o2system /
security
@@ -131,7 +131,7 @@ discard block |
||
| 131 | 131 | 'openssl' => extension_loaded('openssl'), |
| 132 | 132 | ]; |
| 133 | 133 | |
| 134 | - if ( ! $this->drivers[ 'mcrypt' ] && ! $this->drivers[ 'openssl' ]) { |
|
| 134 | + if ( ! $this->drivers['mcrypt'] && ! $this->drivers['openssl']) { |
|
| 135 | 135 | //Encryption: Unable to find an available encryption driver. |
| 136 | 136 | throw new BadPhpExtensionCallException('E_SECURITY_CRYPT_UNABLE_TO_FIND_DRIVER'); |
| 137 | 137 | } |
@@ -163,14 +163,14 @@ discard block |
||
| 163 | 163 | */ |
| 164 | 164 | public function initialize(array $params) |
| 165 | 165 | { |
| 166 | - if ( ! empty($params[ 'driver' ])) { |
|
| 167 | - if (isset($this->drivers[ $params[ 'driver' ] ])) { |
|
| 168 | - if ($this->drivers[ $params[ 'driver' ] ]) { |
|
| 169 | - $this->driver = $params[ 'driver' ]; |
|
| 166 | + if ( ! empty($params['driver'])) { |
|
| 167 | + if (isset($this->drivers[$params['driver']])) { |
|
| 168 | + if ($this->drivers[$params['driver']]) { |
|
| 169 | + $this->driver = $params['driver']; |
|
| 170 | 170 | } else { |
| 171 | 171 | //"Encryption: Driver '" . $params[ 'driver' ] . "' is not available." |
| 172 | 172 | throw new BadPhpExtensionCallException( |
| 173 | - 'E_SECURITY_CRYPT_DRIVER_NOT_AVAILABLE', $params[ 'driver' ] |
|
| 173 | + 'E_SECURITY_CRYPT_DRIVER_NOT_AVAILABLE', $params['driver'] |
|
| 174 | 174 | ); |
| 175 | 175 | } |
| 176 | 176 | } else { |
@@ -178,19 +178,19 @@ discard block |
||
| 178 | 178 | throw new BadPhpExtensionCallException( |
| 179 | 179 | 'E_SECURITY_CRYPT_DRIVER_NOT_CONFIGURED', |
| 180 | 180 | 0, |
| 181 | - [$params[ 'driver' ]] |
|
| 181 | + [$params['driver']] |
|
| 182 | 182 | ); |
| 183 | 183 | } |
| 184 | 184 | } |
| 185 | 185 | |
| 186 | 186 | if (empty($this->driver)) { |
| 187 | - $this->driver = ($this->drivers[ 'openssl' ] === true) |
|
| 187 | + $this->driver = ($this->drivers['openssl'] === true) |
|
| 188 | 188 | ? 'openssl' |
| 189 | 189 | : 'mcrypt'; |
| 190 | 190 | } |
| 191 | 191 | |
| 192 | - empty($params[ 'cipher' ]) && $params[ 'cipher' ] = $this->cipher; |
|
| 193 | - empty($params[ 'key' ]) OR $this->key = $params[ 'key' ]; |
|
| 192 | + empty($params['cipher']) && $params['cipher'] = $this->cipher; |
|
| 193 | + empty($params['key']) OR $this->key = $params['key']; |
|
| 194 | 194 | $this->{$this->driver . 'Initialize'}($params); |
| 195 | 195 | |
| 196 | 196 | return $this; |
@@ -237,20 +237,20 @@ discard block |
||
| 237 | 237 | return false; |
| 238 | 238 | } |
| 239 | 239 | |
| 240 | - isset($params[ 'key' ]) OR |
|
| 241 | - $params[ 'key' ] = $this->hkdf($this->key, 'sha512', null, self::strlen($this->key), 'encryption'); |
|
| 240 | + isset($params['key']) OR |
|
| 241 | + $params['key'] = $this->hkdf($this->key, 'sha512', null, self::strlen($this->key), 'encryption'); |
