├── .gitignore ├── README.md ├── functions.php ├── index.php ├── install.php ├── lang └── index.html └── support ├── cacert.pem ├── debug.php ├── install.css ├── jquery-1.11.0.min.js ├── page_basics.php ├── phpseclib ├── AES.php ├── Base.php ├── Blowfish.php ├── Rijndael.php └── license.txt ├── sso_aes.php ├── sso_blowfish.php ├── sso_functions.php ├── sso_http.php ├── sso_ipaddr.php ├── sso_random.php └── str_basics.php /.gitignore: -------------------------------------------------------------------------------- 1 | config.php 2 | config_*.php 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Single Sign On (SSO) Client for PHP 2 | =================================== 3 | 4 | The official PHP SSO Client for the Barebones SSO Server. 5 | 6 | [Barebones SSO Server](https://github.com/cubiclesoft/sso-server) is an awesome, scalable, secure, flexible login system. 7 | 8 | [![Donate](https://cubiclesoft.com/res/donate-shield.png)](https://cubiclesoft.com/donate/) [![Discord](https://img.shields.io/discord/777282089980526602?label=chat&logo=discord)](https://cubiclesoft.com/product-support/github/) 9 | 10 | Features 11 | -------- 12 | 13 | * Average memory footprint. About 1MB RAM per connection. 14 | * Classes and functions are carefully named to avoid naming conflicts with third-party software. 15 | * When authentication is required prior to executing some task (e.g. posting a comment), the SSO client encrypts and sends the current request data ($_GET, $_POST, etc.) to the SSO server for later retrieval and will resume exactly where it left off in most cases (e.g. the comment is posted). 16 | * Encrypts communications over the network (even HTTP). 17 | * Communicates with the server on a schedule set by the client. Allows for significantly reduced network overhead without affecting system integrity. 18 | * And more. See the [full feature list](https://github.com/cubiclesoft/sso-server/blob/master/docs/all-features.md). 19 | * Also has a liberal open source license. MIT or LGPL, your choice. 20 | * Designed for relatively painless integration into your project. 21 | * Sits on GitHub for all of that pull request and issue tracker goodness to easily submit changes and ideas respectively. 22 | 23 | More Information 24 | ---------------- 25 | 26 | * [Barebones SSO Server](https://github.com/cubiclesoft/sso-server) 27 | * [Quick start video tutorials](https://www.youtube.com/watch?v=Vbe4p-PUSTo&index=3&list=PLIvucSFZRDjgiSfsm707zn-bqKd64Eikb) 28 | -------------------------------------------------------------------------------- /functions.php: -------------------------------------------------------------------------------- 1 | Init(isset($sso_removekeys) ? $sso_removekeys : array()); 13 | 14 | function SSO_SendRequest($action, $options = array(), $endpoint = SSO_SERVER_ENDPOINT_URL, $apikey = SSO_SERVER_APIKEY, $secretkey = SSO_SERVER_SECRETKEY) 15 | { 16 | global $sso__client; 17 | 18 | return $sso__client->SendRequest($action, $options, $endpoint, $apikey, $secretkey); 19 | } 20 | 21 | function SSO_GetFullRequestURLBase() 22 | { 23 | global $sso__client; 24 | 25 | return $sso__client->GetFullRequestURLBase(); 26 | } 27 | 28 | function SSO_LoggedIn() 29 | { 30 | global $sso__client; 31 | 32 | return $sso__client->LoggedIn(); 33 | } 34 | 35 | function SSO_CanAutoLogin() 36 | { 37 | global $sso__client; 38 | 39 | return $sso__client->CanAutoLogin(); 40 | } 41 | 42 | function SSO_FromSSOServer() 43 | { 44 | global $sso__client; 45 | 46 | return $sso__client->FromSSOServer(); 47 | } 48 | 49 | function SSO_Login($lang = "", $msg = "", $extra = array(), $appurl = "") 50 | { 51 | global $sso__client; 52 | 53 | $sso__client->Login($lang, $msg, $extra, $appurl); 54 | } 55 | 56 | function SSO_CanRemoteLogin() 57 | { 58 | global $sso__client; 59 | 60 | $sso__client->CanRemoteLogin(); 61 | } 62 | 63 | function SSO_RemoteLogin($userid, $fieldmap = array(), $endpoint = SSO_SERVER_ENDPOINT_URL, $apikey = SSO_SERVER_APIKEY, $secretkey = SSO_SERVER_SECRETKEY) 64 | { 65 | global $sso__client; 66 | 67 | $sso__client->RemoteLogin($userid, $fieldmap, $endpoint, $apikey, $secretkey); 68 | } 69 | 70 | function SSO_Logout() 71 | { 72 | global $sso__client; 73 | 74 | $sso__client->Logout(); 75 | } 76 | 77 | function SSO_HasDBData() 78 | { 79 | global $sso__client; 80 | 81 | return $sso__client->HasDBData(); 82 | } 83 | 84 | function SSO_LoadDBData($data) 85 | { 86 | global $sso__client; 87 | 88 | return $sso__client->LoadDBData($data); 89 | } 90 | 91 | function SSO_SaveDBData() 92 | { 93 | global $sso__client; 94 | 95 | return $sso__client->SaveDBData(); 96 | } 97 | 98 | function SSO_IsSiteAdmin() 99 | { 100 | global $sso__client; 101 | 102 | return $sso__client->IsSiteAdmin(); 103 | } 104 | 105 | function SSO_HasTag($name) 106 | { 107 | global $sso__client; 108 | 109 | return $sso__client->HasTag($name); 110 | } 111 | 112 | function SSO_LoadUserInfo($savefirst = false) 113 | { 114 | global $sso__client; 115 | 116 | return $sso__client->LoadUserInfo($savefirst); 117 | } 118 | 119 | function SSO_UserLoaded() 120 | { 121 | global $sso__client; 122 | 123 | return $sso__client->UserLoaded(); 124 | } 125 | 126 | function SSO_GetField($key, $default = false) 127 | { 128 | global $sso__client; 129 | 130 | return $sso__client->GetField($key, $default); 131 | } 132 | 133 | function SSO_GetEditableFields() 134 | { 135 | global $sso__client; 136 | 137 | return $sso__client->GetEditableFields(); 138 | } 139 | 140 | function SSO_SetField($key, $value) 141 | { 142 | global $sso__client; 143 | 144 | return $sso__client->SetField($key, $value); 145 | } 146 | 147 | function SSO_GetData($key, $default = false) 148 | { 149 | global $sso__client; 150 | 151 | return $sso__client->GetData($key, $default); 152 | } 153 | 154 | function SSO_SetData($key, $value, $maxcookielen = 50) 155 | { 156 | global $sso__client; 157 | 158 | return $sso__client->SetData($key, $value, $maxcookielen); 159 | } 160 | 161 | function SSO_GetMappedUserInfo($fieldmap, $object = false, $save = true) 162 | { 163 | global $sso__client; 164 | 165 | return $sso__client->GetMappedUserInfo($fieldmap, $object, $save); 166 | } 167 | 168 | function SSO_SaveUserInfo($usedb = false) 169 | { 170 | global $sso__client; 171 | 172 | return $sso__client->SaveUserInfo($usedb); 173 | } 174 | 175 | function SSO_GetUserID() 176 | { 177 | global $sso__client; 178 | 179 | return $sso__client->GetUserID(); 180 | } 181 | 182 | function SSO_GetSecretToken() 183 | { 184 | global $sso__client; 185 | 186 | return $sso__client->GetSecretToken(); 187 | } 188 | ?> -------------------------------------------------------------------------------- /index.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /install.php: -------------------------------------------------------------------------------- 1 | 24 | 25 | 26 | 27 | 28 | 34 | 35 | 36 | 37 | 43 | 44 | 45 | 46 | 53 | 54 | 55 | 56 | 62 | 63 | 64 | 65 | 71 | 72 | 73 | 74 | 80 | 81 | 82 | 83 | 89 | 90 | 91 | 92 | 98 | 99 | 100 | 101 | 114 | 115 | 116 | 117 | 118 | 119 | "Web functions", 122 | "json_decode" => "JSON decoding support functions", 123 | "openssl_open" => "OpenSSL extension support", 124 | ); 125 | 126 | $x = 0; 127 | foreach ($functions as $function => $info) 128 | { 129 | echo "\n"; 130 | $x++; 131 | } 132 | ?> 133 |
TestPassed?
PHP 5.4.x or later 29 | No

The server is running PHP " . phpversion() . ". The installation may succeed but the rest of the Single Sign-On Client will be broken. You will be unable to use this product. Running outdated versions of PHP poses a serious website security risk. Please contact your system administrator to upgrade your PHP installation."; 31 | else echo "Yes"; 32 | ?> 33 |
PHP 'safe_mode' off 38 | No

PHP is running with 'safe_mode' enabled. You will probably get additional failures below relating to file/directory creation. This setting is generally accepted as a poor security solution that doesn't work and is deprecated. Please turn it off. If you are getting errors below, can't change this setting, and the fixes below aren't working, you may need to contact your hosting service provider."; 40 | else echo "Yes"; 41 | ?> 42 |
Able to create files in ./ 47 | No

chmod 777 on the directory may fix the problem."; 49 | else if (!unlink("test.dat")) echo "No

Unable to delete test file. chmod 777 on the directory may fix the problem."; 50 | else echo "Yes"; 51 | ?> 52 |
$_SERVER["REQUEST_URI"] supported 57 | No

Server does not support this feature. The installation may fail and the site might not work."; 59 | else echo "Yes"; 60 | ?> 61 |
PHP 'register_globals' off 66 | No

PHP is running with 'register_globals' enabled. This setting is generally accepted as a major security risk and is deprecated. Please turn it off by editing the php.ini file for your site - you may need to contact your hosting provider to accomplish this task."; 68 | else echo "Yes"; 69 | ?> 70 |
PHP 'magic_quotes_gpc' off 75 | No

PHP is running with 'magic_quotes_gpc' enabled. This setting is generally accepted as a security risk AND causes all sorts of non-security-related problems. It is also deprecated. Please turn it off by editing the php.ini file for your site - you may need to contact your hosting provider to accomplish this task."; 77 | else echo "Yes"; 78 | ?> 79 |
PHP 'magic_quotes_sybase' off 84 | No

PHP is running with 'magic_quotes_sybase' enabled. This setting is generally accepted as a security risk AND causes all sorts of non-security-related problems. It is also deprecated. Please turn it off by editing the php.ini file for your site - you may need to contact your hosting provider to accomplish this task."; 86 | else echo "Yes"; 87 | ?> 88 |
Installation over SSL 93 | No

While Single Sign-On Client will install and run without using HTTPS/SSL, think about the implications of network sniffing access tokens, who will have access to the system, and what they can do in the system. SSL certificates can be obtained for free. Proceed only if this major security risk is acceptable."; 95 | else echo "Yes"; 96 | ?> 97 |
Crypto-safe CSPRNG available 102 | Yes"; 107 | } 108 | catch (Exception $e) 109 | { 110 | echo "No

Installation will fail. Please ask your system administrator to install a supported PHP extension (e.g. OpenSSL, Mcrypt)."; 111 | } 112 | ?> 113 |
Supported PHP functions 
" . htmlspecialchars($function) . "" . (function_exists($function) ? "Yes" : "No

