eventespresso / event-espresso-core

core/services/encryption/Base64Encoder.php

Indentation +144 added lines, -144 removed lines

@@ -15,148 +15,148 @@
 class Base64Encoder
 {
 
-    /**
-     * @var boolean
-     */
-    protected $use_base64_encode;
-
-
-    public function __construct()
-    {
-        $this->use_base64_encode = function_exists('base64_encode');
-    }
-
-
-    /**
-     * encodes string with PHP's base64 encoding
-     *
-     * @see http://php.net/manual/en/function.base64-encode.php
-     * @param string $text_string the text to be encoded
-     * @return string
-     */
-    public function encodeString($text_string = '')
-    {
-        // you give me nothing??? GET OUT !
-        if (empty($text_string) || ! $this->use_base64_encode) {
-            return $text_string;
-        }
-        // encode
-        return base64_encode($text_string);
-    }
-
-
-    /**
-     * decodes string that has been encoded with PHP's base64 encoding
-     *
-     * @see http://php.net/manual/en/function.base64-encode.php
-     * @param string $encoded_string the text to be decoded
-     * @return string
-     * @throws RuntimeException
-     */
-    public function decodeString($encoded_string = '')
-    {
-        // you give me nothing??? GET OUT !
-        if (empty($encoded_string)) {
-            return $encoded_string;
-        }
-        $this->isValidBase64OrFail($encoded_string);
-        return $this->decode($encoded_string);
-    }
-
-
-    /**
-     * @param string $encoded_string the text to be decoded
-     * @return string
-     * @throws RuntimeException
-     */
-    private function decode($encoded_string)
-    {
-        $decoded_string = base64_decode($encoded_string);
-        if ($decoded_string === false) {
-            throw new RuntimeException(
-                esc_html__('Base 64 decoding failed.', 'event_espresso')
-            );
-        }
-        return $decoded_string;
-    }
-
-
-    /**
-     * encodes  url string with PHP's base64 encoding
-     *
-     * @see http://php.net/manual/en/function.base64-encode.php
-     * @param string $text_string the text to be encoded
-     * @return string
-     */
-    public function encodeUrl($text_string = '')
-    {
-        // you give me nothing??? GET OUT !
-        if (empty($text_string) || ! $this->use_base64_encode) {
-            return $text_string;
-        }
-        // encode
-        $encoded_string = base64_encode($text_string);
-        // remove some chars to make encoding more URL friendly
-        return rtrim(strtr($encoded_string, '+/', '-_'), '=');
-    }
-
-
-    /**
-     * decodes  url string that has been encoded with PHP's base64 encoding
-     *
-     * @see http://php.net/manual/en/function.base64-encode.php
-     * @param string $encoded_string the text to be decoded
-     * @return string
-     * @throws RuntimeException
-     */
-    public function decodeUrl($encoded_string = '')
-    {
-        // you give me nothing??? GET OUT !
-        if (empty($encoded_string)) {
-            return $encoded_string;
-        }
-        // replace previously removed characters
-        $encoded_string = strtr($encoded_string, '-_', '+/');
-        $encoded_string .= str_repeat('=', 3 - (3 + strlen($encoded_string)) % 4);
-        $this->isValidBase64OrFail($encoded_string);
-        return $this->decode($encoded_string);
-    }
-
-
-    /**
-     * @param string $encoded_string the text to be decoded
-     * @throws RuntimeException
-     */
-    public function isValidBase64OrFail($encoded_string)
-    {
-        if (! $this->isValidBase64($encoded_string)) {
-            throw new RuntimeException(
-                esc_html__(
-                    'Base 64 decoding failed because the supplied string is not valid or was not base64 encoded.',
-                    'event_espresso'
-                )
-            );
-        }
-    }
-
-
-    /**
-     * @see https://stackoverflow.com/a/51877882
-     * @param $string
-     * @return bool
-     */
-    public function isValidBase64($string)
-    {
-        // ensure data is a string
-        if (! is_string($string) || ! $this->use_base64_encode) {
-            return false;
-        }
-        // first check if we're dealing with an actual valid base64 encoded string
-        $decoded = base64_decode($string, true);
-        if ($decoded === false) {
-            return false;
-        }
-        // finally, re-encode and compare it to original one
-        return base64_encode($decoded) === $string;
-    }
+	/**
+	 * @var boolean
+	 */
+	protected $use_base64_encode;
+
+
+	public function __construct()
+	{
+		$this->use_base64_encode = function_exists('base64_encode');
+	}
+
+
+	/**
+	 * encodes string with PHP's base64 encoding
+	 *
+	 * @see http://php.net/manual/en/function.base64-encode.php
+	 * @param string $text_string the text to be encoded
+	 * @return string
+	 */
+	public function encodeString($text_string = '')
+	{
+		// you give me nothing??? GET OUT !
+		if (empty($text_string) || ! $this->use_base64_encode) {
+			return $text_string;
+		}
+		// encode
+		return base64_encode($text_string);
+	}
+
+
+	/**
+	 * decodes string that has been encoded with PHP's base64 encoding
+	 *
+	 * @see http://php.net/manual/en/function.base64-encode.php
+	 * @param string $encoded_string the text to be decoded
+	 * @return string
+	 * @throws RuntimeException
+	 */
+	public function decodeString($encoded_string = '')
+	{
+		// you give me nothing??? GET OUT !
+		if (empty($encoded_string)) {
+			return $encoded_string;
+		}
+		$this->isValidBase64OrFail($encoded_string);
+		return $this->decode($encoded_string);
+	}
+
+
+	/**
+	 * @param string $encoded_string the text to be decoded
+	 * @return string
+	 * @throws RuntimeException
+	 */
+	private function decode($encoded_string)
+	{
+		$decoded_string = base64_decode($encoded_string);
+		if ($decoded_string === false) {
+			throw new RuntimeException(
+				esc_html__('Base 64 decoding failed.', 'event_espresso')
+			);
+		}
+		return $decoded_string;
+	}
+
+
+	/**
+	 * encodes  url string with PHP's base64 encoding
+	 *
+	 * @see http://php.net/manual/en/function.base64-encode.php
+	 * @param string $text_string the text to be encoded
+	 * @return string
+	 */
+	public function encodeUrl($text_string = '')
+	{
+		// you give me nothing??? GET OUT !
+		if (empty($text_string) || ! $this->use_base64_encode) {
+			return $text_string;
+		}
+		// encode
+		$encoded_string = base64_encode($text_string);
+		// remove some chars to make encoding more URL friendly
+		return rtrim(strtr($encoded_string, '+/', '-_'), '=');
+	}
+
+
+	/**
+	 * decodes  url string that has been encoded with PHP's base64 encoding
+	 *
+	 * @see http://php.net/manual/en/function.base64-encode.php
+	 * @param string $encoded_string the text to be decoded
+	 * @return string
+	 * @throws RuntimeException
+	 */
+	public function decodeUrl($encoded_string = '')
+	{
+		// you give me nothing??? GET OUT !
+		if (empty($encoded_string)) {
+			return $encoded_string;
+		}
+		// replace previously removed characters
+		$encoded_string = strtr($encoded_string, '-_', '+/');
+		$encoded_string .= str_repeat('=', 3 - (3 + strlen($encoded_string)) % 4);
+		$this->isValidBase64OrFail($encoded_string);
+		return $this->decode($encoded_string);
+	}
+
+
+	/**
+	 * @param string $encoded_string the text to be decoded
+	 * @throws RuntimeException
+	 */
+	public function isValidBase64OrFail($encoded_string)
+	{
+		if (! $this->isValidBase64($encoded_string)) {
+			throw new RuntimeException(
+				esc_html__(
+					'Base 64 decoding failed because the supplied string is not valid or was not base64 encoded.',
+					'event_espresso'
+				)
+			);
+		}
+	}
+
+
+	/**
+	 * @see https://stackoverflow.com/a/51877882
+	 * @param $string
+	 * @return bool
+	 */
+	public function isValidBase64($string)
+	{
+		// ensure data is a string
+		if (! is_string($string) || ! $this->use_base64_encode) {
+			return false;
+		}
+		// first check if we're dealing with an actual valid base64 encoded string
+		$decoded = base64_decode($string, true);
+		if ($decoded === false) {
+			return false;
+		}
+		// finally, re-encode and compare it to original one
+		return base64_encode($decoded) === $string;
+	}
 }

Spacing +2 added lines, -2 removed lines

@@ -129,7 +129,7 @@ 
      */
     public function isValidBase64OrFail($encoded_string)
     {
-        if (! $this->isValidBase64($encoded_string)) {
+        if ( ! $this->isValidBase64($encoded_string)) {
             throw new RuntimeException(
                 esc_html__(
                     'Base 64 decoding failed because the supplied string is not valid or was not base64 encoded.',
@@ -148,7 +148,7 @@ 
     public function isValidBase64($string)
     {
         // ensure data is a string
-        if (! is_string($string) || ! $this->use_base64_encode) {
+        if ( ! is_string($string) || ! $this->use_base64_encode) {
             return false;
         }
         // first check if we're dealing with an actual valid base64 encoded string

core/EE_Encryption.core.php

Spacing +13 added lines, -13 removed lines

@@ -103,7 +103,7 @@ 
      */
     protected function __construct()
     {
-        if (! defined('ESPRESSO_ENCRYPT')) {
+        if ( ! defined('ESPRESSO_ENCRYPT')) {
             define('ESPRESSO_ENCRYPT', true);
         }
         if (extension_loaded('openssl')) {
@@ -125,7 +125,7 @@ 
     public static function instance()
     {
         // check if class object is instantiated
-        if (! EE_Encryption::$_instance instanceof EE_Encryption) {
+        if ( ! EE_Encryption::$_instance instanceof EE_Encryption) {
             EE_Encryption::$_instance = new self();
         }
         return EE_Encryption::$_instance;
@@ -332,7 +332,7 @@ 
             $iv
         );
         // append the initialization vector
-        $encrypted_text .= EE_Encryption::OPENSSL_IV_DELIMITER . $iv;
+        $encrypted_text .= EE_Encryption::OPENSSL_IV_DELIMITER.$iv;
         // trim and maybe encode
         return $this->_use_base64_encode
             ? trim(base64_encode($encrypted_text))
@@ -515,7 +515,7 @@ 
         if (empty($text_string)) {
             return $text_string;
         }
-        $key_bits    = str_split(
+        $key_bits = str_split(
             str_pad(
                 '',
                 strlen($text_string),
@@ -525,8 +525,8 @@ 
         );
         $string_bits = str_split($text_string);
         foreach ($string_bits as $k => $v) {
-            $temp              = ord($v) + ord($key_bits[ $k ]);
-            $string_bits[ $k ] = chr($temp > 255 ? ($temp - 256) : $temp);
+            $temp              = ord($v) + ord($key_bits[$k]);
+            $string_bits[$k] = chr($temp > 255 ? ($temp - 256) : $temp);
         }
         $encrypted_text = implode('', $string_bits);
         $encrypted_text .= EE_Encryption::ACME_ENCRYPTION_FLAG;
@@ -568,10 +568,10 @@ 
                 STR_PAD_RIGHT
             )
         );
-        $string_bits    = str_split($encrypted_text);
+        $string_bits = str_split($encrypted_text);
         foreach ($string_bits as $k => $v) {
-            $temp              = ord($v) - ord($key_bits[ $k ]);
-            $string_bits[ $k ] = chr($temp < 0 ? ($temp + 256) : $temp);
+            $temp              = ord($v) - ord($key_bits[$k]);
+            $string_bits[$k] = chr($temp < 0 ? ($temp + 256) : $temp);
         }
         return implode('', $string_bits);
     }
@@ -585,16 +585,16 @@ 
     protected function valid_base_64($string)
     {
         // ensure data is a string
-        if (! is_string($string) || ! $this->_use_base64_encode) {
+        if ( ! is_string($string) || ! $this->_use_base64_encode) {
             return false;
         }
         $decoded = base64_decode($string, true);
         // Check if there is no invalid character in string
-        if (! preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $string)) {
+        if ( ! preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $string)) {
             return false;
         }
         // Decode the string in strict mode and send the response
-        if (! base64_decode($string, true)) {
+        if ( ! base64_decode($string, true)) {
             return false;
         }
         // Encode and compare it to original one
@@ -614,7 +614,7 @@ 
         $iterations    = ceil($length / 40);
         $random_string = '';
         for ($i = 0; $i < $iterations; $i++) {
-            $random_string .= sha1(microtime(true) . mt_rand(10000, 90000));
+            $random_string .= sha1(microtime(true).mt_rand(10000, 90000));
         }
         $random_string = substr($random_string, 0, $length);
         return $random_string;