|
| 242 | 242 | |
| 243 | 243 | if (($data = $this->{$this->driver . 'Encrypt'}($data, $params)) === false) { |
| 244 | 244 | return false; |
| 245 | 245 | } |
| 246 | 246 | |
| 247 | - $params[ 'base64' ] && $data = base64_encode($data); |
|
| 247 | + $params['base64'] && $data = base64_encode($data); |
|
| 248 | 248 | |
| 249 | - if (isset($params[ 'hmac_digest' ])) { |
|
| 250 | - isset($params[ 'hmac_key' ]) OR |
|
| 251 | - $params[ 'hmac_key' ] = $this->hkdf($this->key, 'sha512', null, null, 'authentication'); |
|
| 249 | + if (isset($params['hmac_digest'])) { |
|
| 250 | + isset($params['hmac_key']) OR |
|
| 251 | + $params['hmac_key'] = $this->hkdf($this->key, 'sha512', null, null, 'authentication'); |
|
| 252 | 252 | |
| 253 | - return hash_hmac($params[ 'hmac_digest' ], $data, $params[ 'hmac_key' ], ! $params[ 'base64' ]) . $data; |
|
| 253 | + return hash_hmac($params['hmac_digest'], $data, $params['hmac_key'], ! $params['base64']) . $data; |
|
| 254 | 254 | } |
| 255 | 255 | |
| 256 | 256 | return $data; |
@@ -277,49 +277,49 @@ discard block |
||
| 277 | 277 | 'hmac_key' => null, |
| 278 | 278 | ] |
| 279 | 279 | : false; |
| 280 | - } elseif ( ! isset($params[ 'cipher' ], $params[ 'mode' ], $params[ 'key' ])) { |
|
| 280 | + } elseif ( ! isset($params['cipher'], $params['mode'], $params['key'])) { |
|
| 281 | 281 | return false; |
| 282 | 282 | } |
| 283 | 283 | |
| 284 | - if (isset($params[ 'mode' ])) { |
|
| 285 | - $params[ 'mode' ] = strtolower($params[ 'mode' ]); |
|
| 286 | - if ( ! isset($this->modes[ $this->driver ][ $params[ 'mode' ] ])) { |
|
| 284 | + if (isset($params['mode'])) { |
|
| 285 | + $params['mode'] = strtolower($params['mode']); |
|
| 286 | + if ( ! isset($this->modes[$this->driver][$params['mode']])) { |
|
| 287 | 287 | return false; |
| 288 | 288 | } else { |
| 289 | - $params[ 'mode' ] = $this->modes[ $this->driver ][ $params[ 'mode' ] ]; |
|
| 289 | + $params['mode'] = $this->modes[$this->driver][$params['mode']]; |
|
| 290 | 290 | } |
| 291 | 291 | } |
| 292 | 292 | |
| 293 | - if (isset($params[ 'hmac' ]) && $params[ 'hmac' ] === false) { |
|
| 294 | - $params[ 'hmac_digest' ] = $params[ 'hmac_key' ] = null; |
|
| 293 | + if (isset($params['hmac']) && $params['hmac'] === false) { |
|
| 294 | + $params['hmac_digest'] = $params['hmac_key'] = null; |
|
| 295 | 295 | } else { |
| 296 | - if ( ! isset($params[ 'hmac_key' ])) { |
|
| 296 | + if ( ! isset($params['hmac_key'])) { |
|
| 297 | 297 | return false; |
| 298 | - } elseif (isset($params[ 'hmac_digest' ])) { |
|
| 299 | - $params[ 'hmac_digest' ] = strtolower($params[ 'hmac_digest' ]); |
|
| 300 | - if ( ! isset($this->digests[ $params[ 'hmac_digest' ] ])) { |
|
| 298 | + } elseif (isset($params['hmac_digest'])) { |
|
| 299 | + $params['hmac_digest'] = strtolower($params['hmac_digest']); |