Single Sign-On Client will be unable to use " . $info . ". The installation might succeed but the product will not function at all or have terrible performance.") . "
134 | true); 144 | else $result = $sso_client->SetLanguage(SSO_CLIENT_ROOT_PATH . "/" . SSO_CLIENT_LANG_PATH . "/", $_REQUEST["default_lang"]); 145 | 146 | if ($result["success"]) echo "Default language selection looks okay.
"; 147 | else echo "Default language selection has a problem: " . htmlspecialchars($result["error"]) . "
"; 148 | 149 | // Set up debug callback to catch connectivity issues. 150 | $debugoutput = ""; 151 | function SSOClientDebugCallback($type, $data, &$opts) 152 | { 153 | global $debugoutput; 154 | 155 | $debugoutput .= "
" . htmlspecialchars($type) . (is_string($data) ? " - " . htmlspecialchars($data) : (is_bool($data) ? "" : "\n
" . str_replace(array("\\r\\n", "\\r", "\\n"), "\n", htmlspecialchars(json_encode($data, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT))) . "
")) . "
\n"; 156 | } 157 | 158 | $sso_client->SetDebugCallback("SSOClientDebugCallback"); 159 | 160 | define("SSO_CLIENT_PROXY_X_FORWARDED_FOR", $_REQUEST["sso_proxy_x_forwarded_for"]); 161 | define("SSO_CLIENT_PROXY_CLIENT_IP", $_REQUEST["sso_proxy_client_ip"]); 162 | define("SSO_CLIENT_PROXY_URL", $_REQUEST["sso_proxy_url"]); 163 | define("SSO_CLIENT_PROXY_CONNECT", (bool)(int)$_REQUEST["sso_proxy_connect"]); 164 | define("SSO_SERVER_ENDPOINT_URL", $_REQUEST["url"]); 165 | define("SSO_SERVER_APIKEY", $_REQUEST["apikey"]); 166 | define("SSO_SERVER_SECRETKEY", $_REQUEST["secretkey"]); 167 | 168 | if (SSO_SERVER_ENDPOINT_URL == "") echo "'SSO Server Endpoint URL' is empty.
"; 169 | else if (SSO_SERVER_APIKEY == "") echo "'SSO Server API Key' is empty.
"; 170 | else if (SSO_SERVER_SECRETKEY == "") echo "'SSO Server Secret Key' is empty.
"; 171 | else 172 | { 173 | $result = $sso_client->SendRequest("test"); 174 | if ($result["success"]) echo "Successfully connected to the SSO server.
"; 175 | else 176 | { 177 | echo "Failed to connect to the SSO server. Error: " . htmlspecialchars($result["error"]) . (isset($result["info"]) ? " Info: " . htmlspecialchars($result["info"]) : "") . "
"; 178 | echo $debugoutput; 179 | } 180 | } 181 | 182 | // Test cookie information. 183 | $cookiename = preg_replace('/\s+/', "_", trim(preg_replace('/[^A-Za-z0-9]/', " ", $_REQUEST["cookie_name"]))); 184 | 185 | if ($_REQUEST["cookie_name"] == "") echo "'SSO Client Cookie Name' must not be empty or use invalid characters.
"; 186 | else if ($_REQUEST["cookie_name"] == "sso_") echo "'SSO Client Cookie Name' is set to the default name. You should consider making it specific to your application.
"; 187 | else if ($_REQUEST["cookie_name"] == "sso_server") echo "'SSO Client Cookie Name' is set to a reserved name that may cause problems.
"; 188 | else if ($cookiename != $_REQUEST["cookie_name"]) echo "'SSO Client Cookie Name' will evaluate to '" . htmlspecialchars($cookiename) . "'. This may not be what you entered or produce unintentional results.
"; 189 | else echo "The 'SSO Client Cookie Name' looks okay.
"; 190 | 191 | $url = str_replace("\\", "/", dirname(BB_GetRequestURLBase())); 192 | if (substr($url, -1) != "/") $url .= "/"; 193 | 194 | if (substr($_REQUEST["cookie_path"], -1) != "/") echo "'SSO Client Cookie Path' does not have a trailing '/' character. This can cause problems in some browsers.
"; 195 | else if ($_REQUEST["cookie_path"] == $url) echo "'SSO Client Cookie Path' is set to the default. This is probably incorrect. It should point to the root URL path (no domain) of your web application to avoid an infinite sign in loop.
"; 196 | else echo "The 'SSO Client Cookie Path' looks okay.
"; 197 | 198 | function BaseoptstestReadableTime($len) 199 | { 200 | $info = ""; 201 | 202 | $len = (int)$len; 203 | 204 | $len2 = (int)($len / 31536000); 205 | $len = $len % 31536000; 206 | if ($len2) $info .= ($info != "" ? ", " : "") . $len2 . ($len2 == 1 ? " year" : " years"); 207 | 208 | $len2 = (int)($len / 86400); 209 | $len = $len % 86400; 210 | if ($len2) $info .= ($info != "" ? ", " : "") . $len2 . ($len2 == 1 ? " day" : " days"); 211 | 212 | $len2 = (int)($len / 3600); 213 | $len = $len % 3600; 214 | if ($len2) $info .= ($info != "" ? ", " : "") . $len2 . ($len2 == 1 ? " hour" : " hours"); 215 | 216 | $len2 = (int)($len / 60); 217 | $len = $len % 60; 218 | if ($len2) $info .= ($info != "" ? ", " : "") . $len2 . ($len2 == 1 ? " min" : " mins"); 219 | 220 | $len2 = $len; 221 | if ($len2) $info .= ($info != "" ? ", " : "") . $len2 . ($len2 == 1 ? " sec" : " secs"); 222 | 223 | return $info; 224 | } 225 | 226 | // Test timeout information. 227 | if ((int)$_REQUEST["cookie_timeout"] < 0) echo "'SSO Client Cookie Timeout' is less than 0.
"; 228 | else if ((int)$_REQUEST["cookie_check"] < 0) echo "'SSO Client Cookie Validation Check' is less than 0.
"; 229 | else if ((int)$_REQUEST["server_timeout"] < 0) echo "'SSO Server Session Timeout' is less than 0.
"; 230 | else if ((int)$_REQUEST["server_timeout"] < (int)$_REQUEST["cookie_check"]) echo "'SSO Server Session Timeout' is less than 'SSO Client Cookie Validation Check'.
"; 231 | else if ((int)$_REQUEST["cookie_timeout"] > 0 && (int)$_REQUEST["server_timeout"] > (int)$_REQUEST["cookie_timeout"]) echo "'SSO Server Session Timeout' is greater than 'SSO Client Cookie Timeout'.
"; 232 | else 233 | { 234 | echo "The timeout information looks okay.
"; 235 | 236 | echo "
"; 237 | echo "SSO Server session length: " . BaseoptstestReadableTime($_REQUEST["server_timeout"]) . ".
"; 238 | echo "Sessions will be validated every: " . BaseoptstestReadableTime($_REQUEST["cookie_check"]) . ".
"; 239 | echo "SSO Client cookies will expire/invalidate: " . ($_REQUEST["cookie_timeout"] > 0 ? BaseoptstestReadableTime($_REQUEST["cookie_timeout"]) . ($_REQUEST["cookie_exit_timeout"] > 0 ? " OR when the browser is closed, whichever comes first." : ".") : "When the browser is closed.") . "
"; 240 | echo "
"; 241 | echo "Note: SSO Client cookie length doesn't matter as much as SSO Server session length and the amount of time that passes between session validations.
"; 242 | } 243 | } 244 | else if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "install") 245 | { 246 | function InstallError($message) 247 | { 248 | echo "" . $message . " Click 'Prev' below to go back and correct the problem."; 249 | echo ""; 250 | 251 | exit(); 252 | } 253 | 254 | function InstallWarning($message) 255 | { 256 | echo "" . $message . "
"; 257 | } 258 | 259 | function InstallSuccess($message) 260 | { 261 | echo "" . $message . "
"; 262 | } 263 | 264 | // Set up page-level calculation variables. 265 | define("SSO_CLIENT_ROOT_PATH", str_replace("\\", "/", dirname(__FILE__))); 266 | 267 | $url = dirname(BB_GetRequestURLBase()); 268 | if (substr($url, -1) == "/") $url = substr($url, 0, -1); 269 | define("SSO_CLIENT_ROOT_URL", $url); 270 | 271 | if (substr($_REQUEST["sso_cookie_path"], -1) != "/") InstallError("'SSO Client Cookie Path' does not have a trailing '/' character. This can cause problems in some browsers."); 272 | 273 | $cookiename = preg_replace('/\s+/', "_", trim(preg_replace('/[^A-Za-z0-9]/', " ", $_REQUEST["sso_cookie_name"]))); 274 | 275 | if ($cookiename == "") InstallError("'SSO Client Cookie Name' must not be empty or use invalid characters."); 276 | else if ($cookiename == "sso_") InstallWarning("'SSO Client Cookie Name' is set to the default name. You should consider reinstalling the SSO Client and making it specific to your application."); 277 | else if ($cookiename == "sso_server") InstallError("'SSO Client Cookie Name' is set to a reserved name that may cause problems."); 278 | 279 | $cookieurl = dirname(BB_GetRequestURLBase()); 280 | if (substr($cookieurl, -1) != "/") $cookieurl .= "/"; 281 | if ($_REQUEST["sso_cookie_path"] == $cookieurl) InstallWarning("'SSO Client Cookie Path' is set to the default. This is probably incorrect. It should point to the root URL path (no domain) of your web application to avoid an infinite sign in loop."); 282 | 283 | if ((int)$_REQUEST["sso_cookie_timeout"] < 0) InstallError("'SSO Client Cookie Timeout' is less than 0."); 284 | if ((int)$_REQUEST["sso_cookie_check"] < 0) InstallError("'SSO Client Cookie Validation Check' is less than 0."); 285 | if ((int)$_REQUEST["sso_server_session_timeout"] < 0) InstallError("'SSO Server Session Timeout' is less than 0."); 286 | if ((int)$_REQUEST["sso_server_session_timeout"] < (int)$_REQUEST["sso_cookie_check"]) InstallError("'SSO Server Session Timeout' is less than 'SSO Client Cookie Validation Check'."); 287 | if ((int)$_REQUEST["sso_cookie_timeout"] > 0 && (int)$_REQUEST["sso_server_session_timeout"] > (int)$_REQUEST["sso_cookie_timeout"]) InstallError("'SSO Server Session Timeout' is greater than 'SSO Client Cookie Timeout'."); 288 | if ($_REQUEST["sso_server_endpoint_url"] == "") InstallError("'SSO Server Endpoint URL' is empty."); 289 | if ($_REQUEST["sso_server_apikey"] == "") InstallError("'SSO Server API Key' is empty."); 290 | if ($_REQUEST["sso_server_secretkey"] == "") InstallError("'SSO Server Secret Key' is empty."); 291 | 292 | // Generate random seeds. 293 | $rng = new SSO_CSPRNG(true); 294 | for ($x = 0; $x < 16; $x++) 295 | { 296 | $seed = $rng->GenerateToken(128); 297 | if ($seed === false) InstallError("Seed generation failed."); 298 | 299 | define("SSO_CLIENT_RAND_SEED" . ($x ? $x + 1 : ""), $seed); 300 | } 301 | 302 | // Set up the main configuration file. 303 | $data = "<" . "?php\n"; 304 | $data .= "\tdefine(\"SSO_CLIENT_ROOT_PATH\", " . var_export(SSO_CLIENT_ROOT_PATH, true) . ");\n"; 305 | $data .= "\tdefine(\"SSO_CLIENT_ROOT_URL\", " . var_export(SSO_CLIENT_ROOT_URL, true) . ");\n"; 306 | $data .= "\tdefine(\"SSO_CLIENT_SUPPORT_PATH\", \"support\");\n"; 307 | $data .= "\tdefine(\"SSO_CLIENT_LANG_PATH\", \"lang\");\n"; 308 | $data .= "\tdefine(\"SSO_CLIENT_DEFAULT_LANG\", " . var_export($_REQUEST["sso_default_lang"], true) . ");\n"; 309 | $data .= "\tdefine(\"SSO_CLIENT_PROXY_X_FORWARDED_FOR\", " . var_export($_REQUEST["sso_proxy_x_forwarded_for"], true) . ");\n"; 310 | $data .= "\tdefine(\"SSO_CLIENT_PROXY_CLIENT_IP\", " . var_export($_REQUEST["sso_proxy_client_ip"], true) . ");\n"; 311 | $data .= "\tdefine(\"SSO_COOKIE_NAME\", " . var_export($cookiename, true) . ");\n"; 312 | $data .= "\tdefine(\"SSO_COOKIE_PATH\", " . var_export($_REQUEST["sso_cookie_path"], true) . ");\n"; 313 | $data .= "\tdefine(\"SSO_COOKIE_TIMEOUT\", " . (int)$_REQUEST["sso_cookie_timeout"] . ");\n"; 314 | $data .= "\tdefine(\"SSO_COOKIE_EXIT_TIMEOUT\", " . var_export($_REQUEST["sso_cookie_exit_timeout"] == 1, true) . ");\n"; 315 | $data .= "\tdefine(\"SSO_COOKIE_SSL_ONLY\", " . var_export($_REQUEST["sso_cookie_ssl_only"] == 1, true) . ");\n"; 316 | $data .= "\tdefine(\"SSO_COOKIE_RESET_IPADDR_CHANGES\", " . var_export($_REQUEST["sso_cookie_reset_ipaddr_changes"] == 1, true) . ");\n"; 317 | $data .= "\tdefine(\"SSO_COOKIE_CHECK\", " . (int)$_REQUEST["sso_cookie_check"] . ");\n"; 318 | $data .= "\tdefine(\"SSO_COOKIE_CIPHER\", " . var_export($_REQUEST["sso_cookie_cipher"], true) . ");\n"; 319 | $data .= "\tdefine(\"SSO_COOKIE_DUAL_ENCRYPT\", " . var_export($_REQUEST["sso_cookie_dual_encrypt"] == 1, true) . ");\n"; 320 | $data .= "\tdefine(\"SSO_SERVER_ENDPOINT_URL\", " . var_export($_REQUEST["sso_server_endpoint_url"], true) . ");\n"; 321 | $data .= "\tdefine(\"SSO_SERVER_APIKEY\", " . var_export($_REQUEST["sso_server_apikey"], true) . ");\n"; 322 | $data .= "\tdefine(\"SSO_SERVER_SECRETKEY\", " . var_export($_REQUEST["sso_server_secretkey"], true) . ");\n"; 323 | $data .= "\tdefine(\"SSO_SERVER_SESSION_TIMEOUT\", " . (int)$_REQUEST["sso_server_session_timeout"] . ");\n"; 324 | $data .= "\tdefine(\"SSO_CLIENT_DB_CIPHER\", " . var_export($_REQUEST["sso_db_cipher"], true) . ");\n"; 325 | $data .= "\tdefine(\"SSO_CLIENT_DB_DUAL_ENCRYPT\", " . var_export($_REQUEST["sso_db_dual_encrypt"] == 1, true) . ");\n"; 326 | $data .= "\tdefine(\"SSO_CLIENT_ACCEPT_SITE_ADMIN\", " . var_export($_REQUEST["sso_accept_site_admin"] == 1, true) . ");\n"; 327 | $data .= "\tdefine(\"SSO_CLIENT_CHECK_SITE_ADMIN\", " . var_export($_REQUEST["sso_check_site_admin"] == 1, true) . ");\n"; 328 | $data .= "\tdefine(\"SSO_CLIENT_PROXY_URL\", " . var_export($_REQUEST["sso_proxy_url"], true) . ");\n"; 329 | $data .= "\tdefine(\"SSO_CLIENT_PROXY_CONNECT\", " . var_export($_REQUEST["sso_proxy_connect"] == 1, true) . ");\n"; 330 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED\", " . var_export(SSO_CLIENT_RAND_SEED, true) . ");\n"; 331 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED2\", " . var_export(SSO_CLIENT_RAND_SEED2, true) . ");\n"; 332 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED3\", " . var_export(SSO_CLIENT_RAND_SEED3, true) . ");\n"; 333 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED4\", " . var_export(SSO_CLIENT_RAND_SEED4, true) . ");\n"; 334 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED5\", " . var_export(SSO_CLIENT_RAND_SEED5, true) . ");\n"; 335 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED6\", " . var_export(SSO_CLIENT_RAND_SEED6, true) . ");\n"; 336 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED7\", " . var_export(SSO_CLIENT_RAND_SEED7, true) . ");\n"; 337 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED8\", " . var_export(SSO_CLIENT_RAND_SEED8, true) . ");\n"; 338 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED9\", " . var_export(SSO_CLIENT_RAND_SEED9, true) . ");\n"; 339 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED10\", " . var_export(SSO_CLIENT_RAND_SEED10, true) . ");\n"; 340 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED11\", " . var_export(SSO_CLIENT_RAND_SEED11, true) . ");\n"; 341 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED12\", " . var_export(SSO_CLIENT_RAND_SEED12, true) . ");\n"; 342 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED13\", " . var_export(SSO_CLIENT_RAND_SEED13, true) . ");\n"; 343 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED14\", " . var_export(SSO_CLIENT_RAND_SEED14, true) . ");\n"; 344 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED15\", " . var_export(SSO_CLIENT_RAND_SEED15, true) . ");\n"; 345 | $data .= "\tdefine(\"SSO_CLIENT_RAND_SEED16\", " . var_export(SSO_CLIENT_RAND_SEED16, true) . ");\n"; 346 | $data .= "?" . ">"; 347 | if (file_put_contents("config.php", $data) === false) InstallError("Unable to create the configuration file."); 348 | InstallSuccess("Successfully created the configuration file."); 349 | 350 | InstallSuccess("The installation completed successfully."); 351 | 352 | ?> 353 |
354 | Next: Start using Single-Sign On Client
355 | (Follow the instructions to learn how to use the SSO Client.)
356 | 361 | 362 | 363 | 364 | Single Sign-On Client Installer 365 | 366 | 367 | 368 | 369 | 378 | 379 | 380 | 381 | 382 |
383 | 384 |
385 |
386 |

Single Sign-On Client Installer

387 |

Welcome to the Single Sign-On Client installer.

388 |
389 | If you are looking to implement a centralized account management and login system for one or more domains, 390 | bring disparate login systems together under a unified system, and easily manage all aspects of a user account, 391 | then this is most likely what you are looking for:

392 | 393 |
394 | A self-contained, centralized account management server that can sit on any domain with tools 395 | to easily manage user fields and access permissions, with multiple signup and sign in options, 396 | and easy-to-use client functions to sign in and extract information from the server in a 397 | secure manner. Or more simply put: Do you need a login system that rocks? 398 |
399 |
400 | 401 | If that sounds like you, Single Sign-On (SSO) is the answer. Just click "Next" below to get started. 402 |
403 | 404 |
405 | Next » 406 |
407 |
408 | 409 | 429 | 430 | 462 | 463 | 568 | 569 | 675 | 676 | 714 | 715 |
716 |
717 | 718 | 719 | -------------------------------------------------------------------------------- /lang/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cubiclesoft/sso-client-php/8d9bab38e9c9667c3d6844a7b645725461370de0/lang/index.html -------------------------------------------------------------------------------- /support/debug.php: -------------------------------------------------------------------------------- 1 | 13 | -------------------------------------------------------------------------------- /support/install.css: -------------------------------------------------------------------------------- 1 | body { 2 | background: #FFFFFF none repeat scroll 0 0; 3 | color: #000000; 4 | margin: 0; 5 | } 6 | 7 | img { 8 | border: 0px none; 9 | margin: 0px; 10 | } 11 | 12 | form { 13 | border: 0px none; 14 | margin: 0px; 15 | } 16 | 17 | a { 18 | color: #035488; 19 | text-decoration: none; 20 | } 21 | 22 | a:hover { 23 | color: #444444; 24 | text-decoration: underline; 25 | } 26 | 27 | #main { 28 | width: 600px; 29 | margin-left: auto; 30 | margin-right: auto; 31 | } 32 | 33 | div.box { 34 | margin-top: 5px; 35 | margin-bottom: 15px; 36 | width: 600px; 37 | background-color: #F1F1F1; 38 | border: 1px solid black; 39 | border-radius: 5px; 40 | -moz-border-radius: 5px; 41 | -webkit-border-radius: 5px; 42 | } 43 | 44 | div.box h1 { 45 | text-align: center; 46 | font-size: 1.5em; 47 | width: 100%; 48 | color: #322F34; 49 | background-color: #B7CDE0; 50 | margin: 0; 51 | border-bottom: 1px dashed #322F34; 52 | border-top-right-radius: 3px; 53 | border-top-left-radius: 3px; 54 | -moz-border-radius-topleft: 3px; 55 | -moz-border-radius-topright: 3px; 56 | -webkit-border-top-right-radius: 3px; 57 | -webkit-border-top-left-radius: 3px; 58 | } 59 | 60 | div.box h3 { 61 | margin: 5px 5px 15px 5px; 62 | color: #666666; 63 | font-size: 1.2em; 64 | } 65 | 66 | div.box div.boxmain { 67 | margin: 15px 15px 15px 30px; 68 | font-size: 0.9em; 69 | } 70 | 71 | div.indent { 72 | font-size: 1.2em; 73 | font-style: italic; 74 | margin-left: 30px; 75 | } 76 | 77 | div.box div.boxbuttons { 78 | font-size: 1.3em; 79 | font-weight: bold; 80 | text-align: right; 81 | margin: 5px 15px 10px 0px; 82 | } 83 | 84 | table { 85 | border: 1px solid #E5E5E5; 86 | } 87 | 88 | td, th { 89 | padding-left: 3px; 90 | padding-right: 3px; 91 | } 92 | 93 | tr.head { 94 | background-color: #CFD6DD; 95 | } 96 | 97 | tr.row { 98 | background-color: #EFEFEF; 99 | } 100 | 101 | tr.altrow { 102 | background-color: #ECECEC; 103 | } 104 | 105 | tr.row td { 106 | vertical-align: top; 107 | } 108 | 109 | .success { 110 | color: #008800; 111 | font-weight: bold; 112 | } 113 | 114 | .error { 115 | color: #880000; 116 | font-weight: bold; 117 | } 118 | 119 | .warning { 120 | color: #888800; 121 | font-weight: bold; 122 | } 123 | 124 | div.formfields { 125 | border: 1px solid #E5E5E5; 126 | background-color: #F5F5F5; 127 | padding-left: 10px; 128 | padding-right: 10px; 129 | } 130 | 131 | div.formfields div.formitem { 132 | margin-top: 10px; 133 | margin-bottom: 10px; 134 | } 135 | 136 | div.formfields div.formitem div.formitemtitle { 137 | font-weight: bold; 138 | margin-bottom: 2px; 139 | } 140 | 141 | div.formfields div.formitem input.text { 142 | margin-left: 7px; 143 | width: 95%; 144 | border: 1px solid #C5C5C5; 145 | } 146 | 147 | div.formfields div.formitem input.checkbox { 148 | margin-left: 7px; 149 | border: 1px solid #C5C5C5; 150 | } 151 | 152 | div.formfields div.formitem input.submit { 153 | margin-top: 15px; 154 | margin-left: 225px; 155 | background-color: #FFFFFF; 156 | border: 2px solid #A5A5A5; 157 | } 158 | 159 | div.formfields div.formitem select { 160 | margin-left: 7px; 161 | width: 95%; 162 | border: 1px solid #C5C5C5; 163 | } 164 | 165 | div.formfields div.formitem div.formitemdesc { 166 | margin-left: 15px; 167 | font-size: 0.9em; 168 | } 169 | 170 | div.testresult { 171 | margin-left: 25px; 172 | margin-right: 25px; 173 | border: 1px solid #C5C5C5; 174 | padding: 5px; 175 | display: none; 176 | } 177 | -------------------------------------------------------------------------------- /support/page_basics.php: -------------------------------------------------------------------------------- 1 | 65535) $port = ($ssl ? 443 : 80); 65 | $url .= preg_replace('/[^a-z0-9.\-]/', "", strtolower($host)); 66 | if ($protocol == "" && ((!$ssl && $port != 80) || ($ssl && $port != 443))) $url .= ":" . $port; 67 | else if ($protocol == "http" && !$ssl && $port != 80) $url .= ":" . $port; 68 | else if ($protocol == "https" && $ssl && $port != 443) $url .= ":" . $port; 69 | } 70 | 71 | $bb_getrequesthost_cache[$type] = $url; 72 | 73 | return $url; 74 | } 75 | 76 | function BB_GetRequestURLBase() 77 | { 78 | $str = str_replace("\\", "/", $_SERVER["REQUEST_URI"]); 79 | $pos = strpos($str, "?"); 80 | if ($pos !== false) $str = substr($str, 0, $pos); 81 | $str2 = strtolower($str); 82 | if (substr($str2, 0, 7) == "http://" || substr($str2, 0, 8) == "https://") 83 | { 84 | $pos = strpos($str, "/", 8); 85 | if ($pos === false) $str = "/"; 86 | else $str = substr($str, $pos); 87 | } 88 | 89 | return $str; 90 | } 91 | 92 | function BB_GetFullRequestURLBase($protocol = "") 93 | { 94 | return BB_GetRequestHost($protocol) . BB_GetRequestURLBase(); 95 | } 96 | 97 | // Multilingual admin functions. 98 | function BB_Translate() 99 | { 100 | global $bb_admin_lang, $bb_admin_def_lang, $bb_langmap; 101 | 102 | $args = func_get_args(); 103 | if (!count($args) || $args[0] == "") return ""; 104 | if (isset($bb_admin_lang) && isset($bb_admin_def_lang) && isset($bb_langmap)) 105 | { 106 | $arg = $args[0]; 107 | if (isset($bb_langmap[$bb_admin_lang]) && isset($bb_langmap[$bb_admin_lang][$arg])) $args[0] = $bb_langmap[$bb_admin_lang][$arg]; 108 | else if (isset($bb_langmap[$bb_admin_def_lang]) && isset($bb_langmap[$bb_admin_def_lang][$arg])) $args[0] = $bb_langmap[$bb_admin_def_lang][$arg]; 109 | else if (isset($bb_langmap[""][$arg])) $args[0] = $bb_langmap[""][$arg]; 110 | else if (function_exists("BB_Untranslated")) BB_Untranslated($args); 111 | } 112 | if (count($args) == 1 && strpos($args[0], "%") !== false) $args[0] = str_replace("%", "%%", $args[0]); 113 | 114 | return call_user_func_array("sprintf", $args); 115 | } 116 | 117 | function BB_PostTranslate($str) 118 | { 119 | global $bb_admin_lang, $bb_admin_def_lang, $bb_langmap; 120 | 121 | if (isset($bb_admin_lang) && isset($bb_admin_def_lang) && isset($bb_langmap)) 122 | { 123 | if (isset($bb_langmap[$bb_admin_lang]) && isset($bb_langmap[$bb_admin_lang][""]) && is_array($bb_langmap[$bb_admin_lang][""])) $str = str_replace($bb_langmap[$bb_admin_lang][""][0], $bb_langmap[$bb_admin_lang][""][1], $str); 124 | else if (isset($bb_langmap[$bb_admin_def_lang]) && isset($bb_langmap[$bb_admin_def_lang][""]) && is_array($bb_langmap[$bb_admin_def_lang][""])) $str = str_replace($bb_langmap[$bb_admin_def_lang][""][0], $bb_langmap[$bb_admin_def_lang][""][1], $str); 125 | else if (isset($bb_langmap[""][""]) && is_array($bb_langmap[""][""])) $str = str_replace($bb_langmap[""][""][0], $bb_langmap[""][""][1], $str); 126 | } 127 | 128 | return $str; 129 | } 130 | 131 | function BB_FormatTimestamp($format, $ts) 132 | { 133 | return BB_PostTranslate(date(BB_Translate($format), $ts)); 134 | } 135 | 136 | function BB_SetLanguage($path, $lang) 137 | { 138 | global $bb_langmap, $bb_admin_lang; 139 | 140 | $lang = preg_replace('/\s+/', "_", trim(preg_replace('/[^a-z]/', " ", strtolower($lang)))); 141 | if ($lang == "") 142 | { 143 | $path .= "default/"; 144 | } 145 | else 146 | { 147 | if ($lang == "default") return array("success" => false, "error" => "Invalid language."); 148 | $path .= $lang . "/"; 149 | } 150 | 151 | if (isset($bb_langmap[$lang])) 152 | { 153 | if ($lang != "") $bb_admin_lang = $lang; 154 | 155 | return array("success" => true); 156 | } 157 | $bb_langmap[$lang] = array(); 158 | 159 | $dir = @opendir($path); 160 | if ($dir === false) return array("success" => false, "error" => "Directory does not exist.", "info" => $path); 161 | 162 | while (($file = readdir($dir)) !== false) 163 | { 164 | if (strtolower(substr($file, -4)) == ".php") require_once $path . $file; 165 | } 166 | 167 | closedir($dir); 168 | 169 | if (isset($bb_langmap[$lang][""]) && is_array($bb_langmap[$lang][""])) $bb_langmap[$lang][""] = array(array_keys($bb_langmap[$lang][""]), array_values($bb_langmap[$lang][""])); 170 | 171 | $bb_admin_lang = $lang; 172 | 173 | return array("success" => true); 174 | } 175 | 176 | function BB_InitLangmap($path, $default = "") 177 | { 178 | global $bb_admin_lang, $bb_admin_def_lang, $bb_langmap; 179 | 180 | $bb_langmap = array(); 181 | BB_SetLanguage($path, ""); 182 | if ($default != "") BB_SetLanguage($path, $default); 183 | $bb_admin_def_lang = $bb_admin_lang; 184 | if (isset($_SERVER["HTTP_ACCEPT_LANGUAGE"])) 185 | { 186 | $langs = explode(",", $_SERVER["HTTP_ACCEPT_LANGUAGE"]); 187 | foreach ($langs as $lang) 188 | { 189 | $lang = trim($lang); 190 | $pos = strpos($lang, ";"); 191 | if ($pos !== false) $lang = substr($lang, 0, $pos); 192 | if ($lang != "") 193 | { 194 | $result = BB_SetLanguage($path, $lang); 195 | if ($result["success"]) break; 196 | } 197 | } 198 | } 199 | } 200 | 201 | 202 | // Code swiped from CubicleSoft browser cookie support functions. 203 | function SetCookieFixDomain($name, $value = "", $expires = 0, $path = "", $domain = "", $secure = false, $httponly = false) 204 | { 205 | if (!empty($domain)) 206 | { 207 | // Remove port information. 208 | $pos = strpos($domain, "]"); 209 | if (substr($domain, 0, 1) == "[" && $pos !== false) $domain = substr($domain, 0, $pos + 1); 210 | else 211 | { 212 | $port = strpos($domain, ":"); 213 | if ($port !== false) $domain = substr($domain, 0, $port); 214 | 215 | // Fix the domain to accept domains with and without 'www.'. 216 | if (strtolower(substr($domain, 0, 4)) == "www.") $domain = substr($domain, 4); 217 | if (strpos($domain, ".") === false) $domain = ""; 218 | else if (substr($domain, 0, 1) != ".") $domain = "." . $domain; 219 | } 220 | } 221 | 222 | header('Set-Cookie: ' . rawurlencode($name) . "=" . rawurlencode($value) 223 | . (empty($expires) ? "" : "; expires=" . gmdate("D, d-M-Y H:i:s", $expires) . " GMT") 224 | . (empty($path) ? "" : "; path=" . $path) 225 | . (empty($domain) ? "" : "; domain=" . $domain) 226 | . (!$secure ? "" : "; secure") 227 | . (!$httponly ? "" : "; HttpOnly"), false); 228 | } 229 | 230 | 231 | function BB_OutputJQueryUI($rooturl, $supportpath) 232 | { 233 | ?> 234 | " type="text/css" media="all" /> 235 | 236 | 269 | 273 |
274 |
275 |
276 |
277 | 281 |
282 | $value) 288 | { 289 | ?> 290 | 291 | 296 | " /> 297 | " /> 298 | 306 |
"> 307 | $field) 311 | { 312 | if (is_string($field)) 313 | { 314 | if ($field == "split" && !$insiderow) echo "
"; 315 | else if ($field == "endaccordion" || $field == "endaccordian") 316 | { 317 | if ($insiderow) 318 | { 319 | ?> 320 |
321 | 325 |
326 | 327 | "; 337 | else if ($bb_formtables) 338 | { 339 | $insiderow = true; 340 | ?> 341 |
"> 342 | 349 |
350 | 363 | 364 | 371 | 372 |

373 |
374 | 379 |
380 |

381 |
382 | "; 392 | ?> 393 |
"> 394 | 401 |
402 | 408 |
409 | 414 |
 
415 | 425 |
>
426 | 433 | type="text" id="" name="" value="" /> 434 | 441 | type="password" id="" name="" value="" /> 442 | 449 | " name="" value="" /> 450 | 451 | true); 477 | 478 | $idbase = htmlspecialchars("f" . $num . "_" . $field["name"]); 479 | if ($mode == "checkbox") 480 | { 481 | $idnum = 0; 482 | foreach ($field["options"] as $name => $value) 483 | { 484 | if (is_array($value)) 485 | { 486 | foreach ($value as $name2 => $value2) 487 | { 488 | $id = $idbase . ($idnum ? "_" . $idnum : ""); 489 | ?> 490 | []" value="" /> 491 |
492 | 500 | []" value="" /> 501 |
502 | 510 | 538 | 552 | " type="text/css" media="all" /> 553 | 554 | 557 | 563 | 570 | " type="text/css" media="all" /> 571 | " type="text/css" media="all" /> 572 | 573 | 574 | 577 | 583 | 590 | " type="text/css" media="all" /> 591 | 592 | 595 | 610 |
611 | 632 |
633 | 642 | "> 643 | "> 644 | 648 | 649 | 655 | 656 | 659 | 660 | 665 | "> 666 | 670 | 671 | 678 | > 679 | 683 | 684 | 688 |
 
