Changeset 2085458
- Timestamp:
- 05/10/2019 03:32:09 PM (7 years ago)
- Location:
- projectmanager/trunk
- Files:
-
- 5 edited
-
admin/admin.php (modified) (1 diff)
-
admin/settings.php (modified) (1 diff)
-
admin/show-project.php (modified) (2 diffs)
-
lib/dataset.php (modified) (2 diffs)
-
lib/project.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
projectmanager/trunk/admin/admin.php
r1675682 r2085458 642 642 } 643 643 644 if ( isset($_GET['generateEncryptionKey']) ) { 645 $tab = 6; 646 } 647 644 648 $menu_page_url = ( $project->navi_link == 1 ) ? menu_page_url(sprintf( "project-settings_%d", $project->id ), 0) : menu_page_url('projectmanager', 0)."&subpage=settings&project_id=".$project->id; 645 649 -
projectmanager/trunk/admin/settings.php
r1675682 r2085458 343 343 <th scope="row"><label for="no_edit"><?php _e( 'Disable dataset editing', 'projectmanager' ) ?></label></th><td><input type="checkbox" id="no_edit" name="settings[no_edit]" value="1"<?php checked(intval($project->no_edit), 1) ?> /></td> 344 344 </tr> 345 <tr valign="top"> 346 <th scope="row"><label for="encrypt_data"><?php _e('Encrypt data', 'projectmanager') ?></label></th> 347 <td> 348 <input type="checkbox" id="encrypt_data" name="settings[encrypt_data]" value="1"<?php checked(intval($project->encrypt_data), 1) ?> /> 349 <p class="tagline-description description"> 350 <?php if (defined('PROJECTMANAGER_KEY')) : ?> 351 <?php _e('Encryption key defined in wp-config.php', 'projectmanager') ?> 352 <?php else : ?> 353 <?php _e('You have to define a constant <em>PROJECTMANAGER_KEY</em> in wp-config.php for encryption to work!', 'projectmanager') ?> 354 <?php endif; ?> 355 </p> 356 <p class="encrpytion-info"><a href="<?php echo $menu_page_url ?>&generateEncryptionKey" class="button-secondary"><?php _e('Generate encryption key', 'projectmanager') ?></a></p> 357 <?php if (isset($_GET['generateEncryptionKey'])) : ?> 358 <p class="encryption-info"><pre>define('PROJECTMANAGER_KEY', '<?php echo htmlspecialchars($project->generateEncryptionKey()); ?>');</pre></p> 359 360 <?php if (defined('PROJECTMANAGER_KEY')) : ?> 361 <p class="tagline-description description"><strong><?php _e('Before changing the key make sure to deactivate encryption, otherwise you will loose all encrypted data!', 'projectmanager') ?></strong></p> 362 <?php endif; ?> 363 <?php endif; ?> 364 </td> 365 </tr> 345 366 </table> 346 367 -
projectmanager/trunk/admin/show-project.php
r1675682 r2085458 137 137 </div> 138 138 </div> 139 140 139 <?php if ( $datasets ) : ?> 141 140 <table class="widefat wp-list-table sortable-table dataset-list" id="datasets"> … … 185 184 </td>--> 186 185 <?php if ( $project->dataset_activation == 1 ) : ?> 187 188 186 <td class="column-status status-<?php echo $dataset->status ?>" data-colname="<?php _e( 'Status', 'projectmanager' ) ?>"><?php _e($dataset->status, 'projectmanager') ?></td> 189 187 <?php endif; ?> -
projectmanager/trunk/lib/dataset.php