Indentation +672 added lines, -672 removed lines

@@ -40,676 +40,676 @@
 class EE_Encryption implements InterminableInterface
 {
 
-    /**
-     * key used for saving the encryption key to the wp_options table
-     */
-    const ENCRYPTION_OPTION_KEY = 'ee_encryption_key';
-
-    /**
-     * the OPENSSL cipher method used
-     */
-    const OPENSSL_CIPHER_METHOD = 'AES-128-CBC';
-
-    /**
-     * WP "options_name" used to store a verified available cipher method
-     */
-    const OPENSSL_CIPHER_METHOD_OPTION_NAME = 'ee_openssl_cipher_method';
-
-    /**
-     * the OPENSSL digest method used
-     */
-    const OPENSSL_DIGEST_METHOD = 'sha512';
-
-    /**
-     * separates the encrypted text from the initialization vector
-     */
-    const OPENSSL_IV_DELIMITER = ':iv:';
-
-    /**
-     * appended to text encrypted using the acme encryption
-     */
-    const ACME_ENCRYPTION_FLAG = '::ae';
-
-
-    /**
-     * instance of the EE_Encryption object
-     */
-    protected static $_instance;
-
-    /**
-     * @var string $_encryption_key
-     */
-    protected $_encryption_key;
-
-    /**
-     * @var string $cipher_method
-     */
-    private $cipher_method = '';
-
-    /**
-     * @var array $cipher_methods
-     */
-    private $cipher_methods = [];
-
-    /**
-     * @var array $digest_methods
-     */
-    private $digest_methods = [];
-
-    /**
-     * @var boolean $_use_openssl_encrypt
-     */
-    protected $_use_openssl_encrypt = false;
-
-    /**
-     * @var boolean $_use_mcrypt
-     */
-    protected $_use_mcrypt = false;
-
-    /**
-     * @var boolean $_use_base64_encode
-     */
-    protected $_use_base64_encode = false;
-
-
-    /**
-     * protected constructor to prevent direct creation
-     */
-    protected function __construct()
-    {
-        if (! defined('ESPRESSO_ENCRYPT')) {
-            define('ESPRESSO_ENCRYPT', true);
-        }
-        if (extension_loaded('openssl')) {
-            $this->_use_openssl_encrypt = true;
-        } elseif (extension_loaded('mcrypt')) {
-            $this->_use_mcrypt = true;
-        }
-        if (function_exists('base64_encode')) {
-            $this->_use_base64_encode = true;
-        }
-    }
-
-
-    /**
-     * singleton method used to instantiate class object
-     *
-     * @return EE_Encryption
-     */
-    public static function instance()
-    {
-        // check if class object is instantiated
-        if (! EE_Encryption::$_instance instanceof EE_Encryption) {
-            EE_Encryption::$_instance = new self();
-        }
-        return EE_Encryption::$_instance;
-    }
-
-
-    /**
-     * get encryption key
-     *
-     * @return string
-     */
-    public function get_encryption_key()
-    {
-        // if encryption key has not been set
-        if (empty($this->_encryption_key)) {
-            // retrieve encryption_key from db
-            $this->_encryption_key = get_option(EE_Encryption::ENCRYPTION_OPTION_KEY, '');
-            // WHAT?? No encryption_key in the db ??
-            if ($this->_encryption_key === '') {
-                // let's make one. And md5 it to make it just the right size for a key
-                $new_key = md5($this->generate_random_string());
-                // now save it to the db for later
-                add_option(EE_Encryption::ENCRYPTION_OPTION_KEY, $new_key);
-                // here's the key - FINALLY !
-                $this->_encryption_key = $new_key;
-            }
-        }
-        return $this->_encryption_key;
-    }
-
-
-    /**
-     * encrypts data
-     *
-     * @param string $text_string - the text to be encrypted
-     * @return string
-     * @throws RuntimeException
-     */
-    public function encrypt($text_string = '')
-    {
-        // you give me nothing??? GET OUT !
-        if (empty($text_string)) {
-            return $text_string;
-        }
-        if ($this->_use_openssl_encrypt) {
-            $encrypted_text = $this->openssl_encrypt($text_string);
-        } else {
-            $encrypted_text = $this->acme_encrypt($text_string);
-        }
-        return $encrypted_text;
-    }
-
-
-    /**
-     * decrypts data
-     *
-     * @param string $encrypted_text - the text to be decrypted
-     * @return string
-     * @throws RuntimeException
-     */
-    public function decrypt($encrypted_text = '')
-    {
-        // you give me nothing??? GET OUT !
-        if (empty($encrypted_text)) {
-            return $encrypted_text;
-        }
-        // if PHP's mcrypt functions are installed then we'll use them
-        if ($this->_use_openssl_encrypt) {
-            $decrypted_text = $this->openssl_decrypt($encrypted_text);
-        } else {
-            $decrypted_text = $this->acme_decrypt($encrypted_text);
-        }
-        return $decrypted_text;
-    }
-
-
-    /**
-     * encodes string with PHP's base64 encoding
-     *
-     * @see http://php.net/manual/en/function.base64-encode.php
-     * @param string $text_string the text to be encoded
-     * @return string
-     */
-    public function base64_string_encode($text_string = '')
-    {
-        // you give me nothing??? GET OUT !
-        if (empty($text_string) || ! $this->_use_base64_encode) {
-            return $text_string;
-        }
-        // encode
-        return base64_encode($text_string);
-    }
-
-
-    /**
-     * decodes string that has been encoded with PHP's base64 encoding
-     *
-     * @see http://php.net/manual/en/function.base64-encode.php
-     * @param string $encoded_string the text to be decoded
-     * @return string
-     * @throws RuntimeException
-     */
-    public function base64_string_decode($encoded_string = '')
-    {
-        // you give me nothing??? GET OUT !
-        if (empty($encoded_string) || ! $this->valid_base_64($encoded_string)) {
-            return $encoded_string;
-        }
-        // decode
-        $decoded_string = base64_decode($encoded_string);
-        if ($decoded_string === false) {
-            throw new RuntimeException(
-                esc_html__('Base 64 decoding failed.', 'event_espresso')
-            );
-        }
-        return $decoded_string;
-    }
-
-
-    /**
-     * encodes  url string with PHP's base64 encoding
-     *
-     * @see http://php.net/manual/en/function.base64-encode.php
-     * @param string $text_string the text to be encoded
-     * @return string
-     */
-    public function base64_url_encode($text_string = '')
-    {
-        // you give me nothing??? GET OUT !
-        if (empty($text_string) || ! $this->_use_base64_encode) {
-            return $text_string;
-        }
-        // encode
-        $encoded_string = base64_encode($text_string);
-        // remove chars to make encoding more URL friendly
-        return strtr($encoded_string, '+/=', '-_,');
-    }
-
-
-    /**
-     * decodes  url string that has been encoded with PHP's base64 encoding
-     *
-     * @see http://php.net/manual/en/function.base64-encode.php
-     * @param string $encoded_string the text to be decoded
-     * @return string
-     * @throws RuntimeException
-     */
-    public function base64_url_decode($encoded_string = '')
-    {
-        // replace previously removed characters
-        $encoded_string = strtr($encoded_string, '-_,', '+/=');
-        // you give me nothing??? GET OUT !
-        if (empty($encoded_string) || ! $this->valid_base_64($encoded_string)) {
-            return $encoded_string;
-        }
-        // decode
-        $decoded_string = base64_decode($encoded_string);
-        if ($decoded_string === false) {
-            throw new RuntimeException(
-                esc_html__('Base 64 decoding failed.', 'event_espresso')
-            );
-        }
-        return $decoded_string;
-    }
-
-
-    /**
-     * encrypts data using PHP's openssl functions
-     *
-     * @param string $text_string the text to be encrypted
-     * @param string $cipher_method
-     * @param string $encryption_key
-     * @return string
-     * @throws RuntimeException
-     */
-    protected function openssl_encrypt(
-        $text_string = '',
-        $cipher_method = EE_Encryption::OPENSSL_CIPHER_METHOD,
-        $encryption_key = ''
-    ) {
-        // you give me nothing??? GET OUT !
-        if (empty($text_string)) {
-            return $text_string;
-        }
-        $this->cipher_method = $this->getCipherMethod($cipher_method);
-        // get initialization vector size
-        $iv_size = openssl_cipher_iv_length($this->cipher_method);
-        // generate initialization vector.
-        // The second parameter ("crypto_strong") is passed by reference,
-        // and is used to determines if the algorithm used was "cryptographically strong"
-        // openssl_random_pseudo_bytes() will toggle it to either true or false
-        $iv = openssl_random_pseudo_bytes($iv_size, $is_strong);
-        if ($iv === false || $is_strong === false) {
-            throw new RuntimeException(
-                esc_html__('Failed to generate OpenSSL initialization vector.', 'event_espresso')
-            );
-        }
-        // encrypt it
-        $encrypted_text = openssl_encrypt(
-            $text_string,
-            $this->cipher_method,
-            $this->getDigestHashValue(EE_Encryption::OPENSSL_DIGEST_METHOD, $encryption_key),
-            0,
-            $iv
-        );
-        // append the initialization vector
-        $encrypted_text .= EE_Encryption::OPENSSL_IV_DELIMITER . $iv;
-        // trim and maybe encode
-        return $this->_use_base64_encode
-            ? trim(base64_encode($encrypted_text))
-            : trim($encrypted_text);
-    }
-
-
-    /**
-     * Returns a cipher method that has been verified to work.
-     * First checks if the cached cipher has been set already and if so, returns that.
-     * Then tests the incoming default and returns that if it's good.
-     * If not, then it retrieves the previously tested and saved cipher method.
-     * But if that doesn't exist, then calls getAvailableCipherMethod()
-     * to see what is available on the server, and returns the results.
-     *
-     * @param string $cipher_method
-     * @return string
-     * @throws RuntimeException
-     */
-    protected function getCipherMethod($cipher_method = EE_Encryption::OPENSSL_CIPHER_METHOD)
-    {
-        if ($this->cipher_method !== '') {
-            return $this->cipher_method;
-        }
-        // verify that the default cipher method can produce an initialization vector
-        if (openssl_cipher_iv_length($cipher_method) === false) {
-            // nope? okay let's get what we found in the past to work
-            $cipher_method = get_option(EE_Encryption::OPENSSL_CIPHER_METHOD_OPTION_NAME, '');
-            // oops... haven't tested available cipher methods yet
-            if ($cipher_method === '' || openssl_cipher_iv_length($cipher_method) === false) {
-                $cipher_method = $this->getAvailableCipherMethod($cipher_method);
-            }
-        }
-        return $cipher_method;
-    }
-
-
-    /**
-     * @param string $cipher_method
-     * @return string
-     * @throws \RuntimeException
-     */
-    protected function getAvailableCipherMethod($cipher_method)
-    {
-        // verify that the incoming cipher method can produce an initialization vector
-        if (openssl_cipher_iv_length($cipher_method) === false) {
-            // nope? then check the next cipher in the list of available cipher methods
-            $cipher_method = next($this->cipher_methods);
-            // what? there's no list? then generate that list and cache it,
-            if (empty($this->cipher_methods)) {
-                $this->cipher_methods = openssl_get_cipher_methods();
-                // then grab the first item from the list
-                $cipher_method = reset($this->cipher_methods);
-            }
-            if ($cipher_method === false) {
-                throw new RuntimeException(
-                    esc_html__(
-                        'OpenSSL support appears to be enabled on the server, but no cipher methods are available. Please contact the server administrator.',
-                        'event_espresso'
-                    )
-                );
-            }
-            // verify that the next cipher method works
-            return $this->getAvailableCipherMethod($cipher_method);
-        }
-        // if we've gotten this far, then we found an available cipher method that works
-        // so save that for next time
-        update_option(
-            EE_Encryption::OPENSSL_CIPHER_METHOD_OPTION_NAME,
-            $cipher_method
-        );
-        return $cipher_method;
-    }
-
-
-    /**
-     * decrypts data that has been encrypted with PHP's openssl functions
-     *
-     * @param string $encrypted_text the text to be decrypted
-     * @param string $cipher_method
-     * @param string $encryption_key
-     * @return string
-     * @throws RuntimeException
-     */
-    protected function openssl_decrypt(
-        $encrypted_text = '',
-        $cipher_method = EE_Encryption::OPENSSL_CIPHER_METHOD,
-        $encryption_key = ''
-    ) {
-        // you give me nothing??? GET OUT !
-        if (empty($encrypted_text)) {
-            return $encrypted_text;
-        }
-        // decode
-        $encrypted_text       = $this->valid_base_64($encrypted_text)
-            ? $this->base64_url_decode($encrypted_text)
-            : $encrypted_text;
-        $encrypted_components = explode(
-            EE_Encryption::OPENSSL_IV_DELIMITER,
-            $encrypted_text,
-            2
-        );
-        // check that iv exists, and if not, maybe text was encoded using mcrypt?
-        if ($this->_use_mcrypt && ! isset($encrypted_components[1])) {
-            return $this->m_decrypt($encrypted_text);
-        }
-        // decrypt it
-        $decrypted_text = openssl_decrypt(
-            $encrypted_components[0],
-            $this->getCipherMethod($cipher_method),
-            $this->getDigestHashValue(EE_Encryption::OPENSSL_DIGEST_METHOD, $encryption_key),
