Changeset 3149056
- Timestamp:
- 09/10/2024 08:12:19 AM (19 months ago)
- Location:
- prosolution-wp-client/trunk
- Files:
-
- 9 edited
-
README.txt (modified) (1 diff)
-
includes/class-prosolwpclient-helper.php (modified) (2 diffs)
-
includes/class-prosolwpclient-i18n.php (modified) (1 diff)
-
includes/class-prosolwpclient-table-helper.php (modified) (1 diff)
-
includes/class-prosolwpclient-uninstall.php (modified) (1 diff)
-
includes/class-setting.php (modified) (1 diff)
-
prosolwpclient.php (modified) (7 diffs)
-
public/class-prosolwpclient-public.php (modified) (1 diff)
-
public/templates/prosolwpclientjobsearchform.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
prosolution-wp-client/trunk/README.txt
r3143474 r3149056 66 66 67 67 == Changelog == 68 69 = 1.9.5 = 70 * UPDATE: 71 - add new encryption method for API pass 68 72 69 73 = 1.9.4 = -
prosolution-wp-client/trunk/includes/class-prosolwpclient-helper.php
r3143474 r3149056 78 78 $api_user = array_key_exists( $issite.'api_user', $prosolwpclient_api_config ) ? sanitize_text_field( $prosolwpclient_api_config[$issite.'api_user'] ) : ''; 79 79 //$api_pass = array_key_exists( 'api_pass', $prosolwpclient_api_config ) ? sanitize_text_field( base64_decode($prosolwpclient_api_config['api_pass'] )) : ''; 80 $api_pass = array_key_exists( $issite.'api_pass', $prosolwpclient_api_config ) ? crypt_custom($prosolwpclient_api_config[$issite.'api_pass'], 'd' ) : ''; 80 if(get_option('prosolwpclient_isnewapi') == 2){ 81 $api_pass = array_key_exists( $issite.'api_pass', $prosolwpclient_api_config ) ? crypt_customv2($prosolwpclient_api_config[$issite.'api_pass'], 'd' ) : ''; 82 }else{ 83 $api_pass = array_key_exists( $issite.'api_pass', $prosolwpclient_api_config ) ? crypt_custom($prosolwpclient_api_config[$issite.'api_pass'], 'd' ) : ''; 84 } 81 85 $api_url = array_key_exists( $issite.'api_url', $prosolwpclient_api_config ) ? esc_url( $prosolwpclient_api_config[$issite.'api_url'] ) : ''; 82 86 //$pass = base64_decode($api_pass); … … 97 101 $api_user = array_key_exists( $issite.'api_user', $prosolwpclient_api_config ) ? sanitize_text_field( $prosolwpclient_api_config[$issite.'api_user'] ) : ''; 98 102 //$api_pass = array_key_exists( 'api_pass', $prosolwpclient_api_config ) ? sanitize_text_field(base64_decode($prosolwpclient_api_config['api_pass'] )) : ''; 99 $api_pass = array_key_exists( $issite.'api_pass', $prosolwpclient_api_config ) ? crypt_custom($prosolwpclient_api_config[$issite.'api_pass'], 'd' ) : ''; 103 if(get_option('prosolwpclient_isnewapi') == 2){ 104 $api_pass = array_key_exists( $issite.'api_pass', $prosolwpclient_api_config ) ? crypt_customv2($prosolwpclient_api_config[$issite.'api_pass'], 'd' ) : ''; 105 }else{ 106 $api_pass = array_key_exists( $issite.'api_pass', $prosolwpclient_api_config ) ? crypt_custom($prosolwpclient_api_config[$issite.'api_pass'], 'd' ) : ''; 107 } 100 108 $api_url = array_key_exists( $issite.'api_url', $prosolwpclient_api_config ) ? esc_url( $prosolwpclient_api_config[$issite.'api_url'] ) : ''; 101 109 -
prosolution-wp-client/trunk/includes/class-prosolwpclient-i18n.php
r1993428 r3149056 43 43 public function proSol_loadPluginTextdomain() 44 44 { 45 46 45 load_plugin_textdomain_custom( 47 46 'prosolwpclient', -
prosolution-wp-client/trunk/includes/class-prosolwpclient-table-helper.php