689 | 694 | 697 | 703 |
"> 704 | $row) 707 | { 708 | ?> 709 |
"> 710 | $col) 712 | { 713 | ?> 714 |
">
715 |
716 | 719 |
720 | 724 |
725 | 734 | " name="" /> 735 | 742 | type="text" id="" name="" value="" /> 743 | 758 |
759 | 764 |
765 | 768 |
769 | "; 771 | } 772 | } 773 | 774 | if ($insiderow) 775 | { 776 | ?> 777 |
778 | 784 |
785 |
786 | 789 | 790 | 797 |
798 | 802 | value="" /> 803 | 806 |
807 | 813 | 814 | 817 | 818 | 827 | 833 | 845 | 851 | 857 | 860 | $val) 922 | { 923 | if (!is_array($val)) $query[] = urlencode($key) . "=" . urlencode($val); 924 | else 925 | { 926 | foreach ($val as $val2) $query[] = urlencode($key) . "[]=" . urlencode($val2); 927 | } 928 | } 929 | } 930 | } 931 | 932 | return ($fullrequest ? BB_GetFullRequestURLBase($protocol) : BB_GetRequestURLBase()) . (count($query) ? "?" . implode("&", $query) : ""); 933 | } 934 | 935 | function BB_RedirectPage($msgtype = "", $msg = "", $query = array()) 936 | { 937 | if (count($query)) unset($_REQUEST["bb_back"]); 938 | 939 | if ($msgtype != "") 940 | { 941 | if (!isset($_REQUEST["bb_msgtype"]) || ($_REQUEST["bb_msgtype"] != "error" && $_REQUEST["bb_msgtype"] != "success" && $_REQUEST["bb_msgtype"] != "info")) $_REQUEST["bb_msgtype"] = $msgtype; 942 | else if ($msgtype == "error") $_REQUEST["bb_msgtype"] = "error"; 943 | else if ($msgtype == "info" && $_REQUEST["bb_msgtype"] != "error") $_REQUEST["bb_msgtype"] = "info"; 944 | else $_REQUEST["bb_msgtype"] = "success"; 945 | 946 | if (!isset($_REQUEST["bb_msg"])) $_REQUEST["bb_msg"] = $msg; 947 | else $_REQUEST["bb_msg"] = $msg . " " . $_REQUEST["bb_msg"]; 948 | 949 | $query[] = "bb_msgtype=" . urlencode($_REQUEST["bb_msgtype"]); 950 | $query[] = "bb_msg=" . urlencode($_REQUEST["bb_msg"]); 951 | } 952 | 953 | header("Location: " . BB_GetBackURL($query, true)); 954 | 955 | exit(); 956 | } 957 | 958 | function BB_SetPageMessage($msgtype, $msg) 959 | { 960 | if (!isset($_REQUEST["bb_msgtype"]) || $msgtype == "error" || ($msgtype == "info" && $_REQUEST["bb_msgtype"] != "error") || ($msgtype == "success" && $_REQUEST["bb_msgtype"] == "success")) 961 | { 962 | $_REQUEST["bb_msgtype"] = $msgtype; 963 | $_REQUEST["bb_msg"] = $msg; 964 | } 965 | } 966 | 967 | function BB_GetPageMessageType() 968 | { 969 | return (isset($_REQUEST["bb_msg"]) && isset($_REQUEST["bb_msgtype"]) ? ($_REQUEST["bb_msgtype"] == "error" || $_REQUEST["bb_msgtype"] == "success" ? $_REQUEST["bb_msgtype"] : "info") : ""); 970 | } 971 | 972 | function BB_GetValue($key, $default) 973 | { 974 | return (isset($_REQUEST[$key]) ? $_REQUEST[$key] : $default); 975 | } 976 | 977 | function BB_SelectValues($data) 978 | { 979 | $result = array(); 980 | foreach ($data as $val) $result[$val] = true; 981 | 982 | return $result; 983 | } 984 | 985 | function BB_ProcessInfoDefaults($info, $defaults) 986 | { 987 | foreach ($defaults as $key => $val) 988 | { 989 | if (!isset($info[$key])) $info[$key] = $val; 990 | } 991 | 992 | return $info; 993 | } 994 | 995 | function BB_InitLayouts() 996 | { 997 | global $bb_page_layout, $bb_menu_layout, $bb_menu_item_layout, $bb_message_layout; 998 | 999 | // Default layout swiped from the Barebones CMS Layout widget. 1000 | // SEO-friendly (2-1) admin-style 2-column pixel-widths liquid layout (200px 100% height, content). 1001 | // Sources: http://matthewjamestaylor.com/blog/holy-grail-no-quirks-mode.htm, http://matthewjamestaylor.com/blog/ultimate-2-column-left-menu-pixels.htm 1002 | if (!isset($bb_page_layout)) 1003 | { 1004 | ob_start(); 1005 | ?> 1006 | 1007 | 1008 | 1009 | @TITLE@ 1010 | 1011 | 1012 | 1013 | 1014 | 1015 | 1016 | 1017 |
1018 |
1019 |
1020 |
1021 |
1022 |
1023 |
1024 | @MESSAGE@ 1025 |
1026 | @CONTENT@ 1027 |
1028 |
1029 |
1030 |
1031 |
@MENU@
1032 |
1033 |
1034 |
1035 |
1036 |
1037 | 1038 | 1039 | 1048 |
@TITLE@
1049 | @ITEMS@ 1050 | 1051 | EOF; 1052 | } 1053 | 1054 | if (!isset($bb_menu_item_layout)) 1055 | { 1056 | $bb_menu_item_layout = <<@NAME@ 1058 | EOF; 1059 | } 1060 | 1061 | if (!isset($bb_message_layout)) 1062 | { 1063 | $bb_message_layout = <<
@MESSAGE@
1065 | EOF; 1066 | } 1067 | } 1068 | 1069 | function BB_GeneratePage($title, $menuopts, $contentopts) 1070 | { 1071 | global $bb_rootname, $bb_page_layout, $bb_menu_layout, $bb_menu_item_layout, $bb_message_layout; 1072 | 1073 | if (!isset($contentopts["title"])) $contentopts["title"] = $title; 1074 | if (isset($contentopts["hidden"]) && !isset($contentopts["hidden"]["bb_back"])) $contentopts["hidden"]["bb_back"] = (isset($_POST["bb_back"]) ? $_POST["bb_back"] : BB_GetBackQueryString()); 1075 | 1076 | header("Content-Type: text/html; charset=UTF-8"); 1077 | 1078 | BB_InitLayouts(); 1079 | 1080 | // Process the header. 1081 | if (defined("BB_ROOT_URL")) $rooturl = BB_ROOT_URL; 1082 | else if (defined("ROOT_URL")) $rooturl = ROOT_URL; 1083 | else 1084 | { 1085 | $rooturl = BB_GetRequestURLBase(); 1086 | if (substr($rooturl, -1) != "/") $rooturl = dirname($rooturl); 1087 | if (substr($rooturl, -1) == "/") $rooturl = substr($rooturl, 0, -1); 1088 | } 1089 | 1090 | if (defined("BB_SUPPORT_PATH")) $supportpath = BB_SUPPORT_PATH; 1091 | else if (defined("SUPPORT_PATH")) $supportpath = SUPPORT_PATH; 1092 | else $supportpath = "support"; 1093 | 1094 | $data = str_replace("@ROOTURL@", htmlspecialchars($rooturl), $bb_page_layout); 1095 | $data = str_replace("@SUPPORTPATH@", htmlspecialchars($supportpath), $data); 1096 | 1097 | // Process the title and message. 1098 | $data = str_replace("@TITLE@", htmlspecialchars(BB_Translate(($bb_rootname != "" ? $bb_rootname . " | " : "") . $title)), $data); 1099 | $data = str_replace("@ROOTNAME@", htmlspecialchars(BB_Translate($bb_rootname)), $data); 1100 | if (!isset($_REQUEST["bb_msg"])) $data = str_replace("@MESSAGE@", "", $data); 1101 | else 1102 | { 1103 | if (!isset($_REQUEST["bb_msgtype"]) || ($_REQUEST["bb_msgtype"] != "error" && $_REQUEST["bb_msgtype"] != "success")) $_REQUEST["bb_msgtype"] = "info"; 1104 | 1105 | $data2 = str_replace("@MSGTYPE@", htmlspecialchars($_REQUEST["bb_msgtype"]), $bb_message_layout); 1106 | $data2 = str_replace("@MESSAGE@", htmlspecialchars(BB_Translate($_REQUEST["bb_msg"])), $data2); 1107 | $data = str_replace("@MESSAGE@", $data2, $data); 1108 | } 1109 | 1110 | // Process the content. 1111 | ob_start(); 1112 | BB_PropertyForm($contentopts); 1113 | $data = str_replace("@CONTENT@", ob_get_contents(), $data); 1114 | ob_end_clean(); 1115 | 1116 | // Process the menu. 1117 | $data2 = ""; 1118 | foreach ($menuopts as $title => $items) 1119 | { 1120 | $data3 = ""; 1121 | foreach ($items as $name => $opts) 1122 | { 1123 | if (!is_array($opts)) $opts = array("href" => $opts); 1124 | 1125 | $data5 = array(); 1126 | foreach ($opts as $name2 => $val) 1127 | { 1128 | $data5[] = htmlspecialchars($name2) . "=\"" . htmlspecialchars($val) . "\""; 1129 | } 1130 | 1131 | $data4 = str_replace("@OPTS@", implode(" ", $data5), $bb_menu_item_layout); 1132 | 1133 | $data3 .= str_replace("@NAME@", htmlspecialchars(BB_Translate($name)), $data4); 1134 | } 1135 | 1136 | $data3 = str_replace("@ITEMS@", $data3, $bb_menu_layout); 1137 | $data2 .= str_replace("@TITLE@", htmlspecialchars(BB_Translate($title)), $data3); 1138 | } 1139 | $data = str_replace("@MENU@", $data2, $data); 1140 | 1141 | // Display the output. 1142 | echo $data; 1143 | } 1144 | ?> -------------------------------------------------------------------------------- /support/phpseclib/AES.php: -------------------------------------------------------------------------------- 1 | explicit_key_length) { 44 | $length = strlen($key); 45 | switch (true) { 46 | case $length <= 16: 47 | $this->key_length = 16; 48 | break; 49 | case $length <= 24: 50 | $this->key_length = 24; 51 | break; 52 | default: 53 | $this->key_length = 32; 54 | } 55 | $this->_setEngine(); 56 | } 57 | } 58 | }} -------------------------------------------------------------------------------- /support/phpseclib/Blowfish.php: -------------------------------------------------------------------------------- 1 | key_length = 4; 184 | } elseif ($length > 448) { 185 | $this->key_length = 56; 186 | } else { 187 | $this->key_length = $length >> 3; 188 | } 189 | 190 | parent::setKeyLength($length); 191 | } 192 | 193 | function isValidEngine($engine) 194 | { 195 | if ($engine == CRYPT_ENGINE_OPENSSL) { 196 | if (version_compare(PHP_VERSION, '5.3.7') < 0 && $this->key_length != 16) { 197 | return false; 198 | } 199 | if ($this->key_length < 16) { 200 | return false; 201 | } 202 | $this->cipher_name_openssl_ecb = 'bf-ecb'; 203 | $this->cipher_name_openssl = 'bf-' . $this->_openssl_translate_mode(); 204 | } 205 | 206 | return parent::isValidEngine($engine); 207 | } 208 | 209 | function _setupKey() 210 | { 211 | if (isset($this->kl['key']) && $this->key === $this->kl['key']) { 212 | return; 213 | } 214 | $this->kl = array('key' => $this->key); 215 | 216 | $this->bctx = array( 217 | 'p' => array(), 218 | 'sb' => array( 219 | $this->sbox0, 220 | $this->sbox1, 221 | $this->sbox2, 222 | $this->sbox3 223 | ) 224 | ); 225 | 226 | $key = array_values(unpack('C*', $this->key)); 227 | $keyl = count($key); 228 | for ($j = 0, $i = 0; $i < 18; ++$i) { 229 | for ($data = 0, $k = 0; $k < 4; ++$k) { 230 | $data = ($data << 8) | $key[$j]; 231 | if (++$j >= $keyl) { 232 | $j = 0; 233 | } 234 | } 235 | $this->bctx['p'][] = $this->parray[$i] ^ $data; 236 | } 237 | 238 | $data = "\0\0\0\0\0\0\0\0"; 239 | for ($i = 0; $i < 18; $i += 2) { 240 | list($l, $r) = array_values(unpack('N*', $data = $this->_encryptBlock($data))); 241 | $this->bctx['p'][$i ] = $l; 242 | $this->bctx['p'][$i + 1] = $r; 243 | } 244 | for ($i = 0; $i < 4; ++$i) { 245 | for ($j = 0; $j < 256; $j += 2) { 246 | list($l, $r) = array_values(unpack('N*', $data = $this->_encryptBlock($data))); 247 | $this->bctx['sb'][$i][$j ] = $l; 248 | $this->bctx['sb'][$i][$j + 1] = $r; 249 | } 250 | } 251 | } 252 | 253 | function _encryptBlock($in) 254 | { 255 | $p = $this->bctx["p"]; 256 | $sb_0 = $this->bctx["sb"][0]; 257 | $sb_1 = $this->bctx["sb"][1]; 258 | $sb_2 = $this->bctx["sb"][2]; 259 | $sb_3 = $this->bctx["sb"][3]; 260 | 261 | $in = unpack("N*", $in); 262 | $l = $in[1]; 263 | $r = $in[2]; 264 | 265 | for ($i = 0; $i < 16; $i+= 2) { 266 | $l^= $p[$i]; 267 | $r^= $this->safe_intval(($this->safe_intval($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]) ^ 268 | $sb_2[$l >> 8 & 0xff]) + 269 | $sb_3[$l & 0xff]); 270 | 271 | $r^= $p[$i + 1]; 272 | $l^= $this->safe_intval(($this->safe_intval($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]) ^ 273 | $sb_2[$r >> 8 & 0xff]) + 274 | $sb_3[$r & 0xff]); 275 | } 276 | return pack("N*", $r ^ $p[17], $l ^ $p[16]); 277 | } 278 | 279 | function _decryptBlock($in) 280 | { 281 | $p = $this->bctx["p"]; 282 | $sb_0 = $this->bctx["sb"][0]; 283 | $sb_1 = $this->bctx["sb"][1]; 284 | $sb_2 = $this->bctx["sb"][2]; 285 | $sb_3 = $this->bctx["sb"][3]; 286 | 287 | $in = unpack("N*", $in); 288 | $l = $in[1]; 289 | $r = $in[2]; 290 | 291 | for ($i = 17; $i > 2; $i-= 2) { 292 | $l^= $p[$i]; 293 | $r^= $this->safe_intval(($this->safe_intval($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]) ^ 294 | $sb_2[$l >> 8 & 0xff]) + 295 | $sb_3[$l & 0xff]); 296 | 297 | $r^= $p[$i - 1]; 298 | $l^= $this->safe_intval(($this->safe_intval($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]) ^ 299 | $sb_2[$r >> 8 & 0xff]) + 300 | $sb_3[$r & 0xff]); 301 | } 302 | return pack("N*", $r ^ $p[0], $l ^ $p[1]); 303 | } 304 | 305 | function _setupInlineCrypt() 306 | { 307 | $lambda_functions =& Crypt_Blowfish::_getLambdaFunctions(); 308 | 309 | $gen_hi_opt_code = (bool)(count($lambda_functions) < 10); 310 | 311 | $code_hash = "Crypt_Blowfish, {$this->mode}"; 312 | if ($gen_hi_opt_code) { 313 | $code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key); 314 | } 315 | 316 | $safeint = $this->safe_intval_inline(); 317 | 318 | if (!isset($lambda_functions[$code_hash])) { 319 | switch (true) { 320 | case $gen_hi_opt_code: 321 | $p = $this->bctx['p']; 322 | $init_crypt = ' 323 | static $sb_0, $sb_1, $sb_2, $sb_3; 324 | if (!$sb_0) { 325 | $sb_0 = $self->bctx["sb"][0]; 326 | $sb_1 = $self->bctx["sb"][1]; 327 | $sb_2 = $self->bctx["sb"][2]; 328 | $sb_3 = $self->bctx["sb"][3]; 329 | } 330 | '; 331 | break; 332 | default: 333 | $p = array(); 334 | for ($i = 0; $i < 18; ++$i) { 335 | $p[] = '$p_' . $i; 336 | } 337 | $init_crypt = ' 338 | list($sb_0, $sb_1, $sb_2, $sb_3) = $self->bctx["sb"]; 339 | list(' . implode(',', $p) . ') = $self->bctx["p"]; 340 | 341 | '; 342 | } 343 | 344 | $encrypt_block = ' 345 | $in = unpack("N*", $in); 346 | $l = $in[1]; 347 | $r = $in[2]; 348 | '; 349 | for ($i = 0; $i < 16; $i+= 2) { 350 | $encrypt_block.= ' 351 | $l^= ' . $p[$i] . '; 352 | $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]') . ' ^ 353 | $sb_2[$l >> 8 & 0xff]) + 354 | $sb_3[$l & 0xff]') . '; 355 | 356 | $r^= ' . $p[$i + 1] . '; 357 | $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]') . ' ^ 358 | $sb_2[$r >> 8 & 0xff]) + 359 | $sb_3[$r & 0xff]') . '; 360 | '; 361 | } 362 | $encrypt_block.= ' 363 | $in = pack("N*", 364 | $r ^ ' . $p[17] . ', 365 | $l ^ ' . $p[16] . ' 366 | ); 367 | '; 368 | 369 | $decrypt_block = ' 370 | $in = unpack("N*", $in); 371 | $l = $in[1]; 372 | $r = $in[2]; 373 | '; 374 | 375 | for ($i = 17; $i > 2; $i-= 2) { 376 | $decrypt_block.= ' 377 | $l^= ' . $p[$i] . '; 378 | $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]') . ' ^ 379 | $sb_2[$l >> 8 & 0xff]) + 380 | $sb_3[$l & 0xff]') . '; 381 | 382 | $r^= ' . $p[$i - 1] . '; 383 | $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]') . ' ^ 384 | $sb_2[$r >> 8 & 0xff]) + 385 | $sb_3[$r & 0xff]') . '; 386 | '; 387 | } 388 | 389 | $decrypt_block.