Context Navigation

← Previous Changeset
Next Changeset →

Changeset 1250763

Timestamp:

09/21/2015 11:52:36 PM (10 years ago)

Author:

avdude

Message:

Fixed security bug in attendee ID transmitted in URL on confirmation page

File:

: 1 edited

event-registration/trunk/public/evr_public-process_confirmation.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

event-registration/trunk/public/evr_public-process_confirmation.php

-                      r1149350
+                      r1250763
+    }
     #Now that the attendee record has been posted and we have id, redirect to confirmation page.
+    $url_to_goto = evr_permalink($company_options['evr_page_id']).'action=show_confirm_mess&event_id='.$passed_event_id.'&amp;reg_id='.$reg_id;
+    echo '<meta http-equiv="refresh" content="0;url='.$url_to_goto .'" />';
+    $urlData = new EVR_encryption();
+    $url_id = $urlData->encode($reg_id);
+     $url_to_goto = evr_permalink($company_options['evr_page_id']).'action=show_confirm_mess&event_id='.$passed_event_id.'&amp;reg_id='.$url_id;
+    //$url_to_goto = evr_permalink($company_options['evr_page_id']).'action=show_confirm_mess&event_id='.$passed_event_id.'&amp;reg_id='.$reg_id;
+       echo '<meta http-equiv="refresh" content="0;url='.$url_to_goto .'" />';
+}
+class EVR_encryption {
+    var $skey   = "asp"; // you can change it
+    public  function safe_b64encode($string) {
+        $data = base64_encode($string);
+        $data = str_replace(array('+','/','='),array('-','_',''),$data);
+        return $data;
+    }
+    public function safe_b64decode($string) {
+        $data = str_replace(array('-','_'),array('+','/'),$string);
+        $mod4 = strlen($data) % 4;
+        if ($mod4) {
+            $data .= substr('====', $mod4);
+        }
+        return base64_decode($data);
+    }
+    public  function encode($value){
+        if(!$value){return false;}
+        $text = $value;
+        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
+        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
+        $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $this->skey, $text, MCRYPT_MODE_ECB, $iv);
+        return trim($this->safe_b64encode($crypttext));
+    }
+    public function decode($value){
+        if(!$value){return false;}
+        $crypttext = $this->safe_b64decode($value);
+        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
+        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
+        $decrypttext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $this->skey, $crypttext, MCRYPT_MODE_ECB, $iv);
+        return trim($decrypttext);
+    }
+}
 function evr_show_confirmation()
+{
     global $wpdb, $company_options;
    // $company_options = get_option('evr_company_settings');
+    if (is_numeric($_REQUEST['event_id'])){ $event_id = (int)$_REQUEST['event_id']; }
+    if (is_numeric($_REQUEST['reg_id'])){ $reg_id = (int)$_REQUEST['reg_id'];}
+    $urlData = new EVR_encryption();
+    $url_id = $urlData->decode($_REQUEST['reg_id']);
+       if (is_numeric($_REQUEST['event_id'])){ $event_id = (int)$_REQUEST['event_id']; }
+    //if (is_numeric($_REQUEST['reg_id'])){ $reg_id = (int)$_REQUEST['reg_id'];}
+    if (is_numeric($url_id)){ $reg_id = (int)$url_id;}
+    #
     if (isset($company_options['info_recieved']) && ($company_options['info_recieved'] !='')){

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory

Context Navigation

Changeset 1250763

Legend:

event-registration/trunk/public/evr_public-process_confirmation.php

Download in other formats: