I solved some issue with Cryptographic Issues
This commit is contained in:
Paula V. Quispe
@@ -399,7 +399,7 @@ class Bootstrap
|
|||||||
// Detect by creating a temporary file
|
// Detect by creating a temporary file
|
||||||
// Try to use system's temporary directory as random name
|
// Try to use system's temporary directory as random name
|
||||||
// shouldn't exist
|
// shouldn't exist
|
||||||
$temp_file = tempnam(md5(uniqid(rand(), true)), '');
|
$temp_file = tempnam(G::encryptOld(uniqid(rand(), true)), '');
|
||||||
if ($temp_file) {
|
if ($temp_file) {
|
||||||
$temp_dir = realpath(dirname($temp_file));
|
$temp_dir = realpath(dirname($temp_file));
|
||||||
unlink($temp_file);
|
unlink($temp_file);
|
||||||
@@ -1077,7 +1077,7 @@ class Bootstrap
|
|||||||
$mtime = date('U');
|
$mtime = date('U');
|
||||||
$gmt_mtime = gmdate("D, d M Y H:i:s", $mtime) . " GMT";
|
$gmt_mtime = gmdate("D, d M Y H:i:s", $mtime) . " GMT";
|
||||||
header('Pragma: cache');
|
header('Pragma: cache');
|
||||||
header('ETag: "' . md5($mtime . $filename) . '"');
|
header('ETag: "' . G::encryptOld($mtime . $filename) . '"');
|
||||||
header("Last-Modified: " . $gmt_mtime);
|
header("Last-Modified: " . $gmt_mtime);
|
||||||
header('Cache-Control: public');
|
header('Cache-Control: public');
|
||||||
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 30 * 60 * 60 * 24) . " GMT"); //1 month
|
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 30 * 60 * 60 * 24) . " GMT"); //1 month
|
||||||
@@ -1090,7 +1090,7 @@ class Bootstrap
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) {
|
if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) {
|
||||||
if (str_replace('"', '', stripslashes($_SERVER['HTTP_IF_NONE_MATCH'])) == md5($mtime . $filename)) {
|
if (str_replace('"', '', stripslashes($_SERVER['HTTP_IF_NONE_MATCH'])) == G::encryptOld($mtime . $filename)) {
|
||||||
header("HTTP/1.1 304 Not Modified");
|
header("HTTP/1.1 304 Not Modified");
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
@@ -1216,7 +1216,7 @@ class Bootstrap
|
|||||||
$mtime = date('U');
|
$mtime = date('U');
|
||||||
}
|
}
|
||||||
$gmt_mtime = gmdate("D, d M Y H:i:s", $mtime) . " GMT";
|
$gmt_mtime = gmdate("D, d M Y H:i:s", $mtime) . " GMT";
|
||||||
header('ETag: "' . md5($mtime . $filename) . '"');
|
header('ETag: "' . G::encryptOld($mtime . $filename) . '"');
|
||||||
header("Last-Modified: " . $gmt_mtime);
|
header("Last-Modified: " . $gmt_mtime);
|
||||||
header('Cache-Control: public');
|
header('Cache-Control: public');
|
||||||
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 60 * 10) . " GMT"); // ten
|
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 60 * 10) . " GMT"); // ten
|
||||||
@@ -1234,7 +1234,7 @@ class Bootstrap
|
|||||||
$mtime = date('U');
|
$mtime = date('U');
|
||||||
}
|
}
|
||||||
$gmt_mtime = gmdate("D, d M Y H:i:s", $mtime) . " GMT";
|
$gmt_mtime = gmdate("D, d M Y H:i:s", $mtime) . " GMT";
|
||||||
header('ETag: "' . md5($mtime . $filename) . '"');
|
header('ETag: "' . G::encryptOld($mtime . $filename) . '"');
|
||||||
header("Last-Modified: " . $gmt_mtime);
|
header("Last-Modified: " . $gmt_mtime);
|
||||||
header('Cache-Control: public');
|
header('Cache-Control: public');
|
||||||
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 90 * 60 * 60 * 24) . " GMT");
|
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 90 * 60 * 60 * 24) . " GMT");
|
||||||
@@ -1246,7 +1246,7 @@ class Bootstrap
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_SERVER ['HTTP_IF_NONE_MATCH'])) {
|
if (isset($_SERVER ['HTTP_IF_NONE_MATCH'])) {
|
||||||
if (str_replace('"', '', stripslashes($_SERVER ['HTTP_IF_NONE_MATCH'])) == md5($mtime . $filename)) {
|
if (str_replace('"', '', stripslashes($_SERVER ['HTTP_IF_NONE_MATCH'])) == G::encryptOld($mtime . $filename)) {
|
||||||
header("HTTP/1.1 304 Not Modified");
|
header("HTTP/1.1 304 Not Modified");
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
@@ -1276,7 +1276,7 @@ class Bootstrap
|
|||||||
$checkSum .= md5_file($file);
|
$checkSum .= md5_file($file);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return md5($checkSum . $key);
|
return G::encryptOld($checkSum . $key);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -713,7 +713,7 @@ class zip_file extends archive
|
|||||||
} elseif ($fp = @fopen( $current['name'], "rb" )) {
|
} elseif ($fp = @fopen( $current['name'], "rb" )) {
|
||||||
$temp = fread( $fp, $current['stat'][7] );
|
$temp = fread( $fp, $current['stat'][7] );
|
||||||
fclose( $fp );
|
fclose( $fp );
|
||||||
$crc32 = crc32( $temp );
|
$crc32 = G::encryptCrc32( $temp );
|
||||||
if (! isset( $current['method'] ) && $this->options['method'] == 1) {
|
if (! isset( $current['method'] ) && $this->options['method'] == 1) {
|
||||||
$temp = gzcompress( $temp, $this->options['level'] );
|
$temp = gzcompress( $temp, $this->options['level'] );
|
||||||
$size = strlen( $temp ) - 6;
|
$size = strlen( $temp ) - 6;
|
||||||
|
|||||||
@@ -5687,7 +5687,7 @@ class Cases
|
|||||||
{
|
{
|
||||||
//CASE INSENSITIVE pin
|
//CASE INSENSITIVE pin
|
||||||
$pin = G::toUpper($pin);
|
$pin = G::toUpper($pin);
|
||||||
$pin = md5($pin);
|
$pin = G::encryptOld($pin);
|
||||||
|
|
||||||
$oCriteria = new Criteria('workflow');
|
$oCriteria = new Criteria('workflow');
|
||||||
$oCriteria->addSelectColumn(ApplicationPeer::APP_UID);
|
$oCriteria->addSelectColumn(ApplicationPeer::APP_UID);
|
||||||
|
|||||||
@@ -216,7 +216,7 @@ class AddonsManager extends BaseAddonsManager
|
|||||||
|
|
||||||
///////
|
///////
|
||||||
$boundary = "---------------------" . substr(md5(rand(0, 32000)), 0, 10);
|
$boundary = "---------------------" . substr(md5(rand(0, 32000)), 0, 10);
|
||||||
$data = null;
|
$data = "";
|
||||||
|
|
||||||
for ($i = 0; $i <= count($var) - 1; $i++) {
|
for ($i = 0; $i <= count($var) - 1; $i++) {
|
||||||
$aux = explode("=", $var[$i]);
|
$aux = explode("=", $var[$i]);
|
||||||
|
|||||||
@@ -174,7 +174,7 @@ class caseSchedulerProxy extends HttpProxyController
|
|||||||
$aData['SCH_UID'] = G::generateUniqueID();
|
$aData['SCH_UID'] = G::generateUniqueID();
|
||||||
$aData['SCH_NAME'] = $params->fDescription; //$_POST['form']['SCH_NAME'];
|
$aData['SCH_NAME'] = $params->fDescription; //$_POST['form']['SCH_NAME'];
|
||||||
$aData['SCH_DEL_USER_NAME'] = $params->fUser; //$_POST['form']['SCH_USER_NAME'];
|
$aData['SCH_DEL_USER_NAME'] = $params->fUser; //$_POST['form']['SCH_USER_NAME'];
|
||||||
$aData['SCH_DEL_USER_PASS'] = md5( $params->fPassword );
|
$aData['SCH_DEL_USER_PASS'] = G::encryptOld( $params->fPassword );
|
||||||
$aData['SCH_DEL_USER_UID'] = $params->usr_uid; //$_POST['form']['SCH_USER_UID'];
|
$aData['SCH_DEL_USER_UID'] = $params->usr_uid; //$_POST['form']['SCH_USER_UID'];
|
||||||
$aData['PRO_UID'] = $params->pro_uid; //$_POST['form']['PRO_UID'];
|
$aData['PRO_UID'] = $params->pro_uid; //$_POST['form']['PRO_UID'];
|
||||||
$aData['TAS_UID'] = $params->tas_uid; //$_POST['form']['TAS_UID'];
|
$aData['TAS_UID'] = $params->tas_uid; //$_POST['form']['TAS_UID'];
|
||||||
|
|||||||
@@ -40,7 +40,7 @@ foreach ($_POST['aUsers'] as $sUser) {
|
|||||||
$matches = array ();
|
$matches = array ();
|
||||||
$aUser = (array) Bootstrap::json_decode( stripslashes( $sUser ) );
|
$aUser = (array) Bootstrap::json_decode( stripslashes( $sUser ) );
|
||||||
$aData['USR_USERNAME'] = str_replace( "*", "'", $aUser['sUsername'] );
|
$aData['USR_USERNAME'] = str_replace( "*", "'", $aUser['sUsername'] );
|
||||||
$aData['USR_PASSWORD'] = md5( str_replace( "*", "'", $aUser['sUsername'] ) );
|
$aData['USR_PASSWORD'] = G::encryptOld( str_replace( "*", "'", $aUser['sUsername'] ) );