r3143474 r3149056 24 24 $api_user = array_key_exists( $issite.'api_user', $prosolwpclient_api_config ) ? $prosolwpclient_api_config[$issite.'api_user'] : ''; 25 25 //$api_pass = array_key_exists( 'api_pass', $prosolwpclient_api_config ) ? base64_decode($prosolwpclient_api_config['api_pass']) : ''; 26 $api_pass = array_key_exists( $issite.'api_pass', $prosolwpclient_api_config ) ? crypt_custom($prosolwpclient_api_config[$issite.'api_pass'], 'd' ) : ''; 26 if(get_option('prosolwpclient_isnewapi') == 2){ 27 $api_pass = array_key_exists( $issite.'api_pass', $prosolwpclient_api_config ) ? crypt_customv2($prosolwpclient_api_config[$issite.'api_pass'], 'd' ) : ''; 28 }else{ 29 $api_pass = array_key_exists( $issite.'api_pass', $prosolwpclient_api_config ) ? crypt_custom($prosolwpclient_api_config[$issite.'api_pass'], 'd' ) : ''; 30 } 27 31 $api_url = array_key_exists( $issite.'api_url', $prosolwpclient_api_config ) ? rtrim( esc_url( $prosolwpclient_api_config[$issite.'api_url'] ), '/' ) . '/go/api/' : ''; 28 32 -
prosolution-wp-client/trunk/includes/class-prosolwpclient-uninstall.php
r3143474 r3149056 48 48 $delete_global_config = $settings->proSol_get_option( 'delete_global_config', 'prosolwpclient_tools', 'yes' ); 49 49 50 $wpdb->query( "DELETE FROM {$wpdb->prefix}options WHERE option_name IN ('prosolwpclient_isnewapi', 'prosolwpclient_encryptionkey')" ); 51 50 52 if ( $delete_global_config == 'yes' ) 51 53 { -
prosolution-wp-client/trunk/includes/class-setting.php
r3143474 r3149056 129 129 $api_confog_arr[$issite.'api_url'] = $section_default_value[$issite.'api_url']; 130 130 $api_confog_arr[$issite.'api_user'] = $section_default_value[$issite.'api_user']; 131 $api_confog_arr[$issite.'api_pass'] = crypt_custom($section_default_value[$issite.'api_pass'],'e'); 131 if(get_option('prosolwpclient_isnewapi') == 2){ 132 $api_confog_arr[$issite.'api_pass'] = crypt_customv2($section_default_value[$issite.'api_pass'],'e'); 133 }else{ 134 $api_confog_arr[$issite.'api_pass'] = crypt_custom($section_default_value[$issite.'api_pass'],'e'); 135 } 132 136 }else{ 133 137 $api_confog_arr[$issite.'api_url'] = $section_default_value[$issite.'api_url']; -
prosolution-wp-client/trunk/prosolwpclient.php
r3143474 r3149056 17 17 * Plugin URI: https://prosolution.com/produkte-und-services/workexpert.html 18 18 * Description: WordPress client for ProSolution 19 * Version: 1.9. 419 * Version: 1.9.5 20 20 * Author: ProSolution 21 21 * Author URI: https://www.prosolution.com … … 42 42 43 43 defined('PROSOLWPCLIENT_PLUGIN_NAME') or define('PROSOLWPCLIENT_PLUGIN_NAME', 'prosolwpclient'); 44 defined('PROSOLWPCLIENT_PLUGIN_VERSION') or define('PROSOLWPCLIENT_PLUGIN_VERSION', '1.9. 4');44 defined('PROSOLWPCLIENT_PLUGIN_VERSION') or define('PROSOLWPCLIENT_PLUGIN_VERSION', '1.9.5'); 45 45 defined('PROSOLWPCLIENT_BASE_NAME') or define('PROSOLWPCLIENT_BASE_NAME', plugin_basename(__FILE__)); 46 46 defined('PROSOLWPCLIENT_ROOT_PATH') or define('PROSOLWPCLIENT_ROOT_PATH', plugin_dir_path(__FILE__)); … … 91 91 // Use php_uname() as the encryption key 92 92 $encryption_key = openssl_digest(php_uname(), 'MD5', TRUE); 93 94 93 if( $action == 'e' ) { 95 94 $output = str_replace(['+', '/', '='], ['-', '_', ''],base64_encode(openssl_encrypt($string, $ciphering, … … 102 101 return $output; 103 102 } 103 104 function crypt_customv2( $string, $action = 'e' ) { 105 $output = false; 106 $ciphering = "AES-256-CBC"; 107 $options = 0; 108 109 $file_dir = __DIR__; 110 $file_path = $file_dir . '/vector.txt'; // Path to the txt file 111 if (file_exists($file_path)) { 112 // Open the file for reading 113 $file_txt = fopen($file_path, 'r'); 114 if ($file_txt) { 115 // Read the file content 116 $file_content = fread($file_txt, filesize($file_path)); 117 fclose($file_txt); // Close the file 118 } else { 119 error_log('Failed to open vector.');die(); 120 } 121 } else { 122 error_log("Vector doesn't exists.");die(); 123 } 124 125 $encryption_iv = $file_content; 126 $encryption_key = get_option('prosolwpclient_encryptionkey'); 127 128 if( $action == 'e' ) { 129 $output = str_replace(['+', '/', '='], ['-', '_', ''],base64_encode(openssl_encrypt($string, $ciphering, 130 $encryption_key, $options, $encryption_iv))); 131 } 132 else if( $action == 'd' ){ 133 $output = openssl_decrypt( base64_decode(str_replace(['-', '_'], ['+', '/'], $string)) , $ciphering,$encryption_key, $options, $encryption_iv); 134 } 135 return $output; 136 } 137 104 138 function randomstring($len) 105 139 { … … 303 337 } 304 338 339 if (false == get_option('prosolwpclient_encryptionkey') || 0 == get_option('prosolwpclient_encryptionkey') ) { 340 update_option( 'prosolwpclient_encryptionkey', bin2hex(random_bytes(16)) ); 341 342 $vectorkey = bin2hex(random_bytes(16)); 343 $plugin_dir = __DIR__; // Current directory where the script is run 344 $readme_path = $plugin_dir . '/vector.txt'; 345 if (! file_put_contents($readme_path, $vectorkey)) { 346 error_log('Failed to generate vector.');die(); 347 } 348 } 349 305 350 //NOTE: this is to change api password with new encryption key for already existing installation 306 if ( false == get_option('prosolwpclient_isnewapi') || 0 == get_option('prosolwpclient_isnewapi') ) { 351 if( 352 false == get_option('prosolwpclient_isnewapi') || 353 get_option('prosolwpclient_isnewapi') !== false && (get_option('prosolwpclient_isnewapi') == 0 || get_option('prosolwpclient_isnewapi') == 1) 354 ){ 307 355 $old_apiconfig_arr = get_option('prosolwpclient_api_config'); 308 356 $new_apiconfig_arr=array(); … … 312 360 $issite= $x==0 ? '' : 'site'.$x.'_'; 313 361 if(array_key_exists($issite.'api_pass', $old_apiconfig_arr)){ 362 314 363 if($old_apiconfig_arr[$issite.'api_pass'] != ''){ 315 364 $new_apiconfig_arr[$issite.'api_url'] = $old_apiconfig_arr[$issite.'api_url']; 316 365 $new_apiconfig_arr[$issite.'api_user'] = $old_apiconfig_arr[$issite.'api_user']; 317 366 318 $oldapipass = crypt_custom_old($old_apiconfig_arr[$issite.'api_pass'],'d'); 367 if(false == get_option('prosolwpclient_isnewapi') || get_option('prosolwpclient_isnewapi') !== false && get_option('prosolwpclient_isnewapi') == 0 ){ 368 $oldapipass = crypt_custom_old($old_apiconfig_arr[$issite.'api_pass'],'d'); 319 369 320 $new_apiconfig_arr[$issite.'api_pass'] = crypt_custom($oldapipass, 'e'); 370 $new_apiconfig_arr[$issite.'api_pass'] = crypt_customv2($oldapipass, 'e'); 371 }elseif(get_option('prosolwpclient_isnewapi') !== false && get_option('prosolwpclient_isnewapi') == 1 ){ 372 $oldapipass = crypt_custom($old_apiconfig_arr[$issite.'api_pass'],'d'); 373 374 $new_apiconfig_arr[$issite.'api_pass'] = crypt_customv2($oldapipass, 'e'); 375 } 376 321 377 }else{ 322 378 $new_apiconfig_arr[$issite.'api_url'] = $old_apiconfig_arr[$issite.'api_url']; … … 328 384 } 329 385 } 330 update_option( 'prosolwpclient_isnewapi', 1);386 update_option( 'prosolwpclient_isnewapi', 2 ); 331 387 } 332 388 -
prosolution-wp-client/trunk/public/class-prosolwpclient-public.php
