I solved some issue with Cryptographic Issues
This commit is contained in:
Paula V. Quispe
@@ -399,7 +399,7 @@ class Bootstrap
|
||||
// Detect by creating a temporary file
|
||||
// Try to use system's temporary directory as random name
|
||||
// shouldn't exist
|
||||
$temp_file = tempnam(md5(uniqid(rand(), true)), '');
|
||||
$temp_file = tempnam(G::encryptOld(uniqid(rand(), true)), '');
|
||||
if ($temp_file) {
|
||||
$temp_dir = realpath(dirname($temp_file));
|
||||
unlink($temp_file);
|
||||
@@ -1077,7 +1077,7 @@ class Bootstrap
|
||||
$mtime = date('U');
|
||||
$gmt_mtime = gmdate("D, d M Y H:i:s", $mtime) . " GMT";
|
||||
header('Pragma: cache');
|
||||
header('ETag: "' . md5($mtime . $filename) . '"');
|
||||
header('ETag: "' . G::encryptOld($mtime . $filename) . '"');
|
||||
header("Last-Modified: " . $gmt_mtime);
|
||||
header('Cache-Control: public');
|
||||
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 30 * 60 * 60 * 24) . " GMT"); //1 month
|
||||
@@ -1090,7 +1090,7 @@ class Bootstrap
|
||||
}
|
||||
|
||||
if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) {
|
||||
if (str_replace('"', '', stripslashes($_SERVER['HTTP_IF_NONE_MATCH'])) == md5($mtime . $filename)) {
|
||||
if (str_replace('"', '', stripslashes($_SERVER['HTTP_IF_NONE_MATCH'])) == G::encryptOld($mtime . $filename)) {
|
||||
header("HTTP/1.1 304 Not Modified");
|
||||
exit();
|
||||
}
|
||||
@@ -1216,7 +1216,7 @@ class Bootstrap
|
||||
$mtime = date('U');
|
||||
}
|
||||
$gmt_mtime = gmdate("D, d M Y H:i:s", $mtime) . " GMT";
|
||||
header('ETag: "' . md5($mtime . $filename) . '"');
|
||||
header('ETag: "' . G::encryptOld($mtime . $filename) . '"');
|
||||
header("Last-Modified: " . $gmt_mtime);
|
||||
header('Cache-Control: public');
|
||||
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 60 * 10) . " GMT"); // ten
|
||||
@@ -1234,7 +1234,7 @@ class Bootstrap
|
||||
$mtime = date('U');
|
||||
}
|
||||
$gmt_mtime = gmdate("D, d M Y H:i:s", $mtime) . " GMT";
|
||||
header('ETag: "' . md5($mtime . $filename) . '"');
|
||||
header('ETag: "' . G::encryptOld($mtime . $filename) . '"');
|
||||
header("Last-Modified: " . $gmt_mtime);
|
||||
header('Cache-Control: public');
|
||||
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 90 * 60 * 60 * 24) . " GMT");
|
||||
@@ -1246,7 +1246,7 @@ class Bootstrap
|
||||
}
|
||||
|
||||
if (isset($_SERVER ['HTTP_IF_NONE_MATCH'])) {
|
||||
if (str_replace('"', '', stripslashes($_SERVER ['HTTP_IF_NONE_MATCH'])) == md5($mtime . $filename)) {
|
||||
if (str_replace('"', '', stripslashes($_SERVER ['HTTP_IF_NONE_MATCH'])) == G::encryptOld($mtime . $filename)) {
|
||||
header("HTTP/1.1 304 Not Modified");
|
||||
exit();
|
||||
}
|
||||
@@ -1276,7 +1276,7 @@ class Bootstrap
|
||||
$checkSum .= md5_file($file);
|
||||
}
|
||||
}
|
||||
return md5($checkSum . $key);
|
||||
return G::encryptOld($checkSum . $key);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -713,7 +713,7 @@ class zip_file extends archive
|
||||
} elseif ($fp = @fopen( $current['name'], "rb" )) {
|
||||
$temp = fread( $fp, $current['stat'][7] );
|
||||
fclose( $fp );
|
||||
$crc32 = crc32( $temp );
|
||||
$crc32 = G::encryptCrc32( $temp );
|
||||
if (! isset( $current['method'] ) && $this->options['method'] == 1) {
|
||||
$temp = gzcompress( $temp, $this->options['level'] );
|
||||
$size = strlen( $temp ) - 6;
|
||||
|
||||
@@ -5687,7 +5687,7 @@ class Cases
|
||||
{
|
||||
//CASE INSENSITIVE pin
|
||||
$pin = G::toUpper($pin);
|
||||
$pin = md5($pin);
|
||||
$pin = G::encryptOld($pin);
|
||||
|
||||
$oCriteria = new Criteria('workflow');
|
||||
$oCriteria->addSelectColumn(ApplicationPeer::APP_UID);
|
||||
|
||||
@@ -216,7 +216,7 @@ class AddonsManager extends BaseAddonsManager
|
||||
|
||||
///////
|
||||
