0 && !empty($_COOKIE['persistent_shopping_cart'])) {
$password = $user->password_clear;
if (empty($password)) {
$password = $this->input->getString('password');
}
if (empty($password)) {
$password = $user->password;
}
if (!empty($password)) {
$credentials = array('username' => $user->username, 'password' => $password);
// Create the encryption key, apply extra hardening using the user agent string.
$privateKey = JApplication::getHash(@$_SERVER['HTTP_USER_AGENT']);
$key = new JCryptKey('simple', $privateKey, $privateKey);
$crypt = new JCrypt(new JCryptCipherSimple(), $key);
$rcookie = $crypt->encrypt(serialize($credentials));
$lifetime = time() + 365 * 24 * 60 * 60;
// Use domain and path set in config for cookie if it exists.
$cookie_domain = JFactory::getConfig()->get('cookie_domain', '');
$cookie_path = JFactory::getConfig()->get('cookie_path', '/');
setcookie(JApplication::getHash('JLOGIN_REMEMBER'), $rcookie, $lifetime, $cookie_path, $cookie_domain);
}
}
// Handle redirects
preg_match('/^Location: ([^\\s]+)/m', $this->head['headers'], $matches);
if ($this->allow_redirects && (preg_match('/^3([0-9]+)/', $this->head['http_code']) || !empty($matches))) {
$originalLocation = trim(array_pop($matches));
$location = $originalLocation;
// Check for a location-override
if ($this->getHeader('X-MageBridge-Location') != null) {
// But only override the location, if there is no error present
if (strstr($location, 'startcustomization=1') == false) {
$this->debug->notice('X-MageBridge-Location = ' . $this->getHeader('X-MageBridge-Location'));
$location = $this->getHeader('X-MageBridge-Location');
}
}
// Check for a location-override if the customer is logged in
if ($this->getHeader('X-MageBridge-Location-Customer') != null && $this->getHeader('X-MageBridge-Customer') != null) {
MageBridgeModelUser::getInstance()->postlogin($this->getHeader('X-MageBridge-Customer'), null, true, true);
$this->debug->notice('X-MageBridge-Location-Customer = ' . $this->getHeader('X-MageBridge-Location-Customer'));
$location = $this->getHeader('X-MageBridge-Location-Customer');
}
// Check for the location in the CURL-information
if (empty($location) && isset($this->head['info']['redirect_url'])) {
$location = $this->head['info']['redirect_url'];
}
// No location could be found
if (empty($location)) {
$this->debug->trace('Redirect requested but no URL found', $this->head['headers']);
return false;
}
// Check if the current location is the Magento homepage, and if so, override it with the Joomla!-stored referer instead
$referer = $this->bridge->getHttpReferer();
if ($location == $this->bridge->getJoomlaBridgeUrl()) {
if (MagebridgeModelConfig::load('use_homepage_for_homepage_redirects') == 1) {
$location = JURI::base();
} elseif (MagebridgeModelConfig::load('use_referer_for_homepage_redirects') == 1 && !empty($referer) && $referer != JURI::current()) {
$location = $referer;
}
}
//$location = preg_replace('/magebridge\.php\//', '', $location);
$this->debug->warning('Trying to redirect to new location ' . $location);
header('X-MageBridge-Redirect: ' . $originalLocation);
$this->setRedirect($location);
}
curl_close($handle);
return $this->body;
}示例9: generateNonce
/**
* Method used to generate the current nonce.
*
* @return string The current nonce.
*
* @since 13.1
*/
public static function generateNonce()
{
$mt = microtime();
$rand = JCrypt::genRandomBytes();
// The md5s look nicer than numbers.
return md5($mt . $rand);
}示例10: getCrypt
/**
*
* @return \JCrypt
*/
private static function getCrypt()
{
$crypt = new JCrypt();
$conf = JFactory::getConfig();
$key = new JCryptKey('simple');
$key->private = $conf->get('secret');
$key->public = $key->private;
$crypt->setKey($key);
return $crypt;
}示例11: generateOteps
/**
* Generates a new set of One Time Emergency Passwords (OTEPs) for a given user.
*
* @param integer $user_id The user ID
* @param integer $count How many OTEPs to generate? Default: 10
*
* @return array The generated OTEPs
*
* @since 3.2
*/
public function generateOteps($user_id, $count = 10)
{
$user_id = !empty($user_id) ? $user_id : (int) $this->getState('user.id');
// Initialise
$oteps = array();
// Get the OTP configuration for the user
$otpConfig = $this->getOtpConfig($user_id);
// If two factor authentication is not enabled, abort
if (empty($otpConfig->method) || $otpConfig->method == 'none') {
return $oteps;
}
$salt = "0123456789";
$base = strlen($salt);
$length = 16;
for ($i = 0; $i < $count; $i++) {
$makepass = '';
$random = JCrypt::genRandomBytes($length + 1);
$shift = ord($random[0]);
for ($j = 1; $j <= $length; ++$j) {
$makepass .= $salt[($shift + ord($random[$j])) % $base];
$shift += ord($random[$j]);
}
$oteps[] = $makepass;
}
$otpConfig->otep = $oteps;
// Save the now modified OTP configuration
$this->setOtpConfig($user_id, $otpConfig);
return $oteps;
}示例12: verify
/**
* Verifies a password hash
*
* @param string $password The password to verify.