r3059488 r3149056 68 68 public function proSol_autoSync() { 69 69 //siteurl?prosolwpclientsync=na7wg36kqx42huc5 70 if (false == get_option('prosolwpclient_encryptionkey') || 0 == get_option('prosolwpclient_encryptionkey') ) { 71 update_option( 'prosolwpclient_encryptionkey', bin2hex(random_bytes(16)) ); 72 73 $vectorkey = bin2hex(random_bytes(16)); 74 $plugin_dir = __DIR__; // Current directory where the script is run 75 $readme_path = $plugin_dir . '/../vector.txt'; 76 if (! file_put_contents($readme_path, $vectorkey)) { 77 error_log('Failed to generate vector.');die(); 78 } 79 } 80 81 //NOTE: this is to change api password with new encryption key for already existing installation 82 if( 83 false == get_option('prosolwpclient_isnewapi') || 84 get_option('prosolwpclient_isnewapi') !== false && (get_option('prosolwpclient_isnewapi') == 0 || get_option('prosolwpclient_isnewapi') == 1) 85 ){ 86 $old_apiconfig_arr = get_option('prosolwpclient_api_config'); 87 $new_apiconfig_arr=array(); 88 $validsite=intval(get_option('prosolwpclient_additionalsite')['valids']); 89 if(false != get_option('prosolwpclient_additionalsite')){ 90 for($x=0;$x<=$validsite;$x++){ 91 $issite= $x==0 ? '' : 'site'.$x.'_'; 92 if(array_key_exists($issite.'api_pass', $old_apiconfig_arr)){ 93 94 if($old_apiconfig_arr[$issite.'api_pass'] != ''){ 95 $new_apiconfig_arr[$issite.'api_url'] = $old_apiconfig_arr[$issite.'api_url']; 96 $new_apiconfig_arr[$issite.'api_user'] = $old_apiconfig_arr[$issite.'api_user']; 97 98 if(false == get_option('prosolwpclient_isnewapi') || get_option('prosolwpclient_isnewapi') !== false && get_option('prosolwpclient_isnewapi') == 0 ){ 99 $oldapipass = crypt_custom_old($old_apiconfig_arr[$issite.'api_pass'],'d'); 100 101 $new_apiconfig_arr[$issite.'api_pass'] = crypt_customv2($oldapipass, 'e'); 102 }elseif(get_option('prosolwpclient_isnewapi') !== false && get_option('prosolwpclient_isnewapi') == 1 ){ 103 $oldapipass = crypt_custom($old_apiconfig_arr[$issite.'api_pass'],'d'); 104 105 $new_apiconfig_arr[$issite.'api_pass'] = crypt_customv2($oldapipass, 'e'); 106 } 107 108 }else{ 109 $new_apiconfig_arr[$issite.'api_url'] = $old_apiconfig_arr[$issite.'api_url']; 110 $new_apiconfig_arr[$issite.'api_user'] = $old_apiconfig_arr[$issite.'api_user']; 111 $new_apiconfig_arr[$issite.'api_pass'] = $old_apiconfig_arr[$issite.'api_pass']; 112 } 113 update_option( 'prosolwpclient_api_config', $new_apiconfig_arr ); 114 } 115 } 116 } 117 update_option( 'prosolwpclient_isnewapi', 2 ); 118 } 119 70 120 $prosolwpclientsync = isset( $_GET['prosolwpclientsync'] ) ? $_GET['prosolwpclientsync'] : ''; 71 121 if ( $prosolwpclientsync != '' ) { -
prosolution-wp-client/trunk/public/templates/prosolwpclientjobsearchform.php
r3143474 r3149056 545 545 } 546 546 } else if( $ressearch==0 && isset($_GET['searchlist']) ){ //back from jobdetails 547 $decrypt_searchres= crypt_custom(strval($_GET['searchlist']),'d');547 $decrypt_searchres= (get_option('prosolwpclient_isnewapi') == 2) ? crypt_customv2(strval($_GET['searchlist']),'d') : crypt_custom(strval($_GET['searchlist']),'d'); 548 548 $indexshowlist_arr=explode(",", $decrypt_searchres); 549 549 $indexshowlist=$decrypt_searchres; … … 553 553 <!-- show list --> 554 554 <?php 555 $searchres= crypt_custom(strval($indexshowlist),'e');555 $searchres= (get_option('prosolwpclient_isnewapi') == 2) ? crypt_customv2(strval($indexshowlist),'e') : crypt_custom(strval($indexshowlist),'e'); 556 556 if($indexshowlist != ""){ 557 557 // 1.7.8, add pagination
Note: See TracChangeset
for help on using the changeset viewer.