$boundary = "---------------------" . substr(md5(rand(0, 32000)), 0, 10);
|
||||
$data = null;
|
||||
$data = "";
|
||||
|
||||
for ($i = 0; $i <= count($var) - 1; $i++) {
|
||||
$aux = explode("=", $var[$i]);
|
||||
|
||||
@@ -174,7 +174,7 @@ class caseSchedulerProxy extends HttpProxyController
|
||||
$aData['SCH_UID'] = G::generateUniqueID();
|
||||
$aData['SCH_NAME'] = $params->fDescription; //$_POST['form']['SCH_NAME'];
|
||||
$aData['SCH_DEL_USER_NAME'] = $params->fUser; //$_POST['form']['SCH_USER_NAME'];
|
||||
$aData['SCH_DEL_USER_PASS'] = md5( $params->fPassword );
|
||||
$aData['SCH_DEL_USER_PASS'] = G::encryptOld( $params->fPassword );
|
||||
$aData['SCH_DEL_USER_UID'] = $params->usr_uid; //$_POST['form']['SCH_USER_UID'];
|
||||
$aData['PRO_UID'] = $params->pro_uid; //$_POST['form']['PRO_UID'];
|
||||
$aData['TAS_UID'] = $params->tas_uid; //$_POST['form']['TAS_UID'];
|
||||
|
||||
@@ -40,7 +40,7 @@ foreach ($_POST['aUsers'] as $sUser) {
|
||||
$matches = array ();
|
||||
$aUser = (array) Bootstrap::json_decode( stripslashes( $sUser ) );
|
||||
$aData['USR_USERNAME'] = str_replace( "*", "'", $aUser['sUsername'] );
|
||||
$aData['USR_PASSWORD'] = md5( str_replace( "*", "'", $aUser['sUsername'] ) );
|
||||
$aData['USR_PASSWORD'] = G::encryptOld( str_replace( "*", "'", $aUser['sUsername'] ) );
|
||||
// note added by gustavo gustavo-at-colosa.com
|
||||
// asign the FirstName and LastName variables
|
||||
// add replace to change D*Souza to D'Souza by krlos
|
||||
@@ -72,7 +72,7 @@ foreach ($_POST['aUsers'] as $sUser) {
|
||||
}
|
||||
$aData['USR_STATUS'] = 'ACTIVE';
|
||||
$aData['USR_UID'] = $sUserUID;
|
||||
$aData['USR_PASSWORD'] = md5( $sUserUID ); //fake :p
|
||||
$aData['USR_PASSWORD'] = G::encryptOld( $sUserUID ); //fake :p
|
||||
$aData['USR_ROLE'] = 'PROCESSMAKER_OPERATOR';
|
||||
|
||||
if (count($aAttributes)) {
|
||||
|
||||
@@ -75,7 +75,7 @@ function getProcessList ()
|
||||
if (1) {
|
||||
foreach ($processList as $key => $processInfo) {
|
||||
$tempTree['text'] = $key;
|
||||
$tempTree['id'] = md5($key);
|
||||
$tempTree['id'] = G::encryptOld($key);
|
||||
$tempTree['cls'] = 'folder';
|
||||
$tempTree['draggable'] = true;
|
||||
$tempTree['optionType'] = "category";
|
||||
@@ -92,7 +92,7 @@ function getProcessList ()
|
||||
//print_r($processInfo);
|
||||
$tempTreeChild['text'] = htmlentities($keyChild, ENT_QUOTES, 'UTF-8'); //ellipsis ( $keyChild, 50 );
|
||||
//$tempTree['text']=$key;
|
||||
$tempTreeChild['id'] = md5($keyChild);
|
||||
$tempTreeChild['id'] = G::encryptOld($keyChild);
|
||||
$tempTreeChild['draggable'] = true;
|
||||
$tempTreeChild['leaf'] = true;
|
||||
$tempTreeChild['icon'] = '/images/icon.trigger.png';
|
||||
|
||||
@@ -253,7 +253,7 @@ try {
|
||||
file_put_contents(PATH_DATA_SITE . PATH_SEP . '.server_info', $cput);
|
||||
} else {
|
||||
$c = file_get_contents(PATH_DATA_SITE . PATH_SEP . '.server_info');
|
||||
if (md5($c) != md5($cput)) {
|
||||
if (G::encryptOld($c) != G::encryptOld($cput)) {
|
||||
file_put_contents(PATH_DATA_SITE . PATH_SEP . '.server_info', $cput);
|
||||
}
|
||||
}
|
||||
@@ -286,7 +286,7 @@ try {
|
||||
die();
|
||||
}
|
||||
|
||||
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($_SESSION['USER_LOGGED'], array('USR_PASSWORD_HISTORY' => serialize(array(md5($pwd)))));
|
||||
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($_SESSION['USER_LOGGED'], array('USR_PASSWORD_HISTORY' => serialize(array(G::encryptOld($pwd)))));
|
||||
$aErrors = $oUserProperty->validatePassword($_POST['form']['USR_PASSWORD'], $aUserProperty['USR_LAST_UPDATE_DATE'], $aUserProperty['USR_LOGGED_NEXT_TIME'], true);
|
||||
|
||||
if (!empty($aErrors) && in_array("ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN", $aErrors)) {
|
||||
|
||||
Reference in New Issue
Block a user