-            0,
-            $encrypted_components[1]
-        );
-        $decrypted_text = trim($decrypted_text);
-        return $decrypted_text;
-    }
-
-
-    /**
-     * Computes the digest hash value using the specified digest method.
-     * If that digest method fails to produce a valid hash value,
-     * then we'll grab the next digest method and recursively try again until something works.
-     *
-     * @param string $digest_method
-     * @param string $encryption_key
-     * @return string
-     * @throws RuntimeException
-     */
-    protected function getDigestHashValue($digest_method = EE_Encryption::OPENSSL_DIGEST_METHOD, $encryption_key = '')
-    {
-        $encryption_key    = $encryption_key !== ''
-            ? $encryption_key
-            : $this->get_encryption_key();
-        $digest_hash_value = openssl_digest($encryption_key, $digest_method);
-        if ($digest_hash_value === false) {
-            return $this->getDigestHashValue($this->getDigestMethod());
-        }
-        return $digest_hash_value;
-    }
-
-
-    /**
-     * Returns the NEXT element in the $digest_methods array.
-     * If the $digest_methods array is empty, then we populate it
-     * with the available values returned from openssl_get_md_methods().
-     *
-     * @return string
-     * @throws \RuntimeException
-     */
-    protected function getDigestMethod()
-    {
-        $digest_method = prev($this->digest_methods);
-        if (empty($this->digest_methods)) {
-            $this->digest_methods = openssl_get_md_methods();
-            $digest_method        = end($this->digest_methods);
-        }
-        if ($digest_method === false) {
-            throw new RuntimeException(
-                esc_html__(
-                    'OpenSSL support appears to be enabled on the server, but no digest methods are available. Please contact the server administrator.',
-                    'event_espresso'
-                )
-            );
-        }
-        return $digest_method;
-    }
-
-
-    /**
-     * encrypts data for acme servers that didn't bother to install PHP mcrypt
-     *
-     * @see http://stackoverflow.com/questions/800922/how-to-encrypt-string-without-mcrypt-library-in-php
-     * @param string $text_string the text to be decrypted
-     * @return string
-     */
-    protected function acme_encrypt($text_string = '')
-    {
-        // you give me nothing??? GET OUT !
-        if (empty($text_string)) {
-            return $text_string;
-        }
-        $key_bits    = str_split(
-            str_pad(
-                '',
-                strlen($text_string),
-                $this->get_encryption_key(),
-                STR_PAD_RIGHT
-            )
-        );
-        $string_bits = str_split($text_string);
-        foreach ($string_bits as $k => $v) {
-            $temp              = ord($v) + ord($key_bits[ $k ]);
-            $string_bits[ $k ] = chr($temp > 255 ? ($temp - 256) : $temp);
-        }
-        $encrypted_text = implode('', $string_bits);
-        $encrypted_text .= EE_Encryption::ACME_ENCRYPTION_FLAG;
-        return $this->_use_base64_encode
-            ? base64_encode($encrypted_text)
-            : $encrypted_text;
-    }
-
-
-    /**
-     * decrypts data for acme servers that didn't bother to install PHP mcrypt
-     *
-     * @see http://stackoverflow.com/questions/800922/how-to-encrypt-string-without-mcrypt-library-in-php
-     * @param string $encrypted_text the text to be decrypted
-     * @return string
-     * @throws RuntimeException
-     */
-    protected function acme_decrypt($encrypted_text = '')
-    {
-        // you give me nothing??? GET OUT !
-        if (empty($encrypted_text)) {
-            return $encrypted_text;
-        }
-        // decode the data ?
-        $encrypted_text = $this->valid_base_64($encrypted_text)
-            ? $this->base64_url_decode($encrypted_text)
-            : $encrypted_text;
-        if (
-            $this->_use_mcrypt
-            && strpos($encrypted_text, EE_Encryption::ACME_ENCRYPTION_FLAG) === false
-        ) {
-            return $this->m_decrypt($encrypted_text);
-        }
-        $encrypted_text = substr($encrypted_text, 0, -4);
-        $key_bits       = str_split(
-            str_pad(
-                '',
-                strlen($encrypted_text),
-                $this->get_encryption_key(),
-                STR_PAD_RIGHT
-            )
-        );
-        $string_bits    = str_split($encrypted_text);
-        foreach ($string_bits as $k => $v) {
-            $temp              = ord($v) - ord($key_bits[ $k ]);
-            $string_bits[ $k ] = chr($temp < 0 ? ($temp + 256) : $temp);
-        }
-        return implode('', $string_bits);
-    }
-
-
-    /**
-     * @see http://stackoverflow.com/questions/2556345/detect-base64-encoding-in-php#30231906
-     * @param $string
-     * @return bool
-     */
-    protected function valid_base_64($string)
-    {
-        // ensure data is a string
-        if (! is_string($string) || ! $this->_use_base64_encode) {
-            return false;
-        }
-        $decoded = base64_decode($string, true);
-        // Check if there is no invalid character in string
-        if (! preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $string)) {
-            return false;
-        }
-        // Decode the string in strict mode and send the response
-        if (! base64_decode($string, true)) {
-            return false;
-        }
-        // Encode and compare it to original one
-        return base64_encode($decoded) === $string;
-    }
-
-
-    /**
-     * generate random string
-     *
-     * @see http://stackoverflow.com/questions/637278/what-is-the-best-way-to-generate-a-random-key-within-php
-     * @param int $length number of characters for random string
-     * @return string
-     */
-    public function generate_random_string($length = 40)
-    {
-        $iterations    = ceil($length / 40);
-        $random_string = '';
-        for ($i = 0; $i < $iterations; $i++) {
-            $random_string .= sha1(microtime(true) . mt_rand(10000, 90000));
-        }
-        $random_string = substr($random_string, 0, $length);
-        return $random_string;
-    }
-
-
-    /**
-     * encrypts data using PHP's mcrypt functions
-     *
-     * @param string $text_string
-     * @return string
-     * @throws RuntimeException
-     * @deprecated 4.9.39
-     * @internal   param $string - the text to be encrypted
-     */
-    protected function m_encrypt($text_string = '')
-    {
-        // you give me nothing??? GET OUT !
-        if (empty($text_string)) {
-            return $text_string;
-        }
-        // get the initialization vector size
-        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
-        // initialization vector
-        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
-        if ($iv === false) {
-            throw new RuntimeException(
-                esc_html__('Failed to generate mcrypt initialization vector.', 'event_espresso')
-            );
-        }
-        // encrypt it
-        $encrypted_text = mcrypt_encrypt(
-            MCRYPT_RIJNDAEL_256,
-            $this->get_encryption_key(),
-            $text_string,
-            MCRYPT_MODE_ECB,
-            $iv
-        );
-        // trim and maybe encode
-        return $this->_use_base64_encode
-            ? trim(base64_encode($encrypted_text))
-            : trim($encrypted_text);
-    }
-
-
-    /**
-     * decrypts data that has been encrypted with PHP's mcrypt functions
-     *
-     * @param string $encrypted_text the text to be decrypted
-     * @return string
-     * @throws RuntimeException
-     * @deprecated 4.9.39
-     */
-    protected function m_decrypt($encrypted_text = '')
-    {
-        // you give me nothing??? GET OUT !
-        if (empty($encrypted_text)) {
-            return $encrypted_text;
-        }
-        // decode
-        $encrypted_text = $this->valid_base_64($encrypted_text)
-            ? $this->base64_url_decode($encrypted_text)
-            : $encrypted_text;
-        // get the initialization vector size
-        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
-        $iv      = mcrypt_create_iv($iv_size, MCRYPT_RAND);
-        if ($iv === false) {
-            throw new RuntimeException(
-                esc_html__('Failed to generate mcrypt initialization vector.', 'event_espresso')
-            );
-        }
-        // decrypt it
-        $decrypted_text = mcrypt_decrypt(
-            MCRYPT_RIJNDAEL_256,
-            $this->get_encryption_key(),
-            $encrypted_text,
-            MCRYPT_MODE_ECB,
-            $iv
-        );
-        $decrypted_text = trim($decrypted_text);
-        return $decrypted_text;
-    }
+	/**
+	 * key used for saving the encryption key to the wp_options table
+	 */
+	const ENCRYPTION_OPTION_KEY = 'ee_encryption_key';
+
+	/**
+	 * the OPENSSL cipher method used
+	 */
+	const OPENSSL_CIPHER_METHOD = 'AES-128-CBC';
+
+	/**
+	 * WP "options_name" used to store a verified available cipher method
+	 */
+	const OPENSSL_CIPHER_METHOD_OPTION_NAME = 'ee_openssl_cipher_method';
+
+	/**
+	 * the OPENSSL digest method used
+	 */
+	const OPENSSL_DIGEST_METHOD = 'sha512';
+
+	/**
+	 * separates the encrypted text from the initialization vector
+	 */
+	const OPENSSL_IV_DELIMITER = ':iv:';
+
+	/**
+	 * appended to text encrypted using the acme encryption
+	 */
+	const ACME_ENCRYPTION_FLAG = '::ae';
+
+
+	/**
+	 * instance of the EE_Encryption object
+	 */
+	protected static $_instance;
+
+	/**
+	 * @var string $_encryption_key
+	 */
+	protected $_encryption_key;
+
+	/**
+	 * @var string $cipher_method
+	 */
+	private $cipher_method = '';
+
+	/**
+	 * @var array $cipher_methods
+	 */
+	private $cipher_methods = [];
+
+	/**
+	 * @var array $digest_methods
+	 */
+	private $digest_methods = [];
+
+	/**
+	 * @var boolean $_use_openssl_encrypt
+	 */
+	protected $_use_openssl_encrypt = false;
+
+	/**
+	 * @var boolean $_use_mcrypt
+	 */
+	protected $_use_mcrypt = false;
+
+	/**
+	 * @var boolean $_use_base64_encode
+	 */
+	protected $_use_base64_encode = false;
+
+
+	/**
+	 * protected constructor to prevent direct creation
+	 */
+	protected function __construct()
+	{
+		if (! defined('ESPRESSO_ENCRYPT')) {
+			define('ESPRESSO_ENCRYPT', true);
+		}
+		if (extension_loaded('openssl')) {
+			$this->_use_openssl_encrypt = true;
+		} elseif (extension_loaded('mcrypt')) {
+			$this->_use_mcrypt = true;
+		}
+		if (function_exists('base64_encode')) {
+			$this->_use_base64_encode = true;
+		}
+	}
+
+
+	/**
+	 * singleton method used to instantiate class object
+	 *
+	 * @return EE_Encryption
+	 */
+	public static function instance()
+	{
+		// check if class object is instantiated
+		if (! EE_Encryption::$_instance instanceof EE_Encryption) {
+			EE_Encryption::$_instance = new self();
+		}
+		return EE_Encryption::$_instance;
+	}
+
+
+	/**
+	 * get encryption key
+	 *
+	 * @return string
+	 */
+	public function get_encryption_key()
+	{
+		// if encryption key has not been set
+		if (empty($this->_encryption_key)) {
+			// retrieve encryption_key from db
+			$this->_encryption_key = get_option(EE_Encryption::ENCRYPTION_OPTION_KEY, '');
+			// WHAT?? No encryption_key in the db ??
+			if ($this->_encryption_key === '') {
+				// let's make one. And md5 it to make it just the right size for a key
+				$new_key = md5($this->generate_random_string());
+				// now save it to the db for later
+				add_option(EE_Encryption::ENCRYPTION_OPTION_KEY, $new_key);
+				// here's the key - FINALLY !
+				$this->_encryption_key = $new_key;
+			}
+		}
+		return $this->_encryption_key;
+	}
+
+
+	/**
+	 * encrypts data
+	 *
+	 * @param string $text_string - the text to be encrypted
+	 * @return string
+	 * @throws RuntimeException
+	 */
+	public function encrypt($text_string = '')
+	{
+		// you give me nothing??? GET OUT !
+		if (empty($text_string)) {
+			return $text_string;
+		}
+		if ($this->_use_openssl_encrypt) {
+			$encrypted_text = $this->openssl_encrypt($text_string);
+		} else {
+			$encrypted_text = $this->acme_encrypt($text_string);
+		}
+		return $encrypted_text;
+	}
+
+
+	/**
+	 * decrypts data
+	 *
+	 * @param string $encrypted_text - the text to be decrypted
+	 * @return string
+	 * @throws RuntimeException
+	 */
+	public function decrypt($encrypted_text = '')
+	{
+		// you give me nothing??? GET OUT !
+		if (empty($encrypted_text)) {
+			return $encrypted_text;
+		}
+		// if PHP's mcrypt functions are installed then we'll use them
+		if ($this->_use_openssl_encrypt) {
+			$decrypted_text = $this->openssl_decrypt($encrypted_text);
+		} else {
+			$decrypted_text = $this->acme_decrypt($encrypted_text);
+		}
+		return $decrypted_text;
+	}
+
+
+	/**
+	 * encodes string with PHP's base64 encoding
+	 *
+	 * @see http://php.net/manual/en/function.base64-encode.php
+	 * @param string $text_string the text to be encoded
+	 * @return string
+	 */
+	public function base64_string_encode($text_string = '')
+	{
+		// you give me nothing??? GET OUT !
+		if (empty($text_string) || ! $this->_use_base64_encode) {
+			return $text_string;
+		}
+		// encode
+		return base64_encode($text_string);
+	}
+
+
+	/**
+	 * decodes string that has been encoded with PHP's base64 encoding
+	 *
+	 * @see http://php.net/manual/en/function.base64-encode.php
+	 * @param string $encoded_string the text to be decoded
+	 * @return string
+	 * @throws RuntimeException
+	 */
+	public function base64_string_decode($encoded_string = '')
+	{
+		// you give me nothing??? GET OUT !
+		if (empty($encoded_string) || ! $this->valid_base_64($encoded_string)) {
+			return $encoded_string;
+		}
+		// decode
+		$decoded_string = base64_decode($encoded_string);
+		if ($decoded_string === false) {
+			throw new RuntimeException(
+				esc_html__('Base 64 decoding failed.', 'event_espresso')
+			);
+		}
+		return $decoded_string;
+	}
+
+
+	/**
+	 * encodes  url string with PHP's base64 encoding
+	 *
+	 * @see http://php.net/manual/en/function.base64-encode.php
