From ce2b69675075444c9e40b72bcdd42ab7edbbe633 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Fri, 28 Jan 2011 22:51:06 +0100 Subject: update to CI 2.0 Signed-off-by: Florian Pritz --- system/libraries/Encrypt.php | 93 +++++++++++++++++++++++++++++++++++++------- 1 file changed, 78 insertions(+), 15 deletions(-) mode change 100644 => 100755 system/libraries/Encrypt.php (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php old mode 100644 new mode 100755 index c893fbf9e..e5f65878a --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -2,11 +2,11 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 @@ -41,7 +41,7 @@ class CI_Encrypt { * Simply determines whether the mcrypt library exists. * */ - function CI_Encrypt() + public function __construct() { $this->CI =& get_instance(); $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; @@ -72,7 +72,7 @@ class CI_Encrypt { $CI =& get_instance(); $key = $CI->config->item('encryption_key'); - if ($key === FALSE) + if ($key == FALSE) { show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); } @@ -116,12 +116,16 @@ class CI_Encrypt { function encode($string, $key = '') { $key = $this->get_key($key); - $enc = $this->_xor_encode($string, $key); - + if ($this->_mcrypt_exists === TRUE) { - $enc = $this->mcrypt_encode($enc, $key); + $enc = $this->mcrypt_encode($string, $key); + } + else + { + $enc = $this->_xor_encode($string, $key); } + return base64_encode($enc); } @@ -140,7 +144,7 @@ class CI_Encrypt { function decode($string, $key = '') { $key = $this->get_key($key); - + if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) { return FALSE; @@ -155,8 +159,67 @@ class CI_Encrypt { return FALSE; } } + else + { + $dec = $this->_xor_decode($dec, $key); + } - return $this->_xor_decode($dec, $key); + return $dec; + } + + // -------------------------------------------------------------------- + + /** + * Encode from Legacy + * + * Takes an encoded string from the original Encryption class algorithms and + * returns a newly encoded string using the improved method added in 2.0.0 + * This allows for backwards compatibility and a method to transition to the + * new encryption algorithms. + * + * For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption + * + * @access public + * @param string + * @param int (mcrypt mode constant) + * @param string + * @return string + */ + function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '') + { + if ($this->_mcrypt_exists === FALSE) + { + log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.'); + return FALSE; + } + + // decode it first + // set mode temporarily to what it was when string was encoded with the legacy + // algorithm - typically MCRYPT_MODE_ECB + $current_mode = $this->_get_mode(); + $this->set_mode($legacy_mode); + + $key = $this->get_key($key); + + if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) + { + return FALSE; + } + + $dec = base64_decode($string); + + if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) + { + return FALSE; + } + + $dec = $this->_xor_decode($dec, $key); + + // set the mcrypt mode back to what it should be, typically MCRYPT_MODE_CBC + $this->set_mode($current_mode); + + // and re-encode + return base64_encode($this->mcrypt_encode($dec, $key)); } // -------------------------------------------------------------------- @@ -184,7 +247,7 @@ class CI_Encrypt { $enc = ''; for ($i = 0; $i < strlen($string); $i++) - { + { $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); } @@ -347,7 +410,7 @@ class CI_Encrypt { { $temp = $temp + 256; } - + $str .= chr($temp); } @@ -355,7 +418,7 @@ class CI_Encrypt { } // -------------------------------------------------------------------- - + /** * Set the Mcrypt Cipher * @@ -412,9 +475,9 @@ class CI_Encrypt { { if ($this->_mcrypt_mode == '') { - $this->_mcrypt_mode = MCRYPT_MODE_ECB; + $this->_mcrypt_mode = MCRYPT_MODE_CBC; } - + return $this->_mcrypt_mode; } @@ -440,7 +503,7 @@ class CI_Encrypt { * @access public * @param string * @return string - */ + */ function hash($str) { return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str); -- cgit v1.2.3-24-g4f1b