r1665641 r2085458 380 380 381 381 return true; 382 } 383 384 385 /** 386 * encrypt data 387 * 388 * @param string $data data to encrypt 389 * @return base64 encoded encrypted string 390 */ 391 public function encryptData($data) { 392 if ( defined('PROJECTMANAGER_KEY') ) { 393 // generate random 16 bytes IV 394 //$iv = openssl_random_pseudo_bytes(16); 395 $iv = random_bytes(16); 396 // add $iv in front of encrypted data and base64 encode 397 $data = base64_encode($iv.openssl_encrypt($data, "aes-256-cbc", PROJECTMANAGER_KEY, OPENSSL_RAW_DATA, $iv)); 398 } 399 400 return $data; 401 } 402 403 404 /** 405 * decrypt data 406 * 407 * @param string $data encrypted data to decrypt 408 * @return string unencrypted data 409 */ 410 public function decryptData($data) { 411 if ( defined('PROJECTMANAGER_KEY') ) { 412 // decode encrypted data to byte code 413 $data = base64_decode($data); 414 // extract IV from first 16 bytes 415 $iv = substr($data, 0, 16); 416 // decrypt data 417 $data = openssl_decrypt(substr($data, 16, strlen($data)-16), "aes-256-cbc", PROJECTMANAGER_KEY, OPENSSL_RAW_DATA, $iv); 418 } 419 420 return $data; 382 421 } 383 422 … … 663 702 } 664 703 665 /*666 switch ( $extension ) {667 case 'ods':668 case 'doc':669 case 'docx':670 $out .= "document_word.png";671 break;672 case 'xls':673 case 'ods':674 $out .= "document_excel.png";675 break;676 case 'csv':677 $out .= "document_excel_csv.png";678 break;679 case 'ppt':680 case 'odp':681 case 'pptx':682 $out .= "document_powerpoint.png";683 break;684 case 'zip':685 case 'rar':686 case 'tar':687 case 'gzip':688 case 'tar.gz':689 case 'bzip2':690 case 'tar.bz2':691 $out .= "document_zipper.png";692 break;693 case 'divx':694 case 'mpg':695 case 'mp4':696 case 'wmv':697 case 'avi':698 case 'mp4':699 case 'mpg':700 case 'mpeg':701 case 'm4v':702 case '3gp':703 case 'mov':704 case 'qt':705 case 'mkv':706 case 'vob':707 $out .= "film.png";708 break;709 case 'mp3':710 case 'ogg':711 case 'wma':712 case 'aac':713 case 'm4a':714 case 'm4p':715 case 'wav':716 $out .= "document_music.png";717 break;718 case 'flv':719 case 'f4v':720 case 'f4p':721 case 'f4a':722 case 'f4b':723 $out .= "document-flash-movie.png";724 break;725 case 'gif':726 case 'png':727 case 'jpg':728 case 'jpeg':729 case 'raw':730 case 'tiff':731 case 'tif':732 case 'bmp':733 $out .= "image.png";734 break;735 case 'svg':736 case 'ai':737 $out .= "document-illustrator.png";738 break;739 case 'psd':740 case 'eps':741 case 'ps':742 $out .= "document-photoshop.png";743 break;744 case 'html':745 case 'htm':746 $out .= "globe.png";747 break;748 case 'php':749 $out .= "document-php.png";750 break;751 case 'txt':752 $out .= "document_text.png";753 break;754 case 'pdf':755 $out .= "pdf.png";756 break;757 default:758 $out .= "document.png";759 break;760 }761 */762 704 return esc_url($out); 763 705 } -
projectmanager/trunk/lib/project.php
r1675682 r2085458 180 180 */ 181 181 public $no_edit = 0; 182 183 /** 184 * set data encryption 185 * 186 * @var int 0 (no) or 1 (yes) 187 */ 188 public $encrypt_data = 0; 182 189 183 190 /** … … 2731 2738 return $html; 2732 2739 } 2740 2741 2742 /** 2743 * Generate cryptographically secure random encryption key 2744 * 2745 * @return string 2746 * Characters: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789^!§$%&/()=?`´-_<>[]{}*+#,;.:~| 2747 */ 2748 public function generateEncryptionKey($length = 64, $alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789^!$%&/()=?-_<>[]{}*+#,;.:~| ') { 2749 if ( $length < 1 ) { 2750 throw new InvalidArgumentException('Length must be a positive integer'); 2751 } 2752 2753 $str = ''; 2754 $alphamax = strlen($alphabet) - 1; 2755 if ( $alphamax < 1 ) { 2756 throw new InvalidArgumentException('Invalid alphabet'); 2757 } 2758 for ($i = 0; $i <= $alphamax; $i++) { 2759 $str .= $alphabet[random_int(0, $alphamax)]; 2760 } 2761 2762 return $str; 2763 } 2733 2764 } 2734 2765
Note: See TracChangeset
for help on using the changeset viewer.