+	 * @param string $text_string the text to be encoded
+	 * @return string
+	 */
+	public function base64_url_encode($text_string = '')
+	{
+		// you give me nothing??? GET OUT !
+		if (empty($text_string) || ! $this->_use_base64_encode) {
+			return $text_string;
+		}
+		// encode
+		$encoded_string = base64_encode($text_string);
+		// remove chars to make encoding more URL friendly
+		return strtr($encoded_string, '+/=', '-_,');
+	}
+
+
+	/**
+	 * decodes  url string that has been encoded with PHP's base64 encoding
+	 *
+	 * @see http://php.net/manual/en/function.base64-encode.php
+	 * @param string $encoded_string the text to be decoded
+	 * @return string
+	 * @throws RuntimeException
+	 */
+	public function base64_url_decode($encoded_string = '')
+	{
+		// replace previously removed characters
+		$encoded_string = strtr($encoded_string, '-_,', '+/=');
+		// you give me nothing??? GET OUT !
+		if (empty($encoded_string) || ! $this->valid_base_64($encoded_string)) {
+			return $encoded_string;
+		}
+		// decode
+		$decoded_string = base64_decode($encoded_string);
+		if ($decoded_string === false) {
+			throw new RuntimeException(
+				esc_html__('Base 64 decoding failed.', 'event_espresso')
+			);
+		}
+		return $decoded_string;
+	}
+
+
+	/**
+	 * encrypts data using PHP's openssl functions
+	 *
+	 * @param string $text_string the text to be encrypted
+	 * @param string $cipher_method
+	 * @param string $encryption_key
+	 * @return string
+	 * @throws RuntimeException
+	 */
+	protected function openssl_encrypt(
+		$text_string = '',
+		$cipher_method = EE_Encryption::OPENSSL_CIPHER_METHOD,
+		$encryption_key = ''
+	) {
+		// you give me nothing??? GET OUT !
+		if (empty($text_string)) {
+			return $text_string;
+		}
+		$this->cipher_method = $this->getCipherMethod($cipher_method);
+		// get initialization vector size
+		$iv_size = openssl_cipher_iv_length($this->cipher_method);
+		// generate initialization vector.
+		// The second parameter ("crypto_strong") is passed by reference,
+		// and is used to determines if the algorithm used was "cryptographically strong"
+		// openssl_random_pseudo_bytes() will toggle it to either true or false
+		$iv = openssl_random_pseudo_bytes($iv_size, $is_strong);
+		if ($iv === false || $is_strong === false) {
+			throw new RuntimeException(
+				esc_html__('Failed to generate OpenSSL initialization vector.', 'event_espresso')
+			);
+		}
+		// encrypt it
+		$encrypted_text = openssl_encrypt(
+			$text_string,
+			$this->cipher_method,
+			$this->getDigestHashValue(EE_Encryption::OPENSSL_DIGEST_METHOD, $encryption_key),
+			0,
+			$iv
+		);
+		// append the initialization vector
+		$encrypted_text .= EE_Encryption::OPENSSL_IV_DELIMITER . $iv;
+		// trim and maybe encode
+		return $this->_use_base64_encode
+			? trim(base64_encode($encrypted_text))
+			: trim($encrypted_text);
+	}
+
+
+	/**
+	 * Returns a cipher method that has been verified to work.
+	 * First checks if the cached cipher has been set already and if so, returns that.
+	 * Then tests the incoming default and returns that if it's good.
+	 * If not, then it retrieves the previously tested and saved cipher method.
+	 * But if that doesn't exist, then calls getAvailableCipherMethod()
+	 * to see what is available on the server, and returns the results.
+	 *
+	 * @param string $cipher_method
+	 * @return string
+	 * @throws RuntimeException
+	 */
+	protected function getCipherMethod($cipher_method = EE_Encryption::OPENSSL_CIPHER_METHOD)
+	{
+		if ($this->cipher_method !== '') {
+			return $this->cipher_method;
+		}
+		// verify that the default cipher method can produce an initialization vector
+		if (openssl_cipher_iv_length($cipher_method) === false) {
+			// nope? okay let's get what we found in the past to work
+			$cipher_method = get_option(EE_Encryption::OPENSSL_CIPHER_METHOD_OPTION_NAME, '');
+			// oops... haven't tested available cipher methods yet
+			if ($cipher_method === '' || openssl_cipher_iv_length($cipher_method) === false) {
+				$cipher_method = $this->getAvailableCipherMethod($cipher_method);
+			}
+		}
+		return $cipher_method;
+	}
+
+
+	/**
+	 * @param string $cipher_method
+	 * @return string
+	 * @throws \RuntimeException
+	 */
+	protected function getAvailableCipherMethod($cipher_method)
+	{
+		// verify that the incoming cipher method can produce an initialization vector
+		if (openssl_cipher_iv_length($cipher_method) === false) {
+			// nope? then check the next cipher in the list of available cipher methods
+			$cipher_method = next($this->cipher_methods);
+			// what? there's no list? then generate that list and cache it,
+			if (empty($this->cipher_methods)) {
+				$this->cipher_methods = openssl_get_cipher_methods();
+				// then grab the first item from the list
+				$cipher_method = reset($this->cipher_methods);
+			}
+			if ($cipher_method === false) {
+				throw new RuntimeException(
+					esc_html__(
+						'OpenSSL support appears to be enabled on the server, but no cipher methods are available. Please contact the server administrator.',
+						'event_espresso'
+					)
+				);
+			}
+			// verify that the next cipher method works
+			return $this->getAvailableCipherMethod($cipher_method);
+		}
+		// if we've gotten this far, then we found an available cipher method that works
+		// so save that for next time
+		update_option(
+			EE_Encryption::OPENSSL_CIPHER_METHOD_OPTION_NAME,
+			$cipher_method
+		);
+		return $cipher_method;
+	}
+
+
+	/**
+	 * decrypts data that has been encrypted with PHP's openssl functions
+	 *
+	 * @param string $encrypted_text the text to be decrypted
+	 * @param string $cipher_method
+	 * @param string $encryption_key
+	 * @return string
+	 * @throws RuntimeException
+	 */
+	protected function openssl_decrypt(
+		$encrypted_text = '',
+		$cipher_method = EE_Encryption::OPENSSL_CIPHER_METHOD,
+		$encryption_key = ''
+	) {
+		// you give me nothing??? GET OUT !
+		if (empty($encrypted_text)) {
+			return $encrypted_text;
+		}
+		// decode
+		$encrypted_text       = $this->valid_base_64($encrypted_text)
+			? $this->base64_url_decode($encrypted_text)
+			: $encrypted_text;
+		$encrypted_components = explode(
+			EE_Encryption::OPENSSL_IV_DELIMITER,
+			$encrypted_text,
+			2
+		);
+		// check that iv exists, and if not, maybe text was encoded using mcrypt?
+		if ($this->_use_mcrypt && ! isset($encrypted_components[1])) {
+			return $this->m_decrypt($encrypted_text);
+		}
+		// decrypt it
+		$decrypted_text = openssl_decrypt(
+			$encrypted_components[0],
+			$this->getCipherMethod($cipher_method),
+			$this->getDigestHashValue(EE_Encryption::OPENSSL_DIGEST_METHOD, $encryption_key),
+			0,
+			$encrypted_components[1]
+		);
+		$decrypted_text = trim($decrypted_text);
+		return $decrypted_text;
+	}
+
+
+	/**
+	 * Computes the digest hash value using the specified digest method.
+	 * If that digest method fails to produce a valid hash value,
+	 * then we'll grab the next digest method and recursively try again until something works.
+	 *
+	 * @param string $digest_method
+	 * @param string $encryption_key
+	 * @return string
+	 * @throws RuntimeException
+	 */
+	protected function getDigestHashValue($digest_method = EE_Encryption::OPENSSL_DIGEST_METHOD, $encryption_key = '')
+	{
+		$encryption_key    = $encryption_key !== ''
+			? $encryption_key
+			: $this->get_encryption_key();
+		$digest_hash_value = openssl_digest($encryption_key, $digest_method);
+		if ($digest_hash_value === false) {
+			return $this->getDigestHashValue($this->getDigestMethod());
+		}
+		return $digest_hash_value;
+	}
+
+
+	/**
+	 * Returns the NEXT element in the $digest_methods array.
+	 * If the $digest_methods array is empty, then we populate it
+	 * with the available values returned from openssl_get_md_methods().
+	 *
+	 * @return string
+	 * @throws \RuntimeException
+	 */
+	protected function getDigestMethod()
+	{
+		$digest_method = prev($this->digest_methods);
+		if (empty($this->digest_methods)) {
+			$this->digest_methods = openssl_get_md_methods();
+			$digest_method        = end($this->digest_methods);
+		}
+		if ($digest_method === false) {
+			throw new RuntimeException(
+				esc_html__(
+					'OpenSSL support appears to be enabled on the server, but no digest methods are available. Please contact the server administrator.',
+					'event_espresso'
+				)
+			);
+		}
+		return $digest_method;
+	}
+
+
+	/**
+	 * encrypts data for acme servers that didn't bother to install PHP mcrypt
+	 *
+	 * @see http://stackoverflow.com/questions/800922/how-to-encrypt-string-without-mcrypt-library-in-php
+	 * @param string $text_string the text to be decrypted
+	 * @return string
+	 */
+	protected function acme_encrypt($text_string = '')
+	{
+		// you give me nothing??? GET OUT !
+		if (empty($text_string)) {
+			return $text_string;
+		}
+		$key_bits    = str_split(
+			str_pad(
+				'',
+				strlen($text_string),
+				$this->get_encryption_key(),
+				STR_PAD_RIGHT
+			)
+		);
+		$string_bits = str_split($text_string);
+		foreach ($string_bits as $k => $v) {
+			$temp              = ord($v) + ord($key_bits[ $k ]);
+			$string_bits[ $k ] = chr($temp > 255 ? ($temp - 256) : $temp);
+		}
+		$encrypted_text = implode('', $string_bits);
+		$encrypted_text .= EE_Encryption::ACME_ENCRYPTION_FLAG;
+		return $this->_use_base64_encode
+			? base64_encode($encrypted_text)
+			: $encrypted_text;
+	}
+
+
+	/**
+	 * decrypts data for acme servers that didn't bother to install PHP mcrypt
+	 *
+	 * @see http://stackoverflow.com/questions/800922/how-to-encrypt-string-without-mcrypt-library-in-php
+	 * @param string $encrypted_text the text to be decrypted
+	 * @return string
+	 * @throws RuntimeException
+	 */
+	protected function acme_decrypt($encrypted_text = '')
+	{
+		// you give me nothing??? GET OUT !
+		if (empty($encrypted_text)) {
+			return $encrypted_text;
+		}
+		// decode the data ?
+		$encrypted_text = $this->valid_base_64($encrypted_text)
+			? $this->base64_url_decode($encrypted_text)
+			: $encrypted_text;
+		if (
+			$this->_use_mcrypt
+			&& strpos($encrypted_text, EE_Encryption::ACME_ENCRYPTION_FLAG) === false
+		) {
+			return $this->m_decrypt($encrypted_text);
+		}
+		$encrypted_text = substr($encrypted_text, 0, -4);
+		$key_bits       = str_split(
+			str_pad(
+				'',
+				strlen($encrypted_text),
+				$this->get_encryption_key(),
+				STR_PAD_RIGHT
+			)
+		);
+		$string_bits    = str_split($encrypted_text);
+		foreach ($string_bits as $k => $v) {
+			$temp              = ord($v) - ord($key_bits[ $k ]);
+			$string_bits[ $k ] = chr($temp < 0 ? ($temp + 256) : $temp);
+		}
+		return implode('', $string_bits);
+	}
+
+
+	/**
+	 * @see http://stackoverflow.com/questions/2556345/detect-base64-encoding-in-php#30231906
+	 * @param $string
+	 * @return bool
+	 */
+	protected function valid_base_64($string)
+	{
+		// ensure data is a string
+		if (! is_string($string) || ! $this->_use_base64_encode) {
+			return false;
+		}
+		$decoded = base64_decode($string, true);
+		// Check if there is no invalid character in string
+		if (! preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $string)) {
+			return false;
+		}
+		// Decode the string in strict mode and send the response
+		if (! base64_decode($string, true)) {
+			return false;
+		}
+		// Encode and compare it to original one
+		return base64_encode($decoded) === $string;
+	}
+
+
+	/**
+	 * generate random string
+	 *
+	 * @see http://stackoverflow.com/questions/637278/what-is-the-best-way-to-generate-a-random-key-within-php
+	 * @param int $length number of characters for random string
+	 * @return string
+	 */
+	public function generate_random_string($length = 40)
+	{
+		$iterations    = ceil($length / 40);
+		$random_string = '';
+		for ($i = 0; $i < $iterations; $i++) {
+			$random_string .= sha1(microtime(true) . mt_rand(10000, 90000));
+		}
+		$random_string = substr($random_string, 0, $length);
+		return $random_string;
+	}
+
+
+	/**
+	 * encrypts data using PHP's mcrypt functions
+	 *
+	 * @param string $text_string
+	 * @return string
+	 * @throws RuntimeException
+	 * @deprecated 4.9.39
+	 * @internal   param $string - the text to be encrypted
+	 */
+	protected function m_encrypt($text_string = '')
+	{
+		// you give me nothing??? GET OUT !
+		if (empty($text_string)) {
+			return $text_string;
+		}
+		// get the initialization vector size
+		$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
+		// initialization vector
+		$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
+		if ($iv === false) {
+			throw new RuntimeException(
+				esc_html__('Failed to generate mcrypt initialization vector.', 'event_espresso')
+			);
+		}
+		// encrypt it
+		$encrypted_text = mcrypt_encrypt(
+			MCRYPT_RIJNDAEL_256,
+			$this->get_encryption_key(),
+			$text_string,
+			MCRYPT_MODE_ECB,
+			$iv
+		);
+		// trim and maybe encode
+		return $this->_use_base64_encode
+			? trim(base64_encode($encrypted_text))
+			: trim($encrypted_text);
+	}
+
+
+	/**
+	 * decrypts data that has been encrypted with PHP's mcrypt functions
+	 *
+	 * @param string $encrypted_text the text to be decrypted
+	 * @return string
+	 * @throws RuntimeException
+	 * @deprecated 4.9.39
+	 */
+	protected function m_decrypt($encrypted_text = '')
+	{
+		// you give me nothing??? GET OUT !
+		if (empty($encrypted_text)) {
+			return $encrypted_text;
+		}
+		// decode
+		$encrypted_text = $this->valid_base_64($encrypted_text)
+			? $this->base64_url_decode($encrypted_text)
+			: $encrypted_text;
+		// get the initialization vector size
+		$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
+		$iv      = mcrypt_create_iv($iv_size, MCRYPT_RAND);
+		if ($iv === false) {
+			throw new RuntimeException(
+				esc_html__('Failed to generate mcrypt initialization vector.', 'event_espresso')
+			);
+		}
+		// decrypt it
+		$decrypted_text = mcrypt_decrypt(
+			MCRYPT_RIJNDAEL_256,
+			$this->get_encryption_key(),
+			$encrypted_text,
+			MCRYPT_MODE_ECB,
+			$iv
+		);
+		$decrypted_text = trim($decrypted_text);
+		return $decrypted_text;
+	}
 }