= ' 390 | $in = pack("N*", 391 | $r ^ ' . $p[0] . ', 392 | $l ^ ' . $p[1] . ' 393 | ); 394 | '; 395 | 396 | $lambda_functions[$code_hash] = $this->_createInlineCryptFunction( 397 | array( 398 | 'init_crypt' => $init_crypt, 399 | 'init_encrypt' => '', 400 | 'init_decrypt' => '', 401 | 'encrypt_block' => $encrypt_block, 402 | 'decrypt_block' => $decrypt_block 403 | ) 404 | ); 405 | } 406 | $this->inline_crypt = $lambda_functions[$code_hash]; 407 | } 408 | }} -------------------------------------------------------------------------------- /support/phpseclib/Rijndael.php: -------------------------------------------------------------------------------- 1 | explicit_key_length) { 45 | $length = strlen($key); 46 | switch (true) { 47 | case $length <= 16: 48 | $this->key_size = 16; 49 | break; 50 | case $length <= 20: 51 | $this->key_size = 20; 52 | break; 53 | case $length <= 24: 54 | $this->key_size = 24; 55 | break; 56 | case $length <= 28: 57 | $this->key_size = 28; 58 | break; 59 | default: 60 | $this->key_size = 32; 61 | } 62 | } 63 | parent::setKey($key); 64 | } 65 | 66 | function setKeyLength($length) 67 | { 68 | switch (true) { 69 | case $length <= 128: 70 | $this->key_length = 16; 71 | break; 72 | case $length <= 160: 73 | $this->key_length = 20; 74 | break; 75 | case $length <= 192: 76 | $this->key_length = 24; 77 | break; 78 | case $length <= 224: 79 | $this->key_length = 28; 80 | break; 81 | default: 82 | $this->key_length = 32; 83 | } 84 | 85 | parent::setKeyLength($length); 86 | } 87 | 88 | function setBlockLength($length) 89 | { 90 | $length >>= 5; 91 | if ($length > 8) { 92 | $length = 8; 93 | } elseif ($length < 4) { 94 | $length = 4; 95 | } 96 | $this->Nb = $length; 97 | $this->block_size = $length << 2; 98 | $this->changed = true; 99 | $this->_setEngine(); 100 | } 101 | 102 | function isValidEngine($engine) 103 | { 104 | switch ($engine) { 105 | case CRYPT_ENGINE_OPENSSL: 106 | if ($this->block_size != 16) { 107 | return false; 108 | } 109 | $this->cipher_name_openssl_ecb = 'aes-' . ($this->key_length << 3) . '-ecb'; 110 | $this->cipher_name_openssl = 'aes-' . ($this->key_length << 3) . '-' . $this->_openssl_translate_mode(); 111 | break; 112 | case CRYPT_ENGINE_MCRYPT: 113 | $this->cipher_name_mcrypt = 'rijndael-' . ($this->block_size << 3); 114 | if ($this->key_length % 8) { return false; 115 | } 116 | } 117 | 118 | return parent::isValidEngine($engine); 119 | } 120 | 121 | function _encryptBlock($in) 122 | { 123 | static $tables; 124 | if (empty($tables)) { 125 | $tables = &$this->_getTables(); 126 | } 127 | $t0 = $tables[0]; 128 | $t1 = $tables[1]; 129 | $t2 = $tables[2]; 130 | $t3 = $tables[3]; 131 | $sbox = $tables[4]; 132 | 133 | $state = array(); 134 | $words = unpack('N*', $in); 135 | 136 | $c = $this->c; 137 | $w = $this->w; 138 | $Nb = $this->Nb; 139 | $Nr = $this->Nr; 140 | 141 | $wc = $Nb - 1; 142 | foreach ($words as $word) { 143 | $state[] = $word ^ $w[++$wc]; 144 | } 145 | 146 | $temp = array(); 147 | for ($round = 1; $round < $Nr; ++$round) { 148 | $i = 0; $j = $c[1]; 149 | $k = $c[2]; 150 | $l = $c[3]; 151 | 152 | while ($i < $Nb) { 153 | $temp[$i] = $t0[$state[$i] >> 24 & 0x000000FF] ^ 154 | $t1[$state[$j] >> 16 & 0x000000FF] ^ 155 | $t2[$state[$k] >> 8 & 0x000000FF] ^ 156 | $t3[$state[$l] & 0x000000FF] ^ 157 | $w[++$wc]; 158 | ++$i; 159 | $j = ($j + 1) % $Nb; 160 | $k = ($k + 1) % $Nb; 161 | $l = ($l + 1) % $Nb; 162 | } 163 | $state = $temp; 164 | } 165 | 166 | for ($i = 0; $i < $Nb; ++$i) { 167 | $state[$i] = $sbox[$state[$i] & 0x000000FF] | 168 | ($sbox[$state[$i] >> 8 & 0x000000FF] << 8) | 169 | ($sbox[$state[$i] >> 16 & 0x000000FF] << 16) | 170 | ($sbox[$state[$i] >> 24 & 0x000000FF] << 24); 171 | } 172 | 173 | $i = 0; $j = $c[1]; 174 | $k = $c[2]; 175 | $l = $c[3]; 176 | while ($i < $Nb) { 177 | $temp[$i] = ($state[$i] & 0xFF000000) ^ 178 | ($state[$j] & 0x00FF0000) ^ 179 | ($state[$k] & 0x0000FF00) ^ 180 | ($state[$l] & 0x000000FF) ^ 181 | $w[$i]; 182 | ++$i; 183 | $j = ($j + 1) % $Nb; 184 | $k = ($k + 1) % $Nb; 185 | $l = ($l + 1) % $Nb; 186 | } 187 | 188 | switch ($Nb) { 189 | case 8: 190 | return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6], $temp[7]); 191 | case 7: 192 | return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6]); 193 | case 6: 194 | return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5]); 195 | case 5: 196 | return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4]); 197 | default: 198 | return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3]); 199 | } 200 | } 201 | 202 | function _decryptBlock($in) 203 | { 204 | static $invtables; 205 | if (empty($invtables)) { 206 | $invtables = &$this->_getInvTables(); 207 | } 208 | $dt0 = $invtables[0]; 209 | $dt1 = $invtables[1]; 210 | $dt2 = $invtables[2]; 211 | $dt3 = $invtables[3]; 212 | $isbox = $invtables[4]; 213 | 214 | $state = array(); 215 | $words = unpack('N*', $in); 216 | 217 | $c = $this->c; 218 | $dw = $this->dw; 219 | $Nb = $this->Nb; 220 | $Nr = $this->Nr; 221 | 222 | $wc = $Nb - 1; 223 | foreach ($words as $word) { 224 | $state[] = $word ^ $dw[++$wc]; 225 | } 226 | 227 | $temp = array(); 228 | for ($round = $Nr - 1; $round > 0; --$round) { 229 | $i = 0; $j = $Nb - $c[1]; 230 | $k = $Nb - $c[2]; 231 | $l = $Nb - $c[3]; 232 | 233 | while ($i < $Nb) { 234 | $temp[$i] = $dt0[$state[$i] >> 24 & 0x000000FF] ^ 235 | $dt1[$state[$j] >> 16 & 0x000000FF] ^ 236 | $dt2[$state[$k] >> 8 & 0x000000FF] ^ 237 | $dt3[$state[$l] & 0x000000FF] ^ 238 | $dw[++$wc]; 239 | ++$i; 240 | $j = ($j + 1) % $Nb; 241 | $k = ($k + 1) % $Nb; 242 | $l = ($l + 1) % $Nb; 243 | } 244 | $state = $temp; 245 | } 246 | 247 | $i = 0; $j = $Nb - $c[1]; 248 | $k = $Nb - $c[2]; 249 | $l = $Nb - $c[3]; 250 | 251 | while ($i < $Nb) { 252 | $word = ($state[$i] & 0xFF000000) | 253 | ($state[$j] & 0x00FF0000) | 254 | ($state[$k] & 0x0000FF00) | 255 | ($state[$l] & 0x000000FF); 256 | 257 | $temp[$i] = $dw[$i] ^ ($isbox[$word & 0x000000FF] | 258 | ($isbox[$word >> 8 & 0x000000FF] << 8) | 259 | ($isbox[$word >> 16 & 0x000000FF] << 16) | 260 | ($isbox[$word >> 24 & 0x000000FF] << 24)); 261 | ++$i; 262 | $j = ($j + 1) % $Nb; 263 | $k = ($k + 1) % $Nb; 264 | $l = ($l + 1) % $Nb; 265 | } 266 | 267 | switch ($Nb) { 268 | case 8: 269 | return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6], $temp[7]); 270 | case 7: 271 | return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6]); 272 | case 6: 273 | return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5]); 274 | case 5: 275 | return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4]); 276 | default: 277 | return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3]); 278 | } 279 | } 280 | 281 | function _setupKey() 282 | { 283 | static $rcon = array(0, 284 | 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 285 | 0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000, 286 | 0x6C000000, 0xD8000000, 0xAB000000, 0x4D000000, 0x9A000000, 287 | 0x2F000000, 0x5E000000, 0xBC000000, 0x63000000, 0xC6000000, 288 | 0x97000000, 0x35000000, 0x6A000000, 0xD4000000, 0xB3000000, 289 | 0x7D000000, 0xFA000000, 0xEF000000, 0xC5000000, 0x91000000 290 | ); 291 | 292 | if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->key_length === $this->kl['key_length'] && $this->block_size === $this->kl['block_size']) { 293 | return; 294 | } 295 | $this->kl = array('key' => $this->key, 'key_length' => $this->key_length, 'block_size' => $this->block_size); 296 | 297 | $this->Nk = $this->key_length >> 2; 298 | $this->Nr = max($this->Nk, $this->Nb) + 6; 299 | 300 | switch ($this->Nb) { 301 | case 4: 302 | case 5: 303 | case 6: 304 | $this->c = array(0, 1, 2, 3); 305 | break; 306 | case 7: 307 | $this->c = array(0, 1, 2, 4); 308 | break; 309 | case 8: 310 | $this->c = array(0, 1, 3, 4); 311 | } 312 | 313 | $w = array_values(unpack('N*words', $this->key)); 314 | 315 | $length = $this->Nb * ($this->Nr + 1); 316 | for ($i = $this->Nk; $i < $length; $i++) { 317 | $temp = $w[$i - 1]; 318 | if ($i % $this->Nk == 0) { 319 | $temp = (($temp << 8) & 0xFFFFFF00) | (($temp >> 24) & 0x000000FF); $temp = $this->_subWord($temp) ^ $rcon[$i / $this->Nk]; 320 | } elseif ($this->Nk > 6 && $i % $this->Nk == 4) { 321 | $temp = $this->_subWord($temp); 322 | } 323 | $w[$i] = $w[$i - $this->Nk] ^ $temp; 324 | } 325 | 326 | list($dt0, $dt1, $dt2, $dt3) = $this->_getInvTables(); 327 | $temp = $this->w = $this->dw = array(); 328 | for ($i = $row = $col = 0; $i < $length; $i++, $col++) { 329 | if ($col == $this->Nb) { 330 | if ($row == 0) { 331 | $this->dw[0] = $this->w[0]; 332 | } else { 333 | $j = 0; 334 | while ($j < $this->Nb) { 335 | $dw = $this->_subWord($this->w[$row][$j]); 336 | $temp[$j] = $dt0[$dw >> 24 & 0x000000FF] ^ 337 | $dt1[$dw >> 16 & 0x000000FF] ^ 338 | $dt2[$dw >> 8 & 0x000000FF] ^ 339 | $dt3[$dw & 0x000000FF]; 340 | $j++; 341 | } 342 | $this->dw[$row] = $temp; 343 | } 344 | 345 | $col = 0; 346 | $row++; 347 | } 348 | $this->w[$row][$col] = $w[$i]; 349 | } 350 | 351 | $this->dw[$row] = $this->w[$row]; 352 | 353 | $this->dw = array_reverse($this->dw); 354 | $w = array_pop($this->w); 355 | $dw = array_pop($this->dw); 356 | foreach ($this->w as $r => $wr) { 357 | foreach ($wr as $c => $wc) { 358 | $w[] = $wc; 359 | $dw[] = $this->dw[$r][$c]; 360 | } 361 | } 362 | $this->w = $w; 363 | $this->dw = $dw; 364 | } 365 | 366 | function _subWord($word) 367 | { 368 | static $sbox; 369 | if (empty($sbox)) { 370 | list(, , , , $sbox) = $this->_getTables(); 371 | } 372 | 373 | return $sbox[$word & 0x000000FF] | 374 | ($sbox[$word >> 8 & 0x000000FF] << 8) | 375 | ($sbox[$word >> 16 & 0x000000FF] << 16) | 376 | ($sbox[$word >> 24 & 0x000000FF] << 24); 377 | } 378 | 379 | function &_getTables() 380 | { 381 | static $tables; 382 | if (empty($tables)) { 383 | $t3 = array_map('intval', array( 384 | 0x6363A5C6, 0x7C7C84F8, 0x777799EE, 0x7B7B8DF6, 0xF2F20DFF, 0x6B6BBDD6, 0x6F6FB1DE, 0xC5C55491, 385 | 0x30305060, 0x01010302, 0x6767A9CE, 0x2B2B7D56, 0xFEFE19E7, 0xD7D762B5, 0xABABE64D, 0x76769AEC, 386 | 0xCACA458F, 0x82829D1F, 0xC9C94089, 0x7D7D87FA, 0xFAFA15EF, 0x5959EBB2, 0x4747C98E, 0xF0F00BFB, 387 | 0xADADEC41, 0xD4D467B3, 0xA2A2FD5F, 0xAFAFEA45, 0x9C9CBF23, 0xA4A4F753, 0x727296E4, 0xC0C05B9B, 388 | 0xB7B7C275, 0xFDFD1CE1, 0x9393AE3D, 0x26266A4C, 0x36365A6C, 0x3F3F417E, 0xF7F702F5, 0xCCCC4F83, 389 | 0x34345C68, 0xA5A5F451, 0xE5E534D1, 0xF1F108F9, 0x717193E2, 0xD8D873AB, 0x31315362, 0x15153F2A, 390 | 0x04040C08, 0xC7C75295, 0x23236546, 0xC3C35E9D, 0x18182830, 0x9696A137, 0x05050F0A, 0x9A9AB52F, 391 | 0x0707090E, 0x12123624, 0x80809B1B, 0xE2E23DDF, 0xEBEB26CD, 0x2727694E, 0xB2B2CD7F, 0x75759FEA, 392 | 0x09091B12, 0x83839E1D, 0x2C2C7458, 0x1A1A2E34, 0x1B1B2D36, 0x6E6EB2DC, 0x5A5AEEB4, 0xA0A0FB5B, 393 | 0x5252F6A4, 0x3B3B4D76, 0xD6D661B7, 0xB3B3CE7D, 0x29297B52, 0xE3E33EDD, 0x2F2F715E, 0x84849713, 394 | 0x5353F5A6, 0xD1D168B9, 0x00000000, 0xEDED2CC1, 0x20206040, 0xFCFC1FE3, 0xB1B1C879, 0x5B5BEDB6, 395 | 0x6A6ABED4, 0xCBCB468D, 0xBEBED967, 0x39394B72, 0x4A4ADE94, 0x4C4CD498, 0x5858E8B0, 0xCFCF4A85, 396 | 0xD0D06BBB, 0xEFEF2AC5, 0xAAAAE54F, 0xFBFB16ED, 0x4343C586, 0x4D4DD79A, 0x33335566, 0x85859411, 397 | 0x4545CF8A, 0xF9F910E9, 0x02020604, 0x7F7F81FE, 0x5050F0A0, 0x3C3C4478, 0x9F9FBA25, 0xA8A8E34B, 398 | 0x5151F3A2, 0xA3A3FE5D, 0x4040C080, 0x8F8F8A05, 0x9292AD3F, 0x9D9DBC21, 0x38384870, 0xF5F504F1, 399 | 0xBCBCDF63, 0xB6B6C177, 0xDADA75AF, 0x21216342, 0x10103020, 0xFFFF1AE5, 0xF3F30EFD, 0xD2D26DBF, 400 | 0xCDCD4C81, 0x0C0C1418, 0x13133526, 0xECEC2FC3, 0x5F5FE1BE, 0x9797A235, 0x4444CC88, 0x1717392E, 401 | 0xC4C45793, 0xA7A7F255, 0x7E7E82FC, 0x3D3D477A, 0x6464ACC8, 0x5D5DE7BA, 0x19192B32, 0x737395E6, 402 | 0x6060A0C0, 0x81819819, 0x4F4FD19E, 0xDCDC7FA3, 0x22226644, 0x2A2A7E54, 0x9090AB3B, 0x8888830B, 403 | 0x4646CA8C, 0xEEEE29C7, 0xB8B8D36B, 0x14143C28, 0xDEDE79A7, 0x5E5EE2BC, 0x0B0B1D16, 0xDBDB76AD, 404 | 0xE0E03BDB, 0x32325664, 0x3A3A4E74, 0x0A0A1E14, 0x4949DB92, 0x06060A0C, 0x24246C48, 0x5C5CE4B8, 405 | 0xC2C25D9F, 0xD3D36EBD, 0xACACEF43, 0x6262A6C4, 0x9191A839, 0x9595A431, 0xE4E437D3, 0x79798BF2, 406 | 0xE7E732D5, 0xC8C8438B, 0x3737596E, 0x6D6DB7DA, 0x8D8D8C01, 0xD5D564B1, 0x4E4ED29C, 0xA9A9E049, 407 | 0x6C6CB4D8, 0x5656FAAC, 0xF4F407F3, 0xEAEA25CF, 0x6565AFCA, 0x7A7A8EF4, 0xAEAEE947, 0x08081810, 408 | 0xBABAD56F, 0x787888F0, 0x25256F4A, 0x2E2E725C, 0x1C1C2438, 0xA6A6F157, 0xB4B4C773, 0xC6C65197, 409 | 0xE8E823CB, 0xDDDD7CA1, 0x74749CE8, 0x1F1F213E, 0x4B4BDD96, 0xBDBDDC61, 0x8B8B860D, 0x8A8A850F, 410 | 0x707090E0, 0x3E3E427C, 0xB5B5C471, 0x6666AACC, 0x4848D890, 0x03030506, 0xF6F601F7, 0x0E0E121C, 411 | 0x6161A3C2, 0x35355F6A, 0x5757F9AE, 0xB9B9D069, 0x86869117, 0xC1C15899, 0x1D1D273A, 0x9E9EB927, 412 | 0xE1E138D9, 0xF8F813EB, 0x9898B32B, 0x11113322, 0x6969BBD2, 0xD9D970A9, 0x8E8E8907, 0x9494A733, 413 | 0x9B9BB62D, 0x1E1E223C, 0x87879215, 0xE9E920C9, 0xCECE4987, 0x5555FFAA, 0x28287850, 0xDFDF7AA5, 414 | 0x8C8C8F03, 0xA1A1F859, 0x89898009, 0x0D0D171A, 0xBFBFDA65, 0xE6E631D7, 0x4242C684, 0x6868B8D0, 415 | 0x4141C382, 0x9999B029, 0x2D2D775A, 0x0F0F111E, 0xB0B0CB7B, 0x5454FCA8, 0xBBBBD66D, 0x16163A2C 416 | )); 417 | 418 | foreach ($t3 as $t3i) { 419 | $t0[] = (($t3i << 24) & 0xFF000000) | (($t3i >> 8) & 0x00FFFFFF); 420 | $t1[] = (($t3i << 16) & 0xFFFF0000) | (($t3i >> 16) & 0x0000FFFF); 421 | $t2[] = (($t3i << 8) & 0xFFFFFF00) | (($t3i >> 24) & 0x000000FF); 422 | } 423 | 424 | $tables = array( 425 | $t0, 426 | $t1, 427 | $t2, 428 | $t3, 429 | array( 430 | 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, 431 | 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, 432 | 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15, 433 | 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75, 434 | 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, 435 | 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF, 436 | 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8, 437 | 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, 438 | 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73, 439 | 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB, 440 | 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, 441 | 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08, 442 | 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A, 443 | 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, 444 | 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF, 445 | 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 446 | ) 447 | ); 448 | } 449 | return $tables; 450 | } 451 | 452 | function &_getInvTables() 453 | { 454 | static $tables; 455 | if (empty($tables)) { 456 | $dt3 = array_map('intval', array( 457 | 0xF4A75051, 0x4165537E, 0x17A4C31A, 0x275E963A, 0xAB6BCB3B, 0x9D45F11F, 0xFA58ABAC, 0xE303934B, 458 | 0x30FA5520, 0x766DF6AD, 0xCC769188, 0x024C25F5, 0xE5D7FC4F, 0x2ACBD7C5, 0x35448026, 0x62A38FB5, 459 | 0xB15A49DE, 0xBA1B6725, 0xEA0E9845, 0xFEC0E15D, 0x2F7502C3, 0x4CF01281, 0x4697A38D, 0xD3F9C66B, 460 | 0x8F5FE703, 0x929C9515, 0x6D7AEBBF, 0x5259DA95, 0xBE832DD4, 0x7421D358, 0xE0692949, 0xC9C8448E, 461 | 0xC2896A75, 0x8E7978F4, 0x583E6B99, 0xB971DD27, 0xE14FB6BE, 0x88AD17F0, 0x20AC66C9, 0xCE3AB47D, 462 | 0xDF4A1863, 0x1A3182E5, 0x51336097, 0x537F4562, 0x6477E0B1, 0x6BAE84BB, 0x81A01CFE, 0x082B94F9, 463 | 0x48685870, 0x45FD198F, 0xDE6C8794, 0x7BF8B752, 0x73D323AB, 0x4B02E272, 0x1F8F57E3, 0x55AB2A66, 464 | 0xEB2807B2, 0xB5C2032F, 0xC57B9A86, 0x3708A5D3, 0x2887F230, 0xBFA5B223, 0x036ABA02, 0x16825CED, 465 | 0xCF1C2B8A, 0x79B492A7, 0x07F2F0F3, 0x69E2A14E, 0xDAF4CD65, 0x05BED506, 0x34621FD1, 0xA6FE8AC4, 466 | 0x2E539D34, 0xF355A0A2, 0x8AE13205, 0xF6EB75A4, 0x83EC390B, 0x60EFAA40, 0x719F065E, 0x6E1051BD, 467 | 0x218AF93E, 0xDD063D96, 0x3E05AEDD, 0xE6BD464D, 0x548DB591, 0xC45D0571, 0x06D46F04, 0x5015FF60, 468 | 0x98FB2419, 0xBDE997D6, 0x4043CC89, 0xD99E7767, 0xE842BDB0, 0x898B8807, 0x195B38E7, 0xC8EEDB79, 469 | 0x7C0A47A1, 0x420FE97C, 0x841EC9F8, 0x00000000, 0x80868309, 0x2BED4832, 0x1170AC1E, 0x5A724E6C, 470 | 0x0EFFFBFD, 0x8538560F, 0xAED51E3D, 0x2D392736, 0x0FD9640A, 0x5CA62168, 0x5B54D19B, 0x362E3A24, 471 | 0x0A67B10C, 0x57E70F93, 0xEE96D2B4, 0x9B919E1B, 0xC0C54F80, 0xDC20A261, 0x774B695A, 0x121A161C, 472 | 0x93BA0AE2, 0xA02AE5C0, 0x22E0433C, 0x1B171D12, 0x090D0B0E, 0x8BC7ADF2, 0xB6A8B92D, 0x1EA9C814, 473 | 0xF1198557, 0x75074CAF, 0x99DDBBEE, 0x7F60FDA3, 0x01269FF7, 0x72F5BC5C, 0x663BC544, 0xFB7E345B, 474 | 0x4329768B, 0x23C6DCCB, 0xEDFC68B6, 0xE4F163B8, 0x31DCCAD7, 0x63851042, 0x97224013, 0xC6112084, 475 | 0x4A247D85, 0xBB3DF8D2, 0xF93211AE, 0x29A16DC7, 0x9E2F4B1D, 0xB230F3DC, 0x8652EC0D, 0xC1E3D077, 476 | 0xB3166C2B, 0x70B999A9, 0x9448FA11, 0xE9642247, 0xFC8CC4A8, 0xF03F1AA0, 0x7D2CD856, 0x3390EF22, 477 | 0x494EC787, 0x38D1C1D9, 0xCAA2FE8C, 0xD40B3698, 0xF581CFA6, 0x7ADE28A5, 0xB78E26DA, 0xADBFA43F, 478 | 0x3A9DE42C, 0x78920D50, 0x5FCC9B6A, 0x7E466254, 0x8D13C2F6, 0xD8B8E890, 0x39F75E2E, 0xC3AFF582, 479 | 0x5D80BE9F, 0xD0937C69, 0xD52DA96F, 0x2512B3CF, 0xAC993BC8, 0x187DA710, 0x9C636EE8, 0x3BBB7BDB, 480 | 0x267809CD, 0x5918F46E, 0x9AB701EC, 0x4F9AA883, 0x956E65E6, 0xFFE67EAA, 0xBCCF0821, 0x15E8E6EF, 481 | 0xE79BD9BA, 0x6F36CE4A, 0x9F09D4EA, 0xB07CD629, 0xA4B2AF31, 0x3F23312A, 0xA59430C6, 0xA266C035, 482 | 0x4EBC3774, 0x82CAA6FC, 0x90D0B0E0, 0xA7D81533, 0x04984AF1, 0xECDAF741, 0xCD500E7F, 0x91F62F17, 483 | 0x4DD68D76, 0xEFB04D43, 0xAA4D54CC, 0x9604DFE4, 0xD1B5E39E, 0x6A881B4C, 0x2C1FB8C1, 0x65517F46, 484 | 0x5EEA049D, 0x8C355D01, 0x877473FA, 0x0B412EFB, 0x671D5AB3, 0xDBD25292, 0x105633E9, 0xD647136D, 485 | 0xD7618C9A, 0xA10C7A37, 0xF8148E59, 0x133C89EB, 0xA927EECE, 0x61C935B7, 0x1CE5EDE1, 0x47B13C7A, 486 | 0xD2DF599C, 0xF2733F55, 0x14CE7918, 0xC737BF73, 0xF7CDEA53, 0xFDAA5B5F, 0x3D6F14DF, 0x44DB8678, 487 | 0xAFF381CA, 0x68C43EB9, 0x24342C38, 0xA3405FC2, 0x1DC37216, 0xE2250CBC, 0x3C498B28, 0x0D9541FF, 488 | 0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064, 0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0 489 | )); 490 | 491 | foreach ($dt3 as $dt3i) { 492 | $dt0[] = (($dt3i << 24) & 0xFF000000) | (($dt3i >> 8) & 0x00FFFFFF); 493 | $dt1[] = (($dt3i << 16) & 0xFFFF0000) | (($dt3i >> 16) & 0x0000FFFF); 494 | $dt2[] = (($dt3i << 8) & 0xFFFFFF00) | (($dt3i >> 24) & 0x000000FF); 495 | }; 496 | 497 | $tables = array( 498 | $dt0, 499 | $dt1, 500 | $dt2, 501 | $dt3, 502 | array( 503 | 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB, 504 | 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, 505 | 0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E, 506 | 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25, 507 | 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, 508 | 0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84, 509 | 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06, 510 | 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, 511 | 0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73, 512 | 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E, 513 | 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, 514 | 0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4, 515 | 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F, 516 | 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, 517 | 0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61, 518 | 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D 519 | ) 520 | ); 521 | } 522 | return $tables; 523 | } 524 | 525 | function _setupInlineCrypt() 526 | { 527 | 528 | $lambda_functions =& Crypt_Rijndael::_getLambdaFunctions(); 529 | 530 | $gen_hi_opt_code = (bool)(count($lambda_functions) < 10); 531 | 532 | $code_hash = "Crypt_Rijndael, {$this->mode}, {$this->Nr}, {$this->Nb}"; 533 | if ($gen_hi_opt_code) { 534 | $code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key); 535 | } 536 | 537 | if (!isset($lambda_functions[$code_hash])) { 538 | switch (true) { 539 | case $gen_hi_opt_code: 540 | $w = $this->w; 541 | $dw = $this->dw; 542 | $init_encrypt = ''; 543 | $init_decrypt = ''; 544 | break; 545 | default: 546 | for ($i = 0, $cw = count($this->w); $i < $cw; ++$i) { 547 | $w[] = '$w[' . $i . ']'; 548 | $dw[] = '$dw[' . $i . ']'; 549 | } 550 | $init_encrypt = '$w = $self->w;'; 551 | $init_decrypt = '$dw = $self->dw;'; 552 | } 553 | 554 | $Nr = $this->Nr; 555 | $Nb = $this->Nb; 556 | $c = $this->c; 557 | 558 | $init_encrypt.= ' 559 | static $tables; 560 | if (empty($tables)) { 561 | $tables = &$self->_getTables(); 562 | } 563 | $t0 = $tables[0]; 564 | $t1 = $tables[1]; 565 | $t2 = $tables[2]; 566 | $t3 = $tables[3]; 567 | $sbox = $tables[4]; 568 | '; 569 | 570 | $s = 'e'; 571 | $e = 's'; 572 | $wc = $Nb - 1; 573 | 574 | $encrypt_block = '$in = unpack("N*", $in);'."\n"; 575 | for ($i = 0; $i < $Nb; ++$i) { 576 | $encrypt_block .= '$s'.$i.' = $in['.($i + 1).'] ^ '.$w[++$wc].";\n"; 577 | } 578 | 579 | for ($round = 1; $round < $Nr; ++$round) { 580 | list($s, $e) = array($e, $s); 581 | for ($i = 0; $i < $Nb; ++$i) { 582 | $encrypt_block.= 583 | '$'.$e.$i.' = 584 | $t0[($'.$s.$i .' >> 24) & 0xff] ^ 585 | $t1[($'.$s.(($i + $c[1]) % $Nb).' >> 16) & 0xff] ^ 586 | $t2[($'.$s.(($i + $c[2]) % $Nb).' >> 8) & 0xff] ^ 587 | $t3[ $'.$s.(($i + $c[3]) % $Nb).' & 0xff] ^ 588 | '.$w[++$wc].";\n"; 589 | } 590 | } 591 | 592 | for ($i = 0; $i < $Nb; ++$i) { 593 | $encrypt_block.= 594 | '$'.$e.$i.' = 595 | $sbox[ $'.$e.$i.' & 0xff] | 596 | ($sbox[($'.$e.$i.' >> 8) & 0xff] << 8) | 597 | ($sbox[($'.$e.$i.' >> 16) & 0xff] << 16) | 598 | ($sbox[($'.$e.$i.' >> 24) & 0xff] << 24);'."\n"; 599 | } 600 | $encrypt_block .= '$in = pack("N*"'."\n"; 601 | for ($i = 0; $i < $Nb; ++$i) { 602 | $encrypt_block.= ', 603 | ($'.$e.$i .' & '.((int)0xFF000000).') ^ 604 | ($'.$e.(($i + $c[1]) % $Nb).' & 0x00FF0000 ) ^ 605 | ($'.$e.(($i + $c[2]) % $Nb).' & 0x0000FF00 ) ^ 606 | ($'.$e.(($i + $c[3]) % $Nb).' & 0x000000FF ) ^ 607 | '.$w[$i]."\n"; 608 | } 609 | $encrypt_block .= ');'; 610 | 611 | $init_decrypt.= ' 612 | static $invtables; 613 | if (empty($invtables)) { 614 | $invtables = &$self->_getInvTables(); 615 | } 616 | $dt0 = $invtables[0]; 617 | $dt1 = $invtables[1]; 618 | $dt2 = $invtables[2]; 619 | $dt3 = $invtables[3]; 620 | $isbox = $invtables[4]; 621 | '; 622 | 623 | $s = 'e'; 624 | $e = 's'; 625 | $wc = $Nb - 1; 626 | 627 | $decrypt_block = '$in = unpack("N*", $in);'."\n"; 628 | for ($i = 0; $i < $Nb; ++$i) { 629 | $decrypt_block .= '$s'.$i.' = $in['.($i + 1).'] ^ '.$dw[++$wc].';'."\n"; 630 | } 631 | 632 | for ($round = 1; $round < $Nr; ++$round) { 633 | list($s, $e) = array($e, $s); 634 | for ($i = 0; $i < $Nb; ++$i) { 635 | $decrypt_block.= 636 | '$'.$e.$i.' = 637 | $dt0[($'.$s.$i .' >> 24) & 0xff] ^ 638 | $dt1[($'.$s.(($Nb + $i - $c[1]) % $Nb).' >> 16) & 0xff] ^ 639 | $dt2[($'.$s.(($Nb + $i - $c[2]) % $Nb).' >> 8) & 0xff] ^ 640 | $dt3[ $'.$s.(($Nb + $i - $c[3]) % $Nb).' & 0xff] ^ 641 | '.$dw[++$wc].";\n"; 642 | } 643 | } 644 | 645 | for ($i = 0; $i < $Nb; ++$i) { 646 | $decrypt_block.= 647 | '$'.$e.$i.' = 648 | $isbox[ $'.$e.$i.' & 0xff] | 649 | ($isbox[($'.$e.$i.' >> 8) & 0xff] << 8) | 650 | ($isbox[($'.$e.$i.' >> 16) & 0xff] << 16) | 651 | ($isbox[($'.$e.$i.' >> 24) & 0xff] << 24);'."\n"; 652 | } 653 | $decrypt_block .= '$in = pack("N*"'."\n"; 654 | for ($i = 0; $i < $Nb; ++$i) { 655 | $decrypt_block.= ', 656 | ($'.$e.$i. ' & '.((int)0xFF000000).') ^ 657 | ($'.$e.(($Nb + $i - $c[1]) % $Nb).' & 0x00FF0000 ) ^ 658 | ($'.$e.(($Nb + $i - $c[2]) % $Nb).' & 0x0000FF00 ) ^ 659 | ($'.$e.(($Nb + $i - $c[3]) % $Nb).' & 0x000000FF ) ^ 660 | '.$dw[$i]."\n"; 661 | } 662 | $decrypt_block .= ');'; 663 | 664 | $lambda_functions[$code_hash] = $this->_createInlineCryptFunction( 665 | array( 666 | 'init_crypt' => '', 667 | 'init_encrypt' => $init_encrypt, 668 | 'init_decrypt' => $init_decrypt, 669 | 'encrypt_block' => $encrypt_block, 670 | 'decrypt_block' => $decrypt_block 671 | ) 672 | ); 673 | } 674 | $this->inline_crypt = $lambda_functions[$code_hash]; 675 | } 676 | }} -------------------------------------------------------------------------------- /support/phpseclib/license.txt: -------------------------------------------------------------------------------- 1 | Copyright 2007-2016 TerraFrost and other contributors 2 | http://phpseclib.sourceforge.net/ 3 | 4 | Permission is hereby granted, free of charge, to any person obtaining 5 | a copy of this software and associated documentation files (the 6 | "Software"), to deal in the Software without restriction, including 7 | without limitation the rights to use, copy, modify, merge, publish, 8 | distribute, sublicense, and/or sell copies of the Software, and to 9 | permit persons to whom the Software is furnished to do so, subject to 10 | the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be 13 | included in all copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 16 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 17 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 18 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 19 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 20 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 21 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 22 | -------------------------------------------------------------------------------- /support/sso_aes.php: -------------------------------------------------------------------------------- 1 | setKey($key); 25 | if (isset($options["iv"])) $aes->setIV($options["iv"]); 26 | $aes->disablePadding(); 27 | if (strlen($data) % 16 != 0) $data = str_pad($data, strlen($data) + (16 - (strlen($data) % 16)), "\x00"); 28 | $data = $aes->encrypt($data); 29 | 30 | if (isset($options["key2"])) 31 | { 32 | $data = substr($data, -1) . substr($data, 0, -1); 33 | 34 | if (isset($options["iv2"])) $options["iv"] = $options["iv2"]; 35 | else unset($options["iv"]); 36 | 37 | if ($options["mode"] != "ECB" && (!isset($options["iv"]) || $options["iv"] == "")) return false; 38 | 39 | $aes->setKey($options["key2"]); 40 | if (isset($options["iv"])) $aes->setIV($options["iv"]); 41 | $data = $aes->encrypt($data); 42 | } 43 | 44 | return $data; 45 | } 46 | 47 | // Uses AES to extract the data from an encapsulated data packet and validates the data. Does not support streams. 48 | static function ExtractDataPacket($data, $key, $options = array()) 49 | { 50 | $data = (string)$data; 51 | 52 | if (!isset($options["mode"])) $options["mode"] = "ECB"; 53 | if ($options["mode"] != "ECB" && (!isset($options["iv"]) || $options["iv"] == "")) return false; 54 | 55 | if (!class_exists("Crypt_AES", false)) require_once str_replace("\\", "/", dirname(__FILE__)) . "/phpseclib/AES.php"; 56 | 57 | if (isset($options["key2"])) 58 | { 59 | $options2 = $options; 60 | if (isset($options["iv2"])) $options["iv"] = $options["iv2"]; 61 | else unset($options["iv"]); 62 | 63 | $aes = new Crypt_AES($options["mode"] == "CBC" ? CRYPT_AES_MODE_CBC : CRYPT_AES_MODE_ECB); 64 | $aes->setKey($options["key2"]); 65 | if (isset($options["iv"])) $aes->setIV($options["iv"]); 66 | $aes->disablePadding(); 67 | $data = $aes->decrypt($data); 68 | 69 | $data = substr($data, 1) . substr($data, 0, 1); 70 | $options = $options2; 71 | } 72 | 73 | $aes = new Crypt_AES($options["mode"] == "CBC" ? CRYPT_AES_MODE_CBC : CRYPT_AES_MODE_ECB); 74 | $aes->setKey($key); 75 | if (isset($options["iv"])) $aes->setIV($options["iv"]); 76 | $aes->disablePadding(); 77 | $data = $aes->decrypt($data); 78 | 79 | if ($data === false) return false; 80 | 81 | $pos = strpos($data, "\n"); 82 | if ($pos === false) return false; 83 | $data = substr($data, $pos + 1); 84 | 85 | $pos = strpos($data, "\n"); 86 | if ($pos === false) return false; 87 | $check = substr($data, 0, $pos); 88 | $data = substr($data, $pos + 1); 89 | 90 | $pos = strrpos($data, "\n"); 91 | if ($pos === false) return false; 92 | $data = substr($data, 0, $pos); 93 | 94 | if (!isset($options["lightweight"]) || !