|
| 300 | + if ( ! isset($this->digests[$params['hmac_digest']])) { |
|
| 301 | 301 | return false; |
| 302 | 302 | } |
| 303 | 303 | } else { |
| 304 | - $params[ 'hmac_digest' ] = 'sha512'; |
|
| 304 | + $params['hmac_digest'] = 'sha512'; |
|
| 305 | 305 | } |
| 306 | 306 | } |
| 307 | 307 | |
| 308 | 308 | $params = [ |
| 309 | 309 | 'handle' => null, |
| 310 | - 'cipher' => $params[ 'cipher' ], |
|
| 311 | - 'mode' => $params[ 'mode' ], |
|
| 312 | - 'key' => $params[ 'key' ], |
|
| 313 | - 'base64' => isset($params[ 'raw_data' ]) |
|
| 314 | - ? ! $params[ 'raw_data' ] |
|
| 310 | + 'cipher' => $params['cipher'], |
|
| 311 | + 'mode' => $params['mode'], |
|
| 312 | + 'key' => $params['key'], |
|
| 313 | + 'base64' => isset($params['raw_data']) |
|
| 314 | + ? ! $params['raw_data'] |
|
| 315 | 315 | : false, |
| 316 | - 'hmac_digest' => $params[ 'hmac_digest' ], |
|
| 317 | - 'hmac_key' => $params[ 'hmac_key' ], |
|
| 316 | + 'hmac_digest' => $params['hmac_digest'], |
|
| 317 | + 'hmac_key' => $params['hmac_key'], |
|
| 318 | 318 | ]; |
| 319 | 319 | |
| 320 | - $this->cipherAlias($params[ 'cipher' ]); |
|
| 321 | - $params[ 'handle' ] = ($params[ 'cipher' ] !== $this->cipher OR $params[ 'mode' ] !== $this->mode) |
|
| 322 | - ? $this->{$this->driver . 'GetHandle'}($params[ 'cipher' ], $params[ 'mode' ]) |
|
| 320 | + $this->cipherAlias($params['cipher']); |
|
| 321 | + $params['handle'] = ($params['cipher'] !== $this->cipher OR $params['mode'] !== $this->mode) |
|
| 322 | + ? $this->{$this->driver . 'GetHandle'}($params['cipher'], $params['mode']) |
|
| 323 | 323 | : $this->handle; |
| 324 | 324 | |
| 325 | 325 | return $params; |
@@ -394,8 +394,8 @@ discard block |
||
| 394 | 394 | // confirms that it is MCrypt's fault. |
| 395 | 395 | } |
| 396 | 396 | |
| 397 | - if (isset($dictionary[ $this->driver ][ $cipher ])) { |
|
| 398 | - $cipher = $dictionary[ $this->driver ][ $cipher ]; |
|
| 397 | + if (isset($dictionary[$this->driver][$cipher])) { |
|
| 398 | + $cipher = $dictionary[$this->driver][$cipher]; |
|
| 399 | 399 | } |
| 400 | 400 | } |
| 401 | 401 | |
@@ -416,17 +416,17 @@ discard block |
||
| 416 | 416 | */ |
| 417 | 417 | public function hkdf($key, $digest = 'sha512', $salt = null, $length = null, $info = '') |
| 418 | 418 | { |
| 419 | - if ( ! isset($this->digests[ $digest ])) { |
|
| 419 | + if ( ! isset($this->digests[$digest])) { |
|
| 420 | 420 | return false; |
| 421 | 421 | } |
| 422 | 422 | |
| 423 | 423 | if (empty($length) OR ! is_int($length)) { |
| 424 | - $length = $this->digests[ $digest ]; |
|
| 425 | - } elseif ($length > (255 * $this->digests[ $digest ])) { |
|
| 424 | + $length = $this->digests[$digest]; |
|
| 425 | + } elseif ($length > (255 * $this->digests[$digest])) { |
|
| 426 | 426 | return false; |
| 427 | 427 | } |