|
||||||
// note added by gustavo gustavo-at-colosa.com
|
// note added by gustavo gustavo-at-colosa.com
|
||||||
// asign the FirstName and LastName variables
|
// asign the FirstName and LastName variables
|
||||||
// add replace to change D*Souza to D'Souza by krlos
|
// add replace to change D*Souza to D'Souza by krlos
|
||||||
@@ -72,7 +72,7 @@ foreach ($_POST['aUsers'] as $sUser) {
|
|||||||
}
|
}
|
||||||
$aData['USR_STATUS'] = 'ACTIVE';
|
$aData['USR_STATUS'] = 'ACTIVE';
|
||||||
$aData['USR_UID'] = $sUserUID;
|
$aData['USR_UID'] = $sUserUID;
|
||||||
$aData['USR_PASSWORD'] = md5( $sUserUID ); //fake :p
|
$aData['USR_PASSWORD'] = G::encryptOld( $sUserUID ); //fake :p
|
||||||
$aData['USR_ROLE'] = 'PROCESSMAKER_OPERATOR';
|
$aData['USR_ROLE'] = 'PROCESSMAKER_OPERATOR';
|
||||||
|
|
||||||
if (count($aAttributes)) {
|
if (count($aAttributes)) {
|
||||||
|
|||||||
@@ -75,7 +75,7 @@ function getProcessList ()
|
|||||||
if (1) {
|
if (1) {
|
||||||
foreach ($processList as $key => $processInfo) {
|
foreach ($processList as $key => $processInfo) {
|
||||||
$tempTree['text'] = $key;
|
$tempTree['text'] = $key;
|
||||||
$tempTree['id'] = md5($key);
|
$tempTree['id'] = G::encryptOld($key);
|
||||||
$tempTree['cls'] = 'folder';
|
$tempTree['cls'] = 'folder';
|
||||||
$tempTree['draggable'] = true;
|
$tempTree['draggable'] = true;
|
||||||
$tempTree['optionType'] = "category";
|
$tempTree['optionType'] = "category";
|
||||||
@@ -92,7 +92,7 @@ function getProcessList ()
|
|||||||
//print_r($processInfo);
|
//print_r($processInfo);
|
||||||
$tempTreeChild['text'] = htmlentities($keyChild, ENT_QUOTES, 'UTF-8'); //ellipsis ( $keyChild, 50 );
|
$tempTreeChild['text'] = htmlentities($keyChild, ENT_QUOTES, 'UTF-8'); //ellipsis ( $keyChild, 50 );
|
||||||
//$tempTree['text']=$key;
|
//$tempTree['text']=$key;
|
||||||
$tempTreeChild['id'] = md5($keyChild);
|
$tempTreeChild['id'] = G::encryptOld($keyChild);
|
||||||
$tempTreeChild['draggable'] = true;
|
$tempTreeChild['draggable'] = true;
|
||||||
$tempTreeChild['leaf'] = true;
|
$tempTreeChild['leaf'] = true;
|
||||||
$tempTreeChild['icon'] = '/images/icon.trigger.png';
|
$tempTreeChild['icon'] = '/images/icon.trigger.png';
|
||||||
|
|||||||
@@ -253,7 +253,7 @@ try {
|
|||||||
file_put_contents(PATH_DATA_SITE . PATH_SEP . '.server_info', $cput);
|
file_put_contents(PATH_DATA_SITE . PATH_SEP . '.server_info', $cput);
|
||||||
} else {
|
} else {
|
||||||
$c = file_get_contents(PATH_DATA_SITE . PATH_SEP . '.server_info');
|
$c = file_get_contents(PATH_DATA_SITE . PATH_SEP . '.server_info');
|
||||||
if (md5($c) != md5($cput)) {
|
if (G::encryptOld($c) != G::encryptOld($cput)) {
|
||||||
file_put_contents(PATH_DATA_SITE . PATH_SEP . '.server_info', $cput);
|
file_put_contents(PATH_DATA_SITE . PATH_SEP . '.server_info', $cput);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -286,7 +286,7 @@ try {
|
|||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($_SESSION['USER_LOGGED'], array('USR_PASSWORD_HISTORY' => serialize(array(md5($pwd)))));
|
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($_SESSION['USER_LOGGED'], array('USR_PASSWORD_HISTORY' => serialize(array(G::encryptOld($pwd)))));
|
||||||
$aErrors = $oUserProperty->validatePassword($_POST['form']['USR_PASSWORD'], $aUserProperty['USR_LAST_UPDATE_DATE'], $aUserProperty['USR_LOGGED_NEXT_TIME'], true);
|
$aErrors = $oUserProperty->validatePassword($_POST['form']['USR_PASSWORD'], $aUserProperty['USR_LAST_UPDATE_DATE'], $aUserProperty['USR_LOGGED_NEXT_TIME'], true);
|
||||||
|
|
||||||
if (!empty($aErrors) && in_array("ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN", $aErrors)) {
|
if (!empty($aErrors) && in_array("ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN", $aErrors)) {
|
||||||
|
|||||||
Reference in New Issue
Block a user