* @param string $hash The password hash to check.
*
* @return boolean True if the password is valid, false otherwise.
*
* @since 12.2
* @deprecated 4.0 Use PHP 5.5's native password hashing API
*/
public function verify($password, $hash)
{
// Check if the hash is a blowfish hash.
if (substr($hash, 0, 4) == '$2a$' || substr($hash, 0, 4) == '$2y$') {
$type = '$2a$';
if (JCrypt::hasStrongPasswordSupport()) {
$type = '$2y$';
}
$hash = $type . substr($hash, 4);
return crypt($password, $hash) === $hash;
}
// Check if the hash is an MD5 hash.
if (substr($hash, 0, 3) == '$1$') {
return crypt($password, $hash) === $hash;
}
// Check if the hash is a Joomla hash.
if (preg_match('#[a-z0-9]{32}:[A-Za-z0-9]{32}#', $hash) === 1) {
return md5($password . substr($hash, 33)) === substr($hash, 0, 32);
}
return false;
}示例13: isOwner
/**
* Method to determine if script owns the path.
*
* @param string $path Path to check ownership.
*
* @return boolean True if the php script owns the path passed.
*
* @since 11.1
*/
public static function isOwner($path)
{
jimport('joomla.filesystem.file');
$tmp = md5(JCrypt::genRandomBytes());
$ssp = ini_get('session.save_path');
$jtp = JPATH_SITE . '/tmp';
// Try to find a writable directory
$dir = is_writable('/tmp') ? '/tmp' : false;
$dir = !$dir && is_writable($ssp) ? $ssp : false;
$dir = !$dir && is_writable($jtp) ? $jtp : false;
if ($dir) {
$fileObject = new JFilesystemWrapperFile();
$test = $dir . '/' . $tmp;
// Create the test file
$blank = '';
$fileObject->write($test, $blank, false);
// Test ownership
$return = fileowner($test) == fileowner($path);
// Delete the test file
$fileObject->delete($test);
return $return;
}
return false;
}示例14: unlock
/**
* Method to unlock a password protected category
*
* @param int $catid ID of the category to unlock
* @param string $password Password of the category to check
* @return boolean True on success, false otherwise
* @since 3.1
*/
public function unlock($catid, $password)
{
$query = $this->_db->getQuery(true)->select('cid, password')->from($this->_db->quoteName(_JOOM_TABLE_CATEGORIES))->where('cid = ' . (int) $catid);
$this->_db->setQuery($query);
if (!($category = $this->_db->loadObject())) {
throw new Exception($this->_db->getErrorMsg());
}
if (!$category->password) {
throw new Exception('Category is not protected.');
}
$match = false;
if (substr($category->password, 0, 4) == '$2y$') {
// BCrypt passwords are always 60 characters, but it is possible that salt is appended although non standard.
$password60 = substr($category->password, 0, 60);
if (JCrypt::hasStrongPasswordSupport()) {
$match = password_verify($password, $password60);
}
} else {
if (substr($category->password, 0, 8) == '{SHA256}') {
// Check the password
$parts = explode(':', $category->password);
$crypt = $parts[0];
$salt = @$parts[1];
$testcrypt = JUserHelper::getCryptedPassword($password, $salt, 'sha256', false);
if ($category->password == $testcrypt) {
$match = true;
}
} else {
// Check the password
$parts = explode(':', $category->password);
$crypt = $parts[0];
$salt = @$parts[1];
$testcrypt = JUserHelper::getCryptedPassword($password, $salt, 'md5-hex', false);
if ($crypt == $testcrypt) {
$match = true;
}
}
}
if (!$match) {
throw new Exception(JText::_('COM_JOOMGALLERY_CATEGORY_WRONG_PASSWORD'));
}
$categories = $this->_mainframe->getUserState('joom.unlockedCategories', array(0));
$categories = array_unique(array_merge($categories, array($catid)));
$this->_mainframe->setUserState('joom.unlockedCategories', $categories);
return true;
}示例15: isOwner
/**
* Method to determine if script owns the path.
*
* @param string $path Path to check ownership.
*
* @return boolean True if the php script owns the path passed.
*
* @since 11.1
*/
public static function isOwner($path)
{
$tmp = md5(JCrypt::genRandomBytes());
$ssp = ini_get('session.save_path');
$jtp = PATH_PROJECT . '/data/tmp';
// Try to find a writable directory
$dir = is_writable('/tmp') ? '/tmp' : false;
$dir = !$dir && is_writable($ssp) ? $ssp : false;
$dir = !$dir && is_writable($jtp) ? $jtp : false;
if ($dir) {
$test = $dir . '/' . $tmp;
// Create the test file
$blank = '';
App_Filesystem_File::write($test, $blank, false);
// Test ownership
$return = fileowner($test) == fileowner($path);
// Delete the test file
App_Filesystem_File::delete($test);
return $return;
}
return false;
}