$options["lightweight"]) 95 | { 96 | if ($check !== strtolower(sha1($data))) return false; 97 | } 98 | else if ($check !== strtolower(dechex(crc32($data)))) return false; 99 | 100 | return $data; 101 | } 102 | } 103 | ?> -------------------------------------------------------------------------------- /support/sso_blowfish.php: -------------------------------------------------------------------------------- 1 | setKey($key); 25 | if (isset($options["iv"])) $bf->setIV($options["iv"]); 26 | $bf->disablePadding(); 27 | if (strlen($data) % 8 != 0) $data = str_pad($data, strlen($data) + (8 - (strlen($data) % 8)), "\x00"); 28 | $data = $bf->encrypt($data); 29 | 30 | if (isset($options["key2"])) 31 | { 32 | $data = substr($data, -1) . substr($data, 0, -1); 33 | 34 | if (isset($options["iv2"])) $options["iv"] = $options["iv2"]; 35 | else unset($options["iv"]); 36 | 37 | if ($options["mode"] != "ECB" && (!isset($options["iv"]) || $options["iv"] == "")) return false; 38 | 39 | $bf->setKey($options["key2"]); 40 | if (isset($options["iv"])) $bf->setIV($options["iv"]); 41 | $data = $bf->encrypt($data); 42 | } 43 | 44 | return $data; 45 | } 46 | 47 | // Uses Blowfish to extract the data from an encapsulated data packet and validates the data. Does not support streams. 48 | static function ExtractDataPacket($data, $key, $options = array()) 49 | { 50 | $data = (string)$data; 51 | 52 | if (!isset($options["mode"])) $options["mode"] = "ECB"; 53 | if ($options["mode"] != "ECB" && (!isset($options["iv"]) || $options["iv"] == "")) return false; 54 | 55 | if (!class_exists("Crypt_Blowfish", false)) require_once str_replace("\\", "/", dirname(__FILE__)) . "/phpseclib/Blowfish.php"; 56 | 57 | if (isset($options["key2"])) 58 | { 59 | $options2 = $options; 60 | if (isset($options["iv2"])) $options["iv"] = $options["iv2"]; 61 | else unset($options["iv"]); 62 | 63 | $bf = new Crypt_Blowfish($options["mode"] == "CBC" ? CRYPT_BLOWFISH_MODE_CBC : CRYPT_BLOWFISH_MODE_ECB); 64 | $bf->setKey($options["key2"]); 65 | if (isset($options["iv"])) $bf->setIV($options["iv"]); 66 | $bf->disablePadding(); 67 | $data = $bf->decrypt($data); 68 | 69 | $data = substr($data, 1) . substr($data, 0, 1); 70 | $options = $options2; 71 | } 72 | 73 | $bf = new Crypt_Blowfish($options["mode"] == "CBC" ? CRYPT_BLOWFISH_MODE_CBC : CRYPT_BLOWFISH_MODE_ECB); 74 | $bf->setKey($key); 75 | if (isset($options["iv"])) $bf->setIV($options["iv"]); 76 | $bf->disablePadding(); 77 | $data = $bf->decrypt($data); 78 | 79 | if ($data === false) return false; 80 | 81 | $pos = strpos($data, "\n"); 82 | if ($pos === false) return false; 83 | $data = substr($data, $pos + 1); 84 | 85 | $pos = strpos($data, "\n"); 86 | if ($pos === false) return false; 87 | $check = substr($data, 0, $pos); 88 | $data = substr($data, $pos + 1); 89 | 90 | $pos = strrpos($data, "\n"); 91 | if ($pos === false) return false; 92 | $data = substr($data, 0, $pos); 93 | 94 | if (!isset($options["lightweight"]) || !$options["lightweight"]) 95 | { 96 | if ($check !== strtolower(sha1($data))) return false; 97 | } 98 | else if ($check !== strtolower(dechex(crc32($data)))) return false; 99 | 100 | return $data; 101 | } 102 | 103 | // Uses Blowfish to create a hash of some data. Typically used to securely hash passwords. 104 | // The recommended minimum number of rounds is 16. Powers of two are preferred. 105 | // The recommended minimum amount of time is 250 (milliseconds). Ignored when $mintime is 0. 106 | static function Hash($data, $rounds, $mintime) 107 | { 108 | $data = (string)$data; 109 | if ($data == "") return array("success" => false, "error" => "No data."); 110 | 111 | // Expand data. 112 | $origdata = $data; 113 | while (strlen($data) < 56) $data .= $origdata; 114 | $maxpos = strlen($data); 115 | $data .= $data; 116 | 117 | // Run through Blowfish. 118 | $result = ""; 119 | for ($x = 0; $x < 32; $x++) $result .= chr($x); 120 | $x = 0; 121 | $ts = microtime(true) + $mintime / 1000; 122 | $totalrounds = 0; 123 | 124 | $bf = new Crypt_Blowfish(); 125 | $bf->disablePadding(); 126 | 127 | while ($rounds > 0) 128 | { 129 | $key = substr($data, $x, 56); 130 | $x = ($x + 56) % $maxpos; 131 | 132 | $bf->setKey($key); 133 | $result = $bf->encrypt($result); 134 | 135 | $result = substr($result, -1) . substr($result, 0, -1); 136 | 137 | $rounds--; 138 | $totalrounds++; 139 | if (!$rounds && $mintime > 0 && microtime(true) < $ts) $rounds++; 140 | } 141 | 142 | return array("success" => true, "hash" => $result, "rounds" => $totalrounds); 143 | } 144 | } 145 | ?> -------------------------------------------------------------------------------- /support/sso_ipaddr.php: -------------------------------------------------------------------------------- 1 | $segment) 40 | { 41 | $segment = trim($segment); 42 | if ($segment != "") $ipaddr2[] = $segment; 43 | else if ($foundpos === false && count($ipaddr) > $num + 1 && $ipaddr[$num + 1] != "") 44 | { 45 | $foundpos = count($ipaddr2); 46 | $ipaddr2[] = "0000"; 47 | } 48 | } 49 | // Convert ::ffff:123.123.123.123 format. 50 | if (strpos($ipaddr2[count($ipaddr2) - 1], ".") !== false) 51 | { 52 | $x = count($ipaddr2) - 1; 53 | if ($ipaddr2[count($ipaddr2) - 2] != "ffff") $ipaddr2[$x] = "0"; 54 | else 55 | { 56 | $ipaddr = explode(".", $ipaddr2[$x]); 57 | if (count($ipaddr) != 4) $ipaddr2[$x] = "0"; 58 | else 59 | { 60 | $ipaddr2[$x] = str_pad(strtolower(dechex($ipaddr[0])), 2, "0", STR_PAD_LEFT) . str_pad(strtolower(dechex($ipaddr[1])), 2, "0", STR_PAD_LEFT); 61 | $ipaddr2[] = str_pad(strtolower(dechex($ipaddr[2])), 2, "0", STR_PAD_LEFT) . str_pad(strtolower(dechex($ipaddr[3])), 2, "0", STR_PAD_LEFT); 62 | } 63 | } 64 | } 65 | $ipaddr = array_slice($ipaddr2, 0, 8); 66 | if ($foundpos !== false && count($ipaddr) < 8) array_splice($ipaddr, $foundpos, 0, array_fill(0, 8 - count($ipaddr), "0000")); 67 | foreach ($ipaddr as $num => $segment) 68 | { 69 | $ipaddr[$num] = substr(str_pad(strtolower(dechex(hexdec($segment))), 4, "0", STR_PAD_LEFT), -4); 70 | } 71 | $ipv6addr = implode(":", $ipaddr); 72 | 73 | // Extract IPv4 address. 74 | if (substr($ipv6addr, 0, 30) == "0000:0000:0000:0000:0000:ffff:") $ipv4addr = hexdec(substr($ipv6addr, 30, 2)) . "." . hexdec(substr($ipv6addr, 32, 2)) . "." . hexdec(substr($ipv6addr, 35, 2)) . "." . hexdec(substr($ipv6addr, 37, 2)); 75 | 76 | // Make a short IPv6 address. 77 | $shortipv6 = $ipv6addr; 78 | $pattern = "0000:0000:0000:0000:0000:0000:0000"; 79 | do 80 | { 81 | $shortipv6 = str_replace($pattern, ":", $shortipv6); 82 | $pattern = substr($pattern, 5); 83 | } while (strlen($shortipv6) == 39 && $pattern != ""); 84 | $shortipv6 = explode(":", $shortipv6); 85 | foreach ($shortipv6 as $num => $segment) 86 | { 87 | if ($segment != "") $shortipv6[$num] = strtolower(dechex(hexdec($segment))); 88 | } 89 | $shortipv6 = implode(":", $shortipv6); 90 | 91 | return array("ipv6" => $ipv6addr, "shortipv6" => $shortipv6, "ipv4" => $ipv4addr); 92 | } 93 | 94 | public static function GetRemoteIP($proxies = array()) 95 | { 96 | $ipaddr = self::NormalizeIP(isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : "127.0.0.1"); 97 | 98 | // Check for trusted proxies. Stop at first untrusted IP in the chain. 99 | if (isset($proxies[$ipaddr["ipv6"]]) || ($ipaddr["ipv4"] != "" && isset($proxies[$ipaddr["ipv4"]]))) 100 | { 101 | $xforward = (isset($_SERVER["HTTP_X_FORWARDED_FOR"]) ? explode(",", $_SERVER["HTTP_X_FORWARDED_FOR"]) : array()); 102 | $clientip = (isset($_SERVER["HTTP_CLIENT_IP"]) ? explode(",", $_SERVER["HTTP_CLIENT_IP"]) : array()); 103 | 104 | do 105 | { 106 | $found = false; 107 | 108 | if (isset($proxies[$ipaddr["ipv6"]])) $header = $proxies[$ipaddr["ipv6"]]; 109 | else $header = $proxies[$ipaddr["ipv4"]]; 110 | 111 | $header = strtolower($header); 112 | if ($header == "xforward" && count($xforward) > 0) 113 | { 114 | $ipaddr = self::NormalizeIP(array_pop($xforward)); 115 | $found = true; 116 | } 117 | else if ($header == "clientip" && count($clientip) > 0) 118 | { 119 | $ipaddr = self::NormalizeIP(array_pop($clientip)); 120 | $found = true; 121 | } 122 | } while ($found && (isset($proxies[$ipaddr["ipv6"]]) || ($ipaddr["ipv4"] != "" && isset($proxies[$ipaddr["ipv4"]])))); 123 | } 124 | 125 | return $ipaddr; 126 | } 127 | 128 | public static function IsMatch($pattern, $ipaddr) 129 | { 130 | if (is_string($ipaddr)) $ipaddr = self::NormalizeIP($ipaddr); 131 | 132 | if (strpos($pattern, ":") !== false) 133 | { 134 | // Pattern is IPv6. 135 | $pattern = explode(":", strtolower($pattern)); 136 | $ipaddr = explode(":", $ipaddr["ipv6"]); 137 | if (count($pattern) != 8 || count($ipaddr) != 8) return false; 138 | foreach ($pattern as $num => $segment) 139 | { 140 | $found = false; 141 | $pieces = explode(",", $segment); 142 | foreach ($pieces as $piece) 143 | { 144 | $piece = trim($piece); 145 | $piece = explode(".", $piece); 146 | if (count($piece) == 1) 147 | { 148 | $piece = $piece[0]; 149 | 150 | if ($piece == "*") $found = true; 151 | else if (strpos($piece, "-") !== false) 152 | { 153 | $range = explode("-", $piece); 154 | $range[0] = hexdec($range[0]); 155 | $range[1] = hexdec($range[1]); 156 | $val = hexdec($ipaddr[$num]); 157 | if ($range[0] > $range[1]) $range[0] = $range[1]; 158 | if ($val >= $range[0] && $val <= $range[1]) $found = true; 159 | } 160 | else if ($piece === $ipaddr[$num]) $found = true; 161 | } 162 | else if (count($piece) == 2) 163 | { 164 | // Special IPv4-like notation. 165 | $found2 = false; 166 | $found3 = false; 167 | $val = hexdec(substr($ipaddr[$num], 0, 2)); 168 | $val2 = hexdec(substr($ipaddr[$num], 2, 2)); 169 | 170 | if ($piece[0] == "*") $found2 = true; 171 | else if (strpos($piece[0], "-") !== false) 172 | { 173 | $range = explode("-", $piece[0]); 174 | if ($range[0] > $range[1]) $range[0] = $range[1]; 175 | if ($val >= $range[0] && $val <= $range[1]) $found2 = true; 176 | } 177 | else if ($piece[0] == $val) $found2 = true; 178 | 179 | if ($piece[1] == "*") $found3 = true; 180 | else if (strpos($piece[1], "-") !== false) 181 | { 182 | $range = explode("-", $piece[1]); 183 | if ($range[0] > $range[1]) $range[0] = $range[1]; 184 | if ($val >= $range[0] && $val <= $range[1]) $found3 = true; 185 | } 186 | else if ($piece[1] == $val2) $found3 = true; 187 | 188 | if ($found2 && $found3) $found = true; 189 | } 190 | 191 | if ($found) break; 192 | } 193 | 194 | if (!$found) return false; 195 | } 196 | } 197 | else 198 | { 199 | // Pattern is IPv4. 200 | $pattern = explode(".", strtolower($pattern)); 201 | $ipaddr = explode(".", $ipaddr["ipv4"]); 202 | if (count($pattern) != 4 || count($ipaddr) != 4) return false; 203 | foreach ($pattern as $num => $segment) 204 | { 205 | $found = false; 206 | $pieces = explode(",", $segment); 207 | foreach ($pieces as $piece) 208 | { 209 | $piece = trim($piece); 210 | 211 | if ($piece == "*") $found = true; 212 | else if (strpos($piece, "-") !== false) 213 | { 214 | $range = explode("-", $piece); 215 | if ($range[0] > $range[1]) $range[0] = $range[1]; 216 | if ($ipaddr[$num] >= $range[0] && $ipaddr[$num] <= $range[1]) $found = true; 217 | } 218 | else if ($piece == $ipaddr[$num]) $found = true; 219 | 220 | if ($found) break; 221 | } 222 | 223 | if (!$found) return false; 224 | } 225 | } 226 | 227 | return true; 228 | } 229 | } 230 | ?> -------------------------------------------------------------------------------- /support/sso_random.php: -------------------------------------------------------------------------------- 1 | mode = false; 15 | $this->fp = false; 16 | $this->cryptosafe = $cryptosafe; 17 | 18 | // Native first (PHP 7 and later). 19 | if (function_exists("random_bytes")) $this->mode = "native"; 20 | 21 | // OpenSSL fallback. 22 | if ($this->mode === false && function_exists("openssl_random_pseudo_bytes")) 23 | { 24 | // PHP 5.4.0 introduced native Windows CryptGenRandom() integration via php_win32_get_random_bytes() for performance. 25 | @openssl_random_pseudo_bytes(4, $strong); 26 | if ($strong) $this->mode = "openssl"; 27 | } 28 | 29 | // Locate a (relatively) suitable source of entropy or raise an exception. 30 | if (strtoupper(substr(PHP_OS, 0, 3)) === "WIN") 31 | { 32 | // PHP 5.3.0 introduced native Windows CryptGenRandom() integration via php_win32_get_random_bytes() for functionality. 33 | if ($this->mode === false && PHP_VERSION_ID > 50300 && function_exists("mcrypt_create_iv")) $this->mode = "mcrypt"; 34 | } 35 | else 36 | { 37 | if (!$cryptosafe && $this->mode === false && file_exists("/dev/arandom")) 38 | { 39 | // OpenBSD. mcrypt doesn't attempt to use this despite claims of higher quality entropy with performance. 40 | $this->fp = @fopen("/dev/arandom", "rb"); 41 | if ($this->fp !