core/services/encryption/EncryptionKeyManagerInterface.php

Indentation +81 added lines, -81 removed lines

@@ -12,85 +12,85 @@
  */
 interface EncryptionKeyManagerInterface
 {
-    /**
-     * add an encryption key
-     *
-     * @param string $encryption_key_identifier - name of the encryption key to use
-     * @param string $encryption_key            - cryptographically secure passphrase. will generate if necessary
-     * @param bool   $overwrite                 - prevents accidental overwriting of an existing key which would be bad
-     * @return bool
-     */
-    public function addEncryptionKey($encryption_key_identifier, $encryption_key = '', $overwrite = false);
-
-
-    /**
-     * returns true if encryption key has already been generated
-     *
-     * @param string $encryption_key_identifier - encryption key name
-     * @return bool
-     */
-    public function encryptionKeyExists($encryption_key_identifier = '');
-
-
-    /**
-     * returns cryptographically secure passphrase. will use default if necessary
-     *
-     * @param string $encryption_key_identifier - encryption key name. will use default if necessary
-     * @param bool   $generate                  - will generate a new key if the requested one does not exist
-     * @param bool   $throw_exception           - if TRUE (default), will throw an exception if key is not found
-     * @return string
-     */
-    public function getEncryptionKey($encryption_key_identifier = '', $generate = false, $throw_exception = true);
-
-
-    /**
-     * creates a new encryption key
-     *
-     * @param bool $strong if true (default) will attempt to generate a cryptographically secure key
-     * @return string
-     */
-    public function generateEncryptionKey($strong = true);
-
-
-    /**
-     * @return int
-     */
-    public function bitDepth();
-
-
-    /**
-     * @param int $bit_depth options are 64, 128, 192, or 256
-     */
-    public function setBitDepth($bit_depth);
-
-
-    /**
-     * @return int
-     */
-    public function keyLength();
-
-
-    /**
-     * @param int $key_length
-     */
-    public function setKeyLength($key_length);
-
-
-    /**
-     * deletes ALL existing encryption keys from the db
-     *
-     * @return bool true if keys successfully deleted, false otherwise.
-     */
-    public function removeAllEncryptionKeys();
-
-
-    /**
-     * deletes an existing encryption key from those saved in the db
-     *
-     * @param string $encryption_key_identifier encryption key name
-     * @return int  1: key removed successfully.
-     *              0: key did not exist.
-     *             -1: failed to remove key
-     */
-    public function removeEncryptionKey($encryption_key_identifier = '');
+	/**
+	 * add an encryption key
+	 *
+	 * @param string $encryption_key_identifier - name of the encryption key to use
+	 * @param string $encryption_key            - cryptographically secure passphrase. will generate if necessary
+	 * @param bool   $overwrite                 - prevents accidental overwriting of an existing key which would be bad
+	 * @return bool
+	 */
+	public function addEncryptionKey($encryption_key_identifier, $encryption_key = '', $overwrite = false);
+
+
+	/**
+	 * returns true if encryption key has already been generated
+	 *
+	 * @param string $encryption_key_identifier - encryption key name
+	 * @return bool
+	 */
+	public function encryptionKeyExists($encryption_key_identifier = '');
+
+
+	/**
+	 * returns cryptographically secure passphrase. will use default if necessary
+	 *
+	 * @param string $encryption_key_identifier - encryption key name. will use default if necessary
+	 * @param bool   $generate                  - will generate a new key if the requested one does not exist
+	 * @param bool   $throw_exception           - if TRUE (default), will throw an exception if key is not found
+	 * @return string
+	 */
+	public function getEncryptionKey($encryption_key_identifier = '', $generate = false, $throw_exception = true);
+
+
+	/**
+	 * creates a new encryption key
+	 *
+	 * @param bool $strong if true (default) will attempt to generate a cryptographically secure key
+	 * @return string
+	 */
+	public function generateEncryptionKey($strong = true);
+
+
+	/**
+	 * @return int
+	 */
+	public function bitDepth();
+
+
+	/**
+	 * @param int $bit_depth options are 64, 128, 192, or 256
+	 */
+	public function setBitDepth($bit_depth);
+
+
+	/**
+	 * @return int
+	 */
+	public function keyLength();
+
+
+	/**
+	 * @param int $key_length
+	 */
+	public function setKeyLength($key_length);
+
+
+	/**
+	 * deletes ALL existing encryption keys from the db
+	 *
+	 * @return bool true if keys successfully deleted, false otherwise.
+	 */
+	public function removeAllEncryptionKeys();
+
+
+	/**
+	 * deletes an existing encryption key from those saved in the db
+	 *
+	 * @param string $encryption_key_identifier encryption key name
+	 * @return int  1: key removed successfully.
+	 *              0: key did not exist.
+	 *             -1: failed to remove key
+	 */
+	public function removeEncryptionKey($encryption_key_identifier = '');
 }

core/services/encryption/EncryptionKeyManager.php

Indentation +297 added lines, -297 removed lines

@@ -16,301 +16,301 @@
  */
 class EncryptionKeyManager implements EncryptionKeyManagerInterface
 {
-    /**
-     * @var Base64Encoder
-     */
-    protected $base64_encoder;
-
-    /**
-     * name used for a default encryption key in case no others are set
-     *
-     * @var string
-     */
-    private $default_encryption_key_id;
-
-    /**
-     * name used for saving encryption keys to the wp_options table
-     *
-     * @var string
-     */
-    private $encryption_keys_option_name;
-
-    /**
-     * @var array
-     */
-    private $encryption_keys = null;
-
-    /**
-     * number of bits used when generating cryptographically secure keys
-     *
-     * @var int
-     */
-    private $bit_depth = 128;
-
-    /**
-     * @var int[]
-     */
-    private $bit_depth_options = [64, 128, 192, 256];
-
-    /**
-     * number of characters used when generating cryptographically weak keys
-     *
-     * @var int
-     */
-    private $key_length = 40;
-
-
-    /**
-     * @param Base64Encoder $base64_encoder
-     * @param string        $default_encryption_key_id
-     * @param string        $encryption_keys_option_name
-     */
-    public function __construct(Base64Encoder $base64_encoder, $default_encryption_key_id, $encryption_keys_option_name)
-    {
-        $this->base64_encoder              = $base64_encoder;
-        $this->default_encryption_key_id   = $default_encryption_key_id;
-        $this->encryption_keys_option_name = $encryption_keys_option_name;
-    }
-
-
-    /**
-     * add an encryption key
-     *
-     * @param string $encryption_key_identifier - name of the encryption key to use
-     * @param string $encryption_key            - cryptographically secure passphrase. will generate if necessary
-     * @param bool   $overwrite                 - prevents accidental overwriting of an existing key which would be bad
-     * @return bool
-     * @throws Exception
-     */
-    public function addEncryptionKey($encryption_key_identifier, $encryption_key = '', $overwrite = false)
-    {
-        $encryption_key_identifier = $encryption_key_identifier ?: $this->default_encryption_key_id;
-        if ($this->encryptionKeyExists($encryption_key_identifier) && ! $overwrite) {
-            // WOAH!!! that key already exists and we don't want to overwrite it
-            throw new RuntimeException(
-                sprintf(
-                    esc_html__(
-                        'The "%1$s" encryption key already exists and can not be overwritten because previously encrypted values would no longer be capable of being decrypted.',
-                        'event_espresso'
-                    ),
-                    $encryption_key_identifier
-                )
-            );
-        }
-        $this->encryption_keys[ $encryption_key_identifier ] = $encryption_key ?: $this->generateEncryptionKey();
-        return $this->saveEncryptionKeys();
-    }
-
-
-    /**
-     * returns true if encryption key has already been generated
-     *
-     * @param string $encryption_key_identifier - encryption key name
-     * @return bool
-     * @throws Exception
-     * @throws OutOfBoundsException
-     */
-    public function encryptionKeyExists($encryption_key_identifier = '')
-    {
-        // ensure keys are loaded
-        $this->retrieveEncryptionKeys();
-        return isset($this->encryption_keys[ $encryption_key_identifier ]);
-    }
-
-
-    /**
-     * returns cryptographically secure passphrase. will use default if necessary
-     *
-     * @param string $encryption_key_identifier - encryption key name. will use default if necessary
-     * @param bool   $generate                  - will generate a new key if the requested one does not exist
-     * @param bool   $throw_exception           - if TRUE (default), will throw an exception if key is not found
-     * @return string
-     * @throws Exception
-     */
-    public function getEncryptionKey($encryption_key_identifier = '', $generate = true, $throw_exception = true)
-    {
-        $encryption_key_identifier = $encryption_key_identifier ?: $this->default_encryption_key_id;
-        // if encryption key has not been set
-        if (! $this->encryptionKeyExists($encryption_key_identifier)) {
-            if ($generate) {
-                $this->addEncryptionKey($encryption_key_identifier);
-            } else {
-                if (! $throw_exception) {
-                    return '';
-                }
-                throw new OutOfBoundsException(
-                    sprintf(
-                        esc_html__('The "%1$s" encryption key was not found or is invalid.', 'event_espresso'),
-                        $encryption_key_identifier
-                    )
-                );
-            }
-        }
-        return $this->encryption_keys[ $encryption_key_identifier ];
-    }
-
-
-    /**
-     * creates a new encryption key
-     *
-     * @param bool $strong if true (default) will attempt to generate a cryptographically secure key
-     * @return string
-     * @throws Exception
-     */
-    public function generateEncryptionKey($strong = true)
-    {
-        return $strong && PHP_VERSION_ID >= 70100
-            ? $this->generateStrongEncryptionKey()
-            : $this->generateWeakEncryptionKey();
-    }
-
-
-    /**
-     * creates a new cryptographically secure encryption key
-     *
-     * @return string
-     * @throws Exception
-     */
-    protected function generateStrongEncryptionKey()
-    {
-        // bit_depth needs to be divided by 8 to convert to bytes
-        return $this->base64_encoder->encodeString(random_bytes($this->bit_depth / 8));
-    }
-
-
-    /**
-     * creates a new encryption key that should not be trusted to be cryptographically secure
-     *
-     * @return string
-     * @throws Exception
-     */
-    protected function generateWeakEncryptionKey()
-    {
-        // @see http://stackoverflow.com/questions/637278/what-is-the-best-way-to-generate-a-random-key-within-php
-        $iterations    = ceil($this->key_length / 40);
-        $random_string = '';
-        for ($i = 0; $i < $iterations; $i++) {
-            $random_string .= sha1(microtime(true) . mt_rand(10000, 90000));
-        }
-        $random_string = (string) substr($random_string, 0, $this->key_length);
-        return $this->base64_encoder->encodeString($random_string);
-    }
-
-
-    /**
-     * @return int
-     */
-    public function bitDepth()
-    {
-        return $this->bit_depth;
-    }
-
-
-    /**
-     * @param int $bit_depth options are 64, 128, 192, or 256
-     */
-    public function setBitDepth($bit_depth)
-    {
-        $bit_depth       = absint($bit_depth);
-        $this->bit_depth = in_array($bit_depth, $this->bit_depth_options, true) ? $bit_depth : 128;
-    }
-
-
-    /**
-     * @return int
-     */
-    public function keyLength()
-    {
-        return $this->key_length;
-    }
-
-
-    /**
-     * @param int $key_length
-     */
-    public function setKeyLength($key_length)
-    {
-        // let's not let the key length go below 8 or above 128
-        $this->key_length = min(max(absint($key_length), 8), 128);
-    }
-
-
-    /**
-     * deletes ALL existing encryption keys from the db
-     *
-     * @return bool true if keys successfully deleted, false otherwise.
-     */
-    public function removeAllEncryptionKeys()
-    {
-        return delete_option($this->encryption_keys_option_name);
-    }
-
-
-    /**
-     * deletes an existing encryption key from those saved in the db
-     *
-     * @param string $encryption_key_identifier encryption key name
-     * @return int  1: key removed successfully.
-     *              0: key did not exist.
-     *             -1: failed to remove key
-     * @throws Exception
-     */
-    public function removeEncryptionKey($encryption_key_identifier = '')
-    {
-        // if encryption key has not been set
-        if (! $this->encryptionKeyExists($encryption_key_identifier)) {
-            return 0;
-        }
-        unset($this->encryption_keys[ $encryption_key_identifier ]);
-        return $this->saveEncryptionKeys() ? 1 : -1;
-    }
-
-
-    /**
-     * retrieves encryption keys from db
-     *
-     * @return array
-     * @throws Exception
-     * @throws RuntimeException
-     */
-    protected function retrieveEncryptionKeys()
-    {
-        // if encryption key has not been set
-        if (empty($this->encryption_keys)) {
-            // retrieve encryption_key from db
-            $this->encryption_keys = get_option($this->encryption_keys_option_name, null);
-            // WHAT?? No encryption keys in the db ??
-            if ($this->encryption_keys === null) {
-                $this->encryption_keys = [];
-                // let's create the default key and save it
-                $new_key                                                   = $this->generateEncryptionKey();
-                $this->encryption_keys[ $this->default_encryption_key_id ] = $new_key;
-                if (! $this->saveEncryptionKeys(true)) {
-                    throw new RuntimeException(
-                        sprintf(
-                            esc_html__(
-                                'Failed to save the "%1$s" encryption keys array to the database.',
-                                'event_espresso'
-                            ),
-                            $this->encryption_keys_option_name
-                        )
-                    );
-                }
-            }
-        }
-        return $this->encryption_keys;
-    }
-
-
-    /**
-     * saves encryption keys from db
-     *
-     * @return bool
-     */
-    protected function saveEncryptionKeys($initialize = false)
-    {
-        return $initialize
-            ? add_option($this->encryption_keys_option_name, $this->encryption_keys, '', false)
-            : update_option($this->encryption_keys_option_name, $this->encryption_keys, false);
-    }
+	/**
+	 * @var Base64Encoder
+	 */
+	protected $base64_encoder;
+
+	/**
+	 * name used for a default encryption key in case no others are set
+	 *
+	 * @var string
+	 */
+	private $default_encryption_key_id;
+
+	/**
+	 * name used for saving encryption keys to the wp_options table
+	 *
+	 * @var string
+	 */
+	private $encryption_keys_option_name;
+
+	/**
+	 * @var array
+	 */
+	private $encryption_keys = null;
+
+	/**
+	 * number of bits used when generating cryptographically secure keys
+	 *
+	 * @var int
+	 */
+	private $bit_depth = 128;
+
+	/**
+	 * @var int[]
+	 */
+	private $bit_depth_options = [64, 128, 192, 256];
+
+	/**
+	 * number of characters used when generating cryptographically weak keys
+	 *
+	 * @var int
+	 */
+	private $key_length = 40;
+
+
+	/**
+	 * @param Base64Encoder $base64_encoder
+	 * @param string        $default_encryption_key_id
+	 * @param string        $encryption_keys_option_name
+	 */
+	public function __construct(Base64Encoder $base64_encoder, $default_encryption_key_id, $encryption_keys_option_name)
+	{
+		$this->base64_encoder              = $base64_encoder;
+		$this->default_encryption_key_id   = $default_encryption_key_id;
+		$this->encryption_keys_option_name = $encryption_keys_option_name;
+	}
+
+
+	/**
+	 * add an encryption key
+	 *
+	 * @param string $encryption_key_identifier - name of the encryption key to use
+	 * @param string $encryption_key            - cryptographically secure passphrase. will generate if necessary
+	 * @param bool   $overwrite                 - prevents accidental overwriting of an existing key which would be bad
+	 * @return bool
+	 * @throws Exception
+	 */
+	public function addEncryptionKey($encryption_key_identifier, $encryption_key = '', $overwrite = false)
+	{
+		$encryption_key_identifier = $encryption_key_identifier ?: $this->default_encryption_key_id;
+		if ($this->encryptionKeyExists($encryption_key_identifier) && ! $overwrite) {
+			// WOAH!!! that key already exists and we don't want to overwrite it
+			throw new RuntimeException(
+				sprintf(
+					esc_html__(
+						'The "%1$s" encryption key already exists and can not be overwritten because previously encrypted values would no longer be capable of being decrypted.',
+						'event_espresso'
+					),
+					$encryption_key_identifier
+				)
+			);
+		}
+		$this->encryption_keys[ $encryption_key_identifier ] = $encryption_key ?: $this->generateEncryptionKey();
+		return $this->saveEncryptionKeys();
+	}
+
+
+	/**
+	 * returns true if encryption key has already been generated
+	 *
+	 * @param string $encryption_key_identifier - encryption key name
+	 * @return bool
+	 * @throws Exception
+	 * @throws OutOfBoundsException
+	 */
+	public function encryptionKeyExists($encryption_key_identifier = '')
+	{
+		// ensure keys are loaded
+		$this->retrieveEncryptionKeys();
+		return isset($this->encryption_keys[ $encryption_key_identifier ]);
+	}
+
+
+	/**
+	 * returns cryptographically secure passphrase. will use default if necessary
+	 *
+	 * @param string $encryption_key_identifier - encryption key name. will use default if necessary
+	 * @param bool   $generate                  - will generate a new key if the requested one does not exist
+	 * @param bool   $throw_exception           - if TRUE (default), will throw an exception if key is not found
+	 * @return string
+	 * @throws Exception
+	 */
+	public function getEncryptionKey($encryption_key_identifier = '', $generate = true, $throw_exception = true)
+	{
+		$encryption_key_identifier = $encryption_key_identifier ?: $this->default_encryption_key_id;
+		// if encryption key has not been set
+		if (! $this->encryptionKeyExists($encryption_key_identifier)) {
+			if ($generate) {
+				$this->addEncryptionKey($encryption_key_identifier);
+			} else {
+				if (! $throw_exception) {
+					return '';
+				}
+				throw new OutOfBoundsException(
+					sprintf(
+						esc_html__('The "%1$s" encryption key was not found or is invalid.', 'event_espresso'),
+						$encryption_key_identifier
+					)
+				);
+			}
+		}
+		return $this->encryption_keys[ $encryption_key_identifier ];
+	}
+
+
+	/**
+	 * creates a new encryption key
+	 *
+	 * @param bool $strong if true (default) will attempt to generate a cryptographically secure key
+	 * @return string
+	 * @throws Exception
+	 */
+	public function generateEncryptionKey($strong = true)
+	{
+		return $strong && PHP_VERSION_ID >= 70100
+			? $this->generateStrongEncryptionKey()
+			: $this->generateWeakEncryptionKey();
+	}
+
+
+	/**
+	 * creates a new cryptographically secure encryption key
+	 *
+	 * @return string
+	 * @throws Exception
+	 */
+	protected function generateStrongEncryptionKey()
+	{
+		// bit_depth needs to be divided by 8 to convert to bytes
+		return $this->base64_encoder->encodeString(random_bytes($this->bit_depth / 8));
+	}
+
+
+	/**
+	 * creates a new encryption key that should not be trusted to be cryptographically secure
+	 *
+	 * @return string
+	 * @throws Exception
+	 */
+	protected function generateWeakEncryptionKey()
+	{
+		// @see http://stackoverflow.com/questions/637278/what-is-the-best-way-to-generate-a-random-key-within-php
+		$iterations    = ceil($this->key_length / 40);
+		$random_string = '';
+		for ($i = 0; $i < $iterations; $i++) {
+			$random_string .= sha1(microtime(true) . mt_rand(10000, 90000));
+		}
+		$random_string = (string) substr($random_string, 0, $this->key_length);
+		return $this->base64_encoder->encodeString($random_string);
+	}
+
+
+	/**
+	 * @return int
+	 */
+	public function bitDepth()
+	{
+		return $this->bit_depth;
+	}
+
+
+	/**
+	 * @param int $bit_depth options are 64, 128, 192, or 256
+	 */
+	public function setBitDepth($bit_depth)
+	{
+		$bit_depth       = absint($bit_depth);
+		$this->bit_depth = in_array($bit_depth, $this->bit_depth_options, true) ? $bit_depth : 128;
+	}
+
+
+	/**
+	 * @return int
+	 */
+	public function keyLength()
+	{
+		return $this->key_length;
+	}
+
+
+	/**
+	 * @param int $key_length
+	 */
+	public function setKeyLength($key_length)
+	{
+		// let's not let the key length go below 8 or above 128
+		$this->key_length = min(max(absint($key_length), 8), 128);
+	}
+
+
+	/**
+	 * deletes ALL existing encryption keys from the db
+	 *
+	 * @return bool true if keys successfully deleted, false otherwise.
+	 */
+	public function removeAllEncryptionKeys()
+	{
+		return delete_option($this->encryption_keys_option_name);
+	}
+
+
+	/**
+	 * deletes an existing encryption key from those saved in the db
+	 *
+	 * @param string $encryption_key_identifier encryption key name
+	 * @return int  1: key removed successfully.
+	 *              0: key did not exist.
+	 *             -1: failed to remove key
+	 * @throws Exception
+	 */
+	public function removeEncryptionKey($encryption_key_identifier = '')
+	{
+		// if encryption key has not been set
+		if (! $this->encryptionKeyExists($encryption_key_identifier)) {
+			return 0;
+		}
+		unset($this->encryption_keys[ $encryption_key_identifier ]);
+		return $this->saveEncryptionKeys() ? 1 : -1;
+	}
+
+
+	/**
+	 * retrieves encryption keys from db
+	 *
+	 * @return array
+	 * @throws Exception
+	 * @throws RuntimeException
+	 */
+	protected function retrieveEncryptionKeys()
+	{
+		// if encryption key has not been set
+		if (empty($this->encryption_keys)) {
+			// retrieve encryption_key from db
+			$this->encryption_keys = get_option($this->encryption_keys_option_name, null);
+			// WHAT?? No encryption keys in the db ??
+			if ($this->encryption_keys === null) {
+				$this->encryption_keys = [];
+				// let's create the default key and save it
+				$new_key                                                   = $this->generateEncryptionKey();
+				$this->encryption_keys[ $this->default_encryption_key_id ] = $new_key;
+				if (! $this->saveEncryptionKeys(true)) {
+					throw new RuntimeException(
+						sprintf(
+							esc_html__(
+								'Failed to save the "%1$s" encryption keys array to the database.',
+								'event_espresso'
+							),
+							$this->encryption_keys_option_name
+						)
+					);
+				}
+			}
+		}
+		return $this->encryption_keys;
+	}
+
+
+	/**
+	 * saves encryption keys from db
+	 *
+	 * @return bool
+	 */
+	protected function saveEncryptionKeys($initialize = false)
+	{
+		return $initialize
+			? add_option($this->encryption_keys_option_name, $this->encryption_keys, '', false)
+			: update_option($this->encryption_keys_option_name, $this->encryption_keys, false);
+	}
 }