| 428 | 428 | |
| 429 | - self::strlen($salt) OR $salt = str_repeat("\0", $this->digests[ $digest ]); |
|
| 429 | + self::strlen($salt) OR $salt = str_repeat("\0", $this->digests[$digest]); |
|
| 430 | 430 | |
| 431 | 431 | $prk = hash_hmac($digest, $key, $salt, true); |
| 432 | 432 | $key = ''; |
@@ -482,12 +482,12 @@ discard block |
||
| 482 | 482 | return false; |
| 483 | 483 | } |
| 484 | 484 | |
| 485 | - if (isset($params[ 'hmac_digest' ])) { |
|
| 485 | + if (isset($params['hmac_digest'])) { |
|
| 486 | 486 | // This might look illogical, but it is done during encryption as well ... |
| 487 | 487 | // The 'base64' value is effectively an inverted "raw data" parameter |
| 488 | - $digest_size = ($params[ 'base64' ]) |
|
| 489 | - ? $this->digests[ $params[ 'hmac_digest' ] ] * 2 |
|
| 490 | - : $this->digests[ $params[ 'hmac_digest' ] ]; |
|
| 488 | + $digest_size = ($params['base64']) |
|
| 489 | + ? $this->digests[$params['hmac_digest']] * 2 |
|
| 490 | + : $this->digests[$params['hmac_digest']]; |
|
| 491 | 491 | |
| 492 | 492 | if (self::strlen($data) <= $digest_size) { |
| 493 | 493 | return false; |
@@ -496,14 +496,14 @@ discard block |
||
| 496 | 496 | $hmac_input = self::substr($data, 0, $digest_size); |
| 497 | 497 | $data = self::substr($data, $digest_size); |
| 498 | 498 | |
| 499 | - isset($params[ 'hmac_key' ]) OR |
|
| 500 | - $params[ 'hmac_key' ] = $this->hkdf($this->key, 'sha512', null, null, 'authentication'); |
|
| 501 | - $hmac_check = hash_hmac($params[ 'hmac_digest' ], $data, $params[ 'hmac_key' ], ! $params[ 'base64' ]); |
|
| 499 | + isset($params['hmac_key']) OR |
|
| 500 | + $params['hmac_key'] = $this->hkdf($this->key, 'sha512', null, null, 'authentication'); |
|
| 501 | + $hmac_check = hash_hmac($params['hmac_digest'], $data, $params['hmac_key'], ! $params['base64']); |
|
| 502 | 502 | |
| 503 | 503 | // Time-attack-safe comparison |
| 504 | 504 | $diff = 0; |
| 505 | 505 | for ($i = 0; $i < $digest_size; $i++) { |
| 506 | - $diff |= ord($hmac_input[ $i ]) ^ ord($hmac_check[ $i ]); |
|
| 506 | + $diff |= ord($hmac_input[$i]) ^ ord($hmac_check[$i]); |
|
| 507 | 507 | } |
| 508 | 508 | |
| 509 | 509 | if ($diff !== 0) { |
@@ -511,12 +511,12 @@ discard block |
||
| 511 | 511 | } |
| 512 | 512 | } |
| 513 | 513 | |
| 514 | - if ($params[ 'base64' ]) { |
|
| 514 | + if ($params['base64']) { |
|
| 515 | 515 | $data = base64_decode($data); |
| 516 | 516 | } |
| 517 | 517 | |
| 518 | - isset($params[ 'key' ]) OR |
|
| 519 | - $params[ 'key' ] = $this->hkdf($this->key, 'sha512', null, self::strlen($this->key), 'encryption'); |
|
| 518 | + isset($params['key']) OR |
|
| 519 | + $params['key'] = $this->hkdf($this->key, 'sha512', null, self::strlen($this->key), 'encryption'); |
|
| 520 | 520 | |
| 521 | 521 | return $this->{$this->driver . 'Decrypt'}($data, $params); |