== false) $this->mode = "file"; 42 | } 43 | 44 | if ($cryptosafe && $this->mode === false && file_exists("/dev/random")) 45 | { 46 | // Everything else. 47 | $this->fp = @fopen("/dev/random", "rb"); 48 | if ($this->fp !== false) $this->mode = "file"; 49 | } 50 | 51 | if (!$cryptosafe && $this->mode === false && file_exists("/dev/urandom")) 52 | { 53 | // Everything else. 54 | $this->fp = @fopen("/dev/urandom", "rb"); 55 | if ($this->fp !== false) $this->mode = "file"; 56 | } 57 | 58 | if ($this->mode === false && function_exists("mcrypt_create_iv")) 59 | { 60 | // mcrypt_create_iv() is last because it opens and closes a file handle every single call. 61 | $this->mode = "mcrypt"; 62 | } 63 | } 64 | 65 | // Throw an exception if unable to find a suitable entropy source. 66 | if ($this->mode === false) 67 | { 68 | throw new Exception(self::RNG_Translate("Unable to locate a suitable entropy source.")); 69 | exit(); 70 | } 71 | } 72 | 73 | public function __destruct() 74 | { 75 | if ($this->mode === "file") fclose($this->fp); 76 | } 77 | 78 | public function GetBytes($length) 79 | { 80 | if ($this->mode === false) return false; 81 | 82 | $length = (int)$length; 83 | if ($length < 1) return false; 84 | 85 | $result = ""; 86 | do 87 | { 88 | switch ($this->mode) 89 | { 90 | case "native": $data = @random_bytes($length); break; 91 | case "openssl": $data = @openssl_random_pseudo_bytes($length, $strong); if (!$strong) $data = false; break; 92 | case "mcrypt": $data = @mcrypt_create_iv($length, ($this->cryptosafe ? MCRYPT_DEV_RANDOM : MCRYPT_DEV_URANDOM)); break; 93 | case "file": $data = @fread($this->fp, $length); break; 94 | default: $data = false; 95 | } 96 | if ($data === false) return false; 97 | 98 | $result .= $data; 99 | } while (strlen($result) < $length); 100 | 101 | return substr($result, 0, $length); 102 | } 103 | 104 | public function GenerateToken($length = 64) 105 | { 106 | $data = $this->GetBytes($length); 107 | if ($data === false) return false; 108 | 109 | return bin2hex($data); 110 | } 111 | 112 | // Get a random number between $min and $max (inclusive). 113 | public function GetInt($min, $max) 114 | { 115 | $min = (int)$min; 116 | $max = (int)$max; 117 | if ($max < $min) return false; 118 | if ($min == $max) return $min; 119 | 120 | $range = $max - $min + 1; 121 | 122 | $bits = 1; 123 | while ((1 << $bits) <= $range) $bits++; 124 | 125 | $numbytes = (int)(($bits + 7) / 8); 126 | $mask = (1 << $bits) - 1; 127 | 128 | do 129 | { 130 | $data = $this->GetBytes($numbytes); 131 | if ($data === false) return false; 132 | 133 | $result = 0; 134 | for ($x = 0; $x < $numbytes; $x++) 135 | { 136 | $result = ($result * 256) + ord($data[$x]); 137 | } 138 | 139 | $result = $result & $mask; 140 | } while ($result >= $range); 141 | 142 | return $result + $min; 143 | } 144 | 145 | // Convenience method to generate a random alphanumeric string. 146 | public function GenerateString($size = 32) 147 | { 148 | $result = ""; 149 | for ($x = 0; $x < $size; $x++) 150 | { 151 | $data = $this->GetInt(0, 61); 152 | if ($data === false) return false; 153 | 154 | $result .= self::$alphanum[$data]; 155 | } 156 | 157 | return $result; 158 | } 159 | 160 | public function GenerateWordLite(&$freqmap, $len) 161 | { 162 | $totalc = 0; 163 | $totalv = 0; 164 | foreach ($freqmap["consonants"] as $chr => $num) $totalc += $num; 165 | foreach ($freqmap["vowels"] as $chr => $num) $totalv += $num; 166 | 167 | if ($totalc <= 0 || $totalv <= 0) return false; 168 | 169 | $result = ""; 170 | for ($x = 0; $x < $len; $x++) 171 | { 172 | if ($x % 2) 173 | { 174 | $data = $this->GetInt(0, $totalv - 1); 175 | if ($data === false) return false; 176 | 177 | foreach ($freqmap["vowels"] as $chr => $num) 178 | { 179 | if ($num > $data) 180 | { 181 | $result .= $chr; 182 | 183 | break; 184 | } 185 | 186 | $data -= $num; 187 | } 188 | } 189 | else 190 | { 191 | $data = $this->GetInt(0, $totalc - 1); 192 | if ($data === false) return false; 193 | 194 | foreach ($freqmap["consonants"] as $chr => $num) 195 | { 196 | if ($num > $data) 197 | { 198 | $result .= $chr; 199 | 200 | break; 201 | } 202 | 203 | $data -= $num; 204 | } 205 | } 206 | } 207 | 208 | return $result; 209 | } 210 | 211 | public function GenerateWord(&$freqmap, $len, $separator = "-") 212 | { 213 | $result = ""; 214 | $queue = array(); 215 | $threshold = $freqmap["threshold"]; 216 | $state = "start"; 217 | while ($len) 218 | { 219 | //echo $state . " - " . $len . ": " . $result . "\n"; 220 | switch ($state) 221 | { 222 | case "start": 223 | { 224 | // The start of the word (or restart). 225 | $path = &$freqmap["start"]; 226 | while (count($queue) < $threshold && $len) 227 | { 228 | if ($len > 1 || !$path["*"]) 229 | { 230 | // Some part of the word. 231 | $found = false; 232 | if ($path[""]) 233 | { 234 | $pos = $this->GetInt(0, $path[""] - 1); 235 | 236 | foreach ($path as $chr => &$info) 237 | { 238 | if (!is_array($info)) continue; 239 | 240 | if ($info["+"] > $pos) 241 | { 242 | $result .= $chr; 243 | $queue[] = $chr; 244 | $path = &$path[$chr]; 245 | $len--; 246 | 247 | $found = true; 248 | 249 | break; 250 | } 251 | 252 | $pos -= $info["+"]; 253 | } 254 | } 255 | 256 | if (!$found) 257 | { 258 | $state = (count($queue) ? "recovery" : "restart"); 259 | 260 | break; 261 | } 262 | } 263 | else 264 | { 265 | // Last letter of the word. 266 | $found = false; 267 | if ($path["*"]) 268 | { 269 | $pos = $this->GetInt(0, $path["*"] - 1); 270 | 271 | foreach ($path as $chr => &$info) 272 | { 273 | if (!is_array($info)) continue; 274 | 275 | if ($info["-"] > $pos) 276 | { 277 | $result .= $chr; 278 | $queue[] = $chr; 279 | $path = &$path[$chr]; 280 | $len--; 281 | 282 | $found = true; 283 | 284 | break; 285 | } 286 | 287 | $pos -= $info["-"]; 288 | } 289 | } 290 | 291 | if (!$found) 292 | { 293 | $state = (count($queue) ? "end" : "restart"); 294 | 295 | break; 296 | } 297 | } 298 | } 299 | 300 | if (count($queue) >= $threshold) $state = ($len >= $threshold ? "middle" : "end"); 301 | 302 | break; 303 | } 304 | case "middle": 305 | { 306 | // The middle of the word. 307 | $str = implode("", $queue); 308 | 309 | if (!isset($freqmap["middle"][$str])) $state = "recovery"; 310 | else 311 | { 312 | $found = false; 313 | 314 | if ($freqmap["middle"][$str][""]) 315 | { 316 | $pos = $this->GetInt(0, $freqmap["middle"][$str][""] - 1); 317 | 318 | foreach ($freqmap["middle"][$str] as $chr => $num) 319 | { 320 | if ($chr === "") continue; 321 | 322 | if ($num > $pos) 323 | { 324 | $result .= $chr; 325 | $queue[] = $chr; 326 | array_shift($queue); 327 | $len--; 328 | 329 | if ($len < $threshold) $state = "end"; 330 | 331 | $found = true; 332 | 333 | break; 334 | } 335 | 336 | $pos -= $num; 337 | } 338 | } 339 | 340 | if (!$found) $state = "recovery"; 341 | } 342 | 343 | break; 344 | } 345 | case "end": 346 | { 347 | if (!isset($freqmap["end"][$len]) || !count($queue) || !isset($freqmap["end"][$len][$queue[count($queue) - 1]])) $state = "restart"; 348 | else 349 | { 350 | $path = &$freqmap["end"][$len][$queue[count($queue) - 1]]; 351 | 352 | $found = false; 353 | 354 | if ($path[""]) 355 | { 356 | $pos = $this->GetInt(0, $path[""] - 1); 357 | 358 | foreach ($path as $str => $num) 359 | { 360 | if ($str === "") continue; 361 | 362 | if ($num > $pos) 363 | { 364 | $result .= $str; 365 | $len = 0; 366 | 367 | $found = true; 368 | 369 | break; 370 | } 371 | 372 | $pos -= $num; 373 | } 374 | } 375 | 376 | if (!$found) $state = "restart"; 377 | } 378 | 379 | break; 380 | } 381 | case "recovery": 382 | { 383 | if (!count($queue) || !isset($freqmap["recovery"][$queue[count($queue) - 1]])) $state = "restart"; 384 | else 385 | { 386 | $path = &$freqmap["recovery"][$queue[count($queue) - 1]]; 387 | 388 | $found = false; 389 | 390 | if ($path[""]) 391 | { 392 | $pos = $this->GetInt(0, $path[""] - 1); 393 | 394 | foreach ($path as $chr => $num) 395 | { 396 | if ($chr === "") continue; 397 | 398 | if ($num > $pos) 399 | { 400 | $result .= $chr; 401 | $queue[] = $chr; 402 | array_shift($queue); 403 | $len--; 404 | 405 | $state = ($len >= $threshold ? "middle" : "end"); 406 | 407 | $found = true; 408 | 409 | break; 410 | } 411 | 412 | $pos -= $num; 413 | } 414 | } 415 | 416 | if (!$found) $state = "restart"; 417 | } 418 | 419 | break; 420 | } 421 | case "restart": 422 | { 423 | $result .= $separator; 424 | $queue = array(); 425 | $len -= strlen($separator); 426 | 427 | $state = "start"; 428 | 429 | break; 430 | } 431 | } 432 | } 433 | 434 | return $result; 435 | } 436 | 437 | public function GetMode() 438 | { 439 | return $this->mode; 440 | } 441 | 442 | protected static function RNG_Translate() 443 | { 444 | $args = func_get_args(); 445 | if (!count($args)) return ""; 446 | 447 | return call_user_func_array((defined("CS_TRANSLATE_FUNC") && function_exists(CS_TRANSLATE_FUNC) ? CS_TRANSLATE_FUNC : "sprintf"), $args); 448 | } 449 | } 450 | ?> -------------------------------------------------------------------------------- /support/str_basics.php: -------------------------------------------------------------------------------- 1 | $val) 10 | { 11 | if (is_string($val)) $_REQUEST[$key] = trim($val); 12 | else if (is_array($val)) 13 | { 14 | $_REQUEST[$key] = array(); 15 | foreach ($val as $key2 => $val2) $_REQUEST[$key][$key2] = (is_string($val2) ? trim($val2) : $val2); 16 | } 17 | else $_REQUEST[$key] = $val; 18 | } 19 | } 20 | 21 | // Cleans up all PHP input issues so that $_REQUEST may be used as expected. 22 | public static function ProcessAllInput() 23 | { 24 | self::ProcessSingleInput($_COOKIE); 25 | self::ProcessSingleInput($_GET); 26 | self::ProcessSingleInput($_POST); 27 | } 28 | 29 | public static function ExtractPathname($dirfile) 30 | { 31 | $dirfile = str_replace("\\", "/", $dirfile); 32 | $pos = strrpos($dirfile, "/"); 33 | if ($pos === false) $dirfile = ""; 34 | else $dirfile = substr($dirfile, 0, $pos + 1); 35 | 36 | return $dirfile; 37 | } 38 | 39 | public static function ExtractFilename($dirfile) 40 | { 41 | $dirfile = str_replace("\\", "/", $dirfile); 42 | $pos = strrpos($dirfile, "/"); 43 | if ($pos !== false) $dirfile = substr($dirfile, $pos + 1); 44 | 45 | return $dirfile; 46 | } 47 | 48 | public static function ExtractFileExtension($dirfile) 49 | { 50 | $dirfile = self::ExtractFilename($dirfile); 51 | $pos = strrpos($dirfile, "."); 52 | if ($pos !== false) $dirfile = substr($dirfile, $pos + 1); 53 | else $dirfile = ""; 54 | 55 | return $dirfile; 56 | } 57 | 58 | public static function ExtractFilenameNoExtension($dirfile) 59 | { 60 | $dirfile = self::ExtractFilename($dirfile); 61 | $pos = strrpos($dirfile, "."); 62 | if ($pos !== false) $dirfile = substr($dirfile, 0, $pos); 63 | 64 | return $dirfile; 65 | } 66 | 67 | // Makes an input filename safe for use. 68 | // Allows a very limited number of characters through. 69 | public static function FilenameSafe($filename) 70 | { 71 | return preg_replace('/\s+/', "-", trim(trim(preg_replace('/[^A-Za-z0-9_.\-]/', " ", $filename), "."))); 72 | } 73 | 74 | public static function ReplaceNewlines($replacewith, $data) 75 | { 76 | $data = str_replace("\r\n", "\n", $data); 77 | $data = str_replace("\r", "\n", $data); 78 | $data = str_replace("\n", $replacewith, $data); 79 | 80 | return $data; 81 | } 82 | 83 | public static function LineInput($data, &$pos) 84 | { 85 | $CR = ord("\r"); 86 | $LF = ord("\n"); 87 | 88 | $result = ""; 89 | $y = strlen($data); 90 | if ($pos > $y) $pos = $y; 91 | while ($pos < $y && ord($data[$pos]) != $CR && ord($data[$pos]) != $LF) 92 | { 93 | $result .= $data[$pos]; 94 | $pos++; 95 | } 96 | if ($pos + 1 < $y && ord($data[$pos]) == $CR && ord($data[$pos + 1]) == $LF) $pos++; 97 | if ($pos < $y) $pos++; 98 | 99 | return $result; 100 | } 101 | 102 | // Constant-time string comparison. Ported from CubicleSoft C++ code. 103 | public static function CTstrcmp($secret, $userinput) 104 | { 105 | $sx = 0; 106 | $sy = strlen($secret); 107 | $uy = strlen($userinput); 108 | $result = $sy - $uy; 109 | for ($ux = 0; $ux < $uy; $ux++) 110 | { 111 | $result |= ord($userinput[$ux]) ^ ord($secret[$sx]); 112 | $sx = ($sx + 1) % $sy; 113 | } 114 | 115 | return $result; 116 | } 117 | 118 | public static function ConvertUserStrToBytes($str) 119 | { 120 | $str = trim($str); 121 | $num = (double)$str; 122 | if (strtoupper(substr($str, -1)) == "B") $str = substr($str, 0, -1); 123 | switch (strtoupper(substr($str, -1))) 124 | { 125 | case "P": $num *= 1024; 126 | case "T": $num *= 1024; 127 | case "G": $num *= 1024; 128 | case "M": $num *= 1024; 129 | case "K": $num *= 1024; 130 | } 131 | 132 | return $num; 133 | } 134 | 135 | public static function ConvertBytesToUserStr($num) 136 | { 137 | $num = (double)$num; 138 | 139 | if ($num < 0) return "0 B"; 140 | if ($num < 1024) return number_format($num, 0) . " B"; 141 | if ($num < 1048576) return str_replace(".0 ", "", number_format($num / 1024, 1)) . " KB"; 142 | if ($num < 1073741824) return str_replace(".0 ", "", number_format($num / 1048576, 1)) . " MB"; 143 | if ($num < 1099511627776.0) return str_replace(".0 ", "", number_format($num / 1073741824.0, 1)) . " GB"; 144 | if ($num < 1125899906842624.0) return str_replace(".0 ", "", number_format($num / 1099511627776.0, 1)) . " TB"; 145 | 146 | return str_replace(".0 ", "", number_format($num / 1125899906842624.0, 1)) . " PB"; 147 | } 148 | 149 | public static function JSSafe($data) 150 | { 151 | return str_replace(array("'", "\r", "\n"), array("\\'", "\\r", "\\n"), $data); 152 | } 153 | } 154 | ?> --------------------------------------------------------------------------------