Spacing +10 added lines, -10 removed lines

@@ -97,7 +97,7 @@ 
                 )
             );
         }
-        $this->encryption_keys[ $encryption_key_identifier ] = $encryption_key ?: $this->generateEncryptionKey();
+        $this->encryption_keys[$encryption_key_identifier] = $encryption_key ?: $this->generateEncryptionKey();
         return $this->saveEncryptionKeys();
     }
 
@@ -114,7 +114,7 @@ 
     {
         // ensure keys are loaded
         $this->retrieveEncryptionKeys();
-        return isset($this->encryption_keys[ $encryption_key_identifier ]);
+        return isset($this->encryption_keys[$encryption_key_identifier]);
     }
 
 
@@ -131,11 +131,11 @@ 
     {
         $encryption_key_identifier = $encryption_key_identifier ?: $this->default_encryption_key_id;
         // if encryption key has not been set
-        if (! $this->encryptionKeyExists($encryption_key_identifier)) {
+        if ( ! $this->encryptionKeyExists($encryption_key_identifier)) {
             if ($generate) {
                 $this->addEncryptionKey($encryption_key_identifier);
             } else {
-                if (! $throw_exception) {
+                if ( ! $throw_exception) {
                     return '';
                 }
                 throw new OutOfBoundsException(
@@ -146,7 +146,7 @@ 
                 );
             }
         }
-        return $this->encryption_keys[ $encryption_key_identifier ];
+        return $this->encryption_keys[$encryption_key_identifier];
     }
 
 
@@ -190,7 +190,7 @@ 
         $iterations    = ceil($this->key_length / 40);
         $random_string = '';
         for ($i = 0; $i < $iterations; $i++) {
-            $random_string .= sha1(microtime(true) . mt_rand(10000, 90000));
+            $random_string .= sha1(microtime(true).mt_rand(10000, 90000));
         }
         $random_string = (string) substr($random_string, 0, $this->key_length);
         return $this->base64_encoder->encodeString($random_string);
@@ -258,10 +258,10 @@ 
     public function removeEncryptionKey($encryption_key_identifier = '')
     {
         // if encryption key has not been set
-        if (! $this->encryptionKeyExists($encryption_key_identifier)) {
+        if ( ! $this->encryptionKeyExists($encryption_key_identifier)) {
             return 0;
         }
-        unset($this->encryption_keys[ $encryption_key_identifier ]);
+        unset($this->encryption_keys[$encryption_key_identifier]);
         return $this->saveEncryptionKeys() ? 1 : -1;
     }
 
@@ -284,8 +284,8 @@ 
                 $this->encryption_keys = [];
                 // let's create the default key and save it
                 $new_key                                                   = $this->generateEncryptionKey();
-                $this->encryption_keys[ $this->default_encryption_key_id ] = $new_key;
-                if (! $this->saveEncryptionKeys(true)) {
+                $this->encryption_keys[$this->default_encryption_key_id] = $new_key;
+                if ( ! $this->saveEncryptionKeys(true)) {
                     throw new RuntimeException(
                         sprintf(
                             esc_html__(

public/Espresso_Arabica_2014/content-espresso_venues-details.php

Spacing +13 added lines, -13 removed lines

@@ -1,43 +1,43 @@
 <?php //echo '<h1>' . __FILE__ . '</h1>'; ?>
 <?php global $post; ?>
 <div class="venue-content">
-<?php if ( apply_filters( 'FHEE__content_espresso_venues_details_template__display_entry_meta', TRUE )): ?>
+<?php if (apply_filters('FHEE__content_espresso_venues_details_template__display_entry_meta', TRUE)): ?>
 	<div class="entry-meta">
-		<span class="tags-links"><?php espresso_venue_categories( $post->ID, TRUE, TRUE ); ?></span>
+		<span class="tags-links"><?php espresso_venue_categories($post->ID, TRUE, TRUE); ?></span>
 		<?php
-			if ( ! post_password_required() && ( comments_open() || get_comments_number() ) ) :
+			if ( ! post_password_required() && (comments_open() || get_comments_number())) :
 		?>
-		<span class="comments-link"><?php comments_popup_link( esc_html__( 'Leave a comment', 'event_espresso' ), esc_html__( '1 Comment', 'event_espresso' ), esc_html__( '% Comments', 'event_espresso' ) ); ?></span>
+		<span class="comments-link"><?php comments_popup_link(esc_html__('Leave a comment', 'event_espresso'), esc_html__('1 Comment', 'event_espresso'), esc_html__('% Comments', 'event_espresso')); ?></span>
 		<?php
 			endif;
 
-			edit_post_link( esc_html__( 'Edit', 'event_espresso' ), '<span class="edit-link">', '</span>' );
+			edit_post_link(esc_html__('Edit', 'event_espresso'), '<span class="edit-link">', '</span>');
 		?>
 	</div>
 <?php  endif; ?>
 	
 	<h3 class="event-venues-h3 ee-event-h3">
-		<?php esc_html_e( 'Details', 'event_espresso' ); ?>
+		<?php esc_html_e('Details', 'event_espresso'); ?>
 	</h3>
 