| 522 | 522 | } |
@@ -534,7 +534,7 @@ discard block |
||
| 534 | 534 | { |
| 535 | 535 | // Because aliases |
| 536 | 536 | if ($key === 'mode') { |
| 537 | - return array_search($this->mode, $this->modes[ $this->driver ], true); |
|
| 537 | + return array_search($this->mode, $this->modes[$this->driver], true); |
|
| 538 | 538 | } elseif (in_array($key, ['cipher', 'driver', 'drivers', 'digests'], true)) { |
| 539 | 539 | return $this->{'_' . $key}; |
| 540 | 540 | } |
@@ -553,33 +553,33 @@ discard block |
||
| 553 | 553 | */ |
| 554 | 554 | protected function mcryptInitialize($params) |
| 555 | 555 | { |
| 556 | - if ( ! empty($params[ 'cipher' ])) { |
|
| 557 | - $params[ 'cipher' ] = strtolower($params[ 'cipher' ]); |
|
| 558 | - $this->cipherAlias($params[ 'cipher' ]); |
|
| 556 | + if ( ! empty($params['cipher'])) { |
|
| 557 | + $params['cipher'] = strtolower($params['cipher']); |
|
| 558 | + $this->cipherAlias($params['cipher']); |
|
| 559 | 559 | |
| 560 | - if ( ! in_array($params[ 'cipher' ], mcrypt_list_algorithms(), true)) { |
|
| 560 | + if ( ! in_array($params['cipher'], mcrypt_list_algorithms(), true)) { |
|
| 561 | 561 | // 'Encryption: MCrypt cipher ' . strtoupper( $params[ 'cipher' ] ) . ' is not available.' |
| 562 | 562 | throw new BadFunctionCallException( |
| 563 | 563 | 'E_SECURITY_MCRYPT_CIPHER_UNAVAILABLE', |
| 564 | 564 | 0, |
| 565 | - [strtoupper($params[ 'cipher' ])] |
|
| 565 | + [strtoupper($params['cipher'])] |
|
| 566 | 566 | ); |
| 567 | 567 | } else { |
| 568 | - $this->cipher = $params[ 'cipher' ]; |
|
| 568 | + $this->cipher = $params['cipher']; |
|
| 569 | 569 | } |
| 570 | 570 | } |
| 571 | 571 | |
| 572 | - if ( ! empty($params[ 'mode' ])) { |
|
| 573 | - $params[ 'mode' ] = strtolower($params[ 'mode' ]); |
|
| 574 | - if ( ! isset($this->modes[ 'mcrypt' ][ $params[ 'mode' ] ])) { |
|
| 572 | + if ( ! empty($params['mode'])) { |
|
| 573 | + $params['mode'] = strtolower($params['mode']); |
|
| 574 | + if ( ! isset($this->modes['mcrypt'][$params['mode']])) { |
|
| 575 | 575 | // 'Encryption: MCrypt mode ' . strtoupper( $params[ 'mode' ] ) . ' is not available.' |
| 576 | 576 | throw new BadFunctionCallException( |
| 577 | 577 | 'E_SECURITY_MCRYPT_MODE_UNAVAILABLE', |
| 578 | 578 | 0, |
| 579 | - [strtoupper($params[ 'mode' ])] |
|
| 579 | + [strtoupper($params['mode'])] |
|
| 580 | 580 | ); |
| 581 | 581 | } else { |
| 582 | - $this->mode = $this->modes[ 'mcrypt' ][ $params[ 'mode' ] ]; |
|
| 582 | + $this->mode = $this->modes['mcrypt'][$params['mode']]; |
|
| 583 | 583 | } |
| 584 | 584 | } |
| 585 | 585 | |
@@ -618,23 +618,23 @@ discard block |
||
| 618 | 618 | */ |
| 619 | 619 | protected function opensslInitialize($params) |
| 620 | 620 | { |
| 621 | - if ( ! empty($params[ 'cipher' ])) { |
|
| 622 | - $params[ 'cipher' ] = strtolower($params[ 'cipher' ]); |