-	<?php if ( $venue_phone = espresso_venue_phone( $post->ID, FALSE )) : ?>
+	<?php if ($venue_phone = espresso_venue_phone($post->ID, FALSE)) : ?>
 	<p>
-		<span class="small-text"><strong><?php esc_html_e( 'Venue Phone:', 'event_espresso' ); ?> </strong></span><?php echo $venue_phone; ?>
+		<span class="small-text"><strong><?php esc_html_e('Venue Phone:', 'event_espresso'); ?> </strong></span><?php echo $venue_phone; ?>
 	</p>
 	<?php endif; ?>
-	<?php if ( $venue_website = espresso_venue_website( $post->ID, FALSE )) : ?>
+	<?php if ($venue_website = espresso_venue_website($post->ID, FALSE)) : ?>
 	<p>
-		<span class="small-text"><strong><?php esc_html_e( 'Venue Website:', 'event_espresso' ); ?> </strong></span><?php echo $venue_website; ?>
+		<span class="small-text"><strong><?php esc_html_e('Venue Website:', 'event_espresso'); ?> </strong></span><?php echo $venue_website; ?>
 	</p>
 	<?php endif; ?>
 	<?php 
-	do_action( 'AHEE__content_espresso_venues_details_template__before_the_content', $post ); 
-	if ( is_archive() && has_excerpt( $post->ID )) {
+	do_action('AHEE__content_espresso_venues_details_template__before_the_content', $post); 
+	if (is_archive() && has_excerpt($post->ID)) {
 		the_excerpt();
 	} else {
 		the_content();
 	}
-	do_action( 'AHEE__content_espresso_venues_details_template__after_the_content', $post ); 
+	do_action('AHEE__content_espresso_venues_details_template__after_the_content', $post); 
 	?>
 </div>
 <!-- .venue-content -->

public/Espresso_Arabica_2014/content-espresso_venues-thumbnail.php

Spacing +6 added lines, -6 removed lines

@@ -3,12 +3,12 @@ 
 
 global $post;
 
-do_action( 'AHEE__content_espresso_venues_template__before_featured_img', $post );
+do_action('AHEE__content_espresso_venues_template__before_featured_img', $post);
 
-if ( has_post_thumbnail( $post->ID )) :
-	if ( $img_ID = get_post_thumbnail_id( $post->ID )) :
-		if ( $featured_img = wp_get_attachment_image_src( $img_ID, 'large' )) :
-			$caption = get_post( get_post( $img_ID ))->post_excerpt;
+if (has_post_thumbnail($post->ID)) :
+	if ($img_ID = get_post_thumbnail_id($post->ID)) :
+		if ($featured_img = wp_get_attachment_image_src($img_ID, 'large')) :
+			$caption = get_post(get_post($img_ID))->post_excerpt;
 			$wrap_class .= ' has-img';
 			?>
 <div id="ee-venue-img-dv-<?php echo esc_attr($post->ID); ?>" class="ee-venue-img-dv">
@@ -26,5 +26,5 @@ 
 	endif;
 endif;
 ?>		
-<?php do_action( 'AHEE__content_espresso_venues_template__after_featured_img', $post );?>
+<?php do_action('AHEE__content_espresso_venues_template__after_featured_img', $post); ?>
 <!-- .venue-content -->

public/Espresso_Arabica_2014/content-espresso_events-details.php

Indentation +11 added lines, -11 removed lines

@@ -13,20 +13,20 @@
 	    <?php if ( ! post_password_required() && ( comments_open() || get_comments_number() ) ) : ?>
 	    <span class="comments-link">
         <?php comments_popup_link(
-            esc_html__( 'Leave a comment', 'event_espresso' ),
-            esc_html__( '1 Comment', 'event_espresso' ),
-            esc_html__( '% Comments', 'event_espresso' )
-        ); ?>
+			esc_html__( 'Leave a comment', 'event_espresso' ),
+			esc_html__( '1 Comment', 'event_espresso' ),
+			esc_html__( '% Comments', 'event_espresso' )
+		); ?>
         </span>
 
         <?php
-            endif;
-            edit_post_link(
-                esc_html__( 'Edit', 'event_espresso' ),
-                '<span class="edit-link">',
-                '</span>'
-            );
-        ?>
+			endif;
+			edit_post_link(
+				esc_html__( 'Edit', 'event_espresso' ),
+				'<span class="edit-link">',
+				'</span>'
+			);
+		?>
 	</div>
 
 <?php endif;

Spacing +15 added lines, -15 removed lines

@@ -2,27 +2,27 @@ 
 global $post;
 ?>
 <div class="event-content">
-<?php if ( apply_filters( 'FHEE__content_espresso_events_details_template__display_entry_meta', TRUE )): ?>
+<?php if (apply_filters('FHEE__content_espresso_events_details_template__display_entry_meta', TRUE)): ?>
 
 	<div class="entry-meta">
 
 		<span class="tags-links">
-            <?php espresso_event_categories( $post->ID, TRUE, TRUE ); ?>
+            <?php espresso_event_categories($post->ID, TRUE, TRUE); ?>
         </span>
 
-	    <?php if ( ! post_password_required() && ( comments_open() || get_comments_number() ) ) : ?>
+	    <?php if ( ! post_password_required() && (comments_open() || get_comments_number())) : ?>
 	    <span class="comments-link">
         <?php comments_popup_link(
-            esc_html__( 'Leave a comment', 'event_espresso' ),
-            esc_html__( '1 Comment', 'event_espresso' ),
-            esc_html__( '% Comments', 'event_espresso' )
+            esc_html__('Leave a comment', 'event_espresso'),
+            esc_html__('1 Comment', 'event_espresso'),
+            esc_html__('% Comments', 'event_espresso')
         ); ?>
         </span>
 
         <?php
             endif;
             edit_post_link(
-                esc_html__( 'Edit', 'event_espresso' ),
+                esc_html__('Edit', 'event_espresso'),
                 '<span class="edit-link">',
                 '</span>'
             );
@@ -30,25 +30,25 @@ 
 	</div>
 
 <?php endif;
-	$event_phone = espresso_event_phone( $post->ID, FALSE );
+	$event_phone = espresso_event_phone($post->ID, FALSE);
 
-	if ( $event_phone != '' ) : ?>
+	if ($event_phone != '') : ?>
 	<p class="event-phone">
 		<span class="small-text">
-            <strong><?php esc_html_e( 'Event Phone:', 'event_espresso' ); ?> </strong>
+            <strong><?php esc_html_e('Event Phone:', 'event_espresso'); ?> </strong>
         </span>
         <?php echo $event_phone; // already escaped ?>
 	</p>
-<?php endif;  ?>
+<?php endif; ?>
 
 <?php
-	if ( apply_filters( 'FHEE__content_espresso_events_details_template__display_the_content', true ) ) {
-		do_action( 'AHEE_event_details_before_the_content', $post );
+	if (apply_filters('FHEE__content_espresso_events_details_template__display_the_content', true)) {
+		do_action('AHEE_event_details_before_the_content', $post);
 		echo apply_filters(
 			'FHEE__content_espresso_events_details_template__the_content',
-			espresso_event_content_or_excerpt( 55, null, false ) 
+			espresso_event_content_or_excerpt(55, null, false) 
 		);
-		do_action( 'AHEE_event_details_after_the_content', $post );
+		do_action('AHEE_event_details_after_the_content', $post);
 	}
  ?>
 </div>

public/Espresso_Arabica_2014/content-espresso_venues-location.php

Spacing +4 added lines, -4 removed lines

@@ -1,16 +1,16 @@
 <?php //echo '<h1>' . __FILE__ . '</h1>'; 
 global $post; 
-if ( espresso_venue_has_address( $post->ID )) :
+if (espresso_venue_has_address($post->ID)) :
 ?>
 <div class="venue-location">
 	
 	<h3 class="venue-address-h3 ee-venue-h3">
-		<span class="dashicons dashicons-location-alt"></span><?php esc_html_e( 'Location', 'event_espresso' ); ?>
+		<span class="dashicons dashicons-location-alt"></span><?php esc_html_e('Location', 'event_espresso'); ?>
 	</h3>
-	<span class="small-text"><strong><?php esc_html_e( 'Address:', 'event_espresso' ); ?></strong></span><?php espresso_venue_address( 'inline', $post->ID ); ?>
+	<span class="small-text"><strong><?php esc_html_e('Address:', 'event_espresso'); ?></strong></span><?php espresso_venue_address('inline', $post->ID); ?>
 	<div class="clear"></div>
 
-	<div class="venue-gmap"><?php espresso_venue_gmap( $post->ID ); ?></div>
+	<div class="venue-gmap"><?php espresso_venue_gmap($post->ID); ?></div>
 	<div class="clear"></div>
 	
 </div>

public/Espresso_Arabica_2014/content-espresso_events-shortcode.php

Spacing +16 added lines, -16 removed lines

@@ -21,21 +21,21 @@ 
  * and/or use any of the template tags functions found in:
  * \wp-content\plugins\event-espresso-core\public\template_tags.php
  ************************** IMPORTANT **************************/
-add_filter( 'FHEE__content_espresso_events__template_loaded', '__return_false' );
+add_filter('FHEE__content_espresso_events__template_loaded', '__return_false');
 
 
 global $post;
-$event_class = has_excerpt( $post->ID ) ? ' has-excerpt' : '';
-$event_class = apply_filters( 'FHEE__content_espresso_events__event_class', $event_class );
+$event_class = has_excerpt($post->ID) ? ' has-excerpt' : '';
+$event_class = apply_filters('FHEE__content_espresso_events__event_class', $event_class);
 ?>
-<?php do_action( 'AHEE_event_details_before_post', $post ); ?>
-<article id="post-<?php the_ID(); ?>" <?php post_class( $event_class ); ?>>
+<?php do_action('AHEE_event_details_before_post', $post); ?>
+<article id="post-<?php the_ID(); ?>" <?php post_class($event_class); ?>>
 
-<?php if ( is_single() ) : ?>
+<?php if (is_single()) : ?>
 
-	<div id="espresso-event-header-dv-<?php echo esc_attr($post->ID);?>" class="espresso-event-header-dv">
-		<?php espresso_get_template_part( 'content', 'espresso_events-thumbnail' ); ?>
-		<?php espresso_get_template_part( 'content', 'espresso_events-header' ); ?>
+	<div id="espresso-event-header-dv-<?php echo esc_attr($post->ID); ?>" class="espresso-event-header-dv">
+		<?php espresso_get_template_part('content', 'espresso_events-thumbnail'); ?>
+		<?php espresso_get_template_part('content', 'espresso_events-header'); ?>
 	</div>
 
 	<div class="espresso-event-wrapper-dv">
@@ -45,16 +45,16 @@ 
 		<?php //espresso_get_template_part( 'content', 'espresso_events-details' ); ?>
 		<?php //espresso_get_template_part( 'content', 'espresso_events-venues' ); ?>
 		<footer class="event-meta">
-			<?php do_action( 'AHEE_event_details_footer_top', $post ); ?>
-			<?php do_action( 'AHEE_event_details_footer_bottom', $post ); ?>
+			<?php do_action('AHEE_event_details_footer_top', $post); ?>
+			<?php do_action('AHEE_event_details_footer_bottom', $post); ?>
 		</footer>
 	</div>
 
-<?php elseif ( is_archive() ) : ?>
+<?php elseif (is_archive()) : ?>
 
-	<div id="espresso-event-list-header-dv-<?php echo $post->ID;?>" class="espresso-event-header-dv">
-		<?php espresso_get_template_part( 'content', 'espresso_events-thumbnail' ); ?>
-		<?php espresso_get_template_part( 'content', 'espresso_events-header' ); ?>
+	<div id="espresso-event-list-header-dv-<?php echo $post->ID; ?>" class="espresso-event-header-dv">
+		<?php espresso_get_template_part('content', 'espresso_events-thumbnail'); ?>
+		<?php espresso_get_template_part('content', 'espresso_events-header'); ?>
 	</div>
 
 	<div class="espresso-event-list-wrapper-dv">
@@ -69,5 +69,5 @@ 
 
 </article>
 <!-- #post -->
-<?php do_action( 'AHEE_event_details_after_post', $post );
+<?php do_action('AHEE_event_details_after_post', $post);