|
| 623 | - $this->cipherAlias($params[ 'cipher' ]); |
|
| 624 | - $this->cipher = $params[ 'cipher' ]; |
|
| 621 | + if ( ! empty($params['cipher'])) { |
|
| 622 | + $params['cipher'] = strtolower($params['cipher']); |
|
| 623 | + $this->cipherAlias($params['cipher']); |
|
| 624 | + $this->cipher = $params['cipher']; |
|
| 625 | 625 | } |
| 626 | 626 | |
| 627 | - if ( ! empty($params[ 'mode' ])) { |
|
| 628 | - $params[ 'mode' ] = strtolower($params[ 'mode' ]); |
|
| 629 | - if ( ! isset($this->modes[ 'openssl' ][ $params[ 'mode' ] ])) { |
|
| 627 | + if ( ! empty($params['mode'])) { |
|
| 628 | + $params['mode'] = strtolower($params['mode']); |
|
| 629 | + if ( ! isset($this->modes['openssl'][$params['mode']])) { |
|
| 630 | 630 | // 'Encryption: OpenSSL mode ' . strtoupper( $params[ 'mode' ] ) . ' is not available.' |
| 631 | 631 | throw new BadFunctionCallException( |
| 632 | 632 | 'E_SECURITY_CRYPT_OPENSSL_MODE_UNAVAILABLE', |
| 633 | 633 | 0, |
| 634 | - [strtoupper($params[ 'mode' ])] |
|
| 634 | + [strtoupper($params['mode'])] |
|
| 635 | 635 | ); |
| 636 | 636 | } else { |
| 637 | - $this->mode = $this->modes[ 'openssl' ][ $params[ 'mode' ] ]; |
|
| 637 | + $this->mode = $this->modes['openssl'][$params['mode']]; |
|
| 638 | 638 | } |
| 639 | 639 | } |
| 640 | 640 | |
@@ -676,19 +676,19 @@ discard block |
||
| 676 | 676 | */ |
| 677 | 677 | protected function mcryptEncrypt($data, $params) |
| 678 | 678 | { |
| 679 | - if ( ! is_resource($params[ 'handle' ])) { |
|
| 679 | + if ( ! is_resource($params['handle'])) { |
|
| 680 | 680 | return false; |
| 681 | 681 | } |
| 682 | 682 | |
| 683 | 683 | // The greater-than-1 comparison is mostly a work-around for a bug, |
| 684 | 684 | // where 1 is returned for ARCFour instead of 0. |
| 685 | - $iv = (($iv_size = mcrypt_enc_get_iv_size($params[ 'handle' ])) > 1) |
|
| 685 | + $iv = (($iv_size = mcrypt_enc_get_iv_size($params['handle'])) > 1) |
|
| 686 | 686 | ? $this->createKey($iv_size) |
| 687 | 687 | : null; |
| 688 | 688 | |
| 689 | - if (mcrypt_generic_init($params[ 'handle' ], $params[ 'key' ], $iv) < 0) { |
|
| 690 | - if ($params[ 'handle' ] !== $this->handle) { |
|
| 691 | - mcrypt_module_close($params[ 'handle' ]); |
|
| 689 | + if (mcrypt_generic_init($params['handle'], $params['key'], $iv) < 0) { |
|
| 690 | + if ($params['handle'] !== $this->handle) { |
|
| 691 | + mcrypt_module_close($params['handle']); |
|
| 692 | 692 | } |
| 693 | 693 | |
| 694 | 694 | return false; |
@@ -696,8 +696,8 @@ discard block |
||
| 696 | 696 | |
| 697 | 697 | // Use PKCS#7 padding in order to ensure compatibility with OpenSSL |
| 698 | 698 | // and other implementations outside of PHP. |
| 699 | - if (in_array(strtolower(mcrypt_enc_get_modes_name($params[ 'handle' ])), ['cbc', 'ecb'], true)) { |
|
| 700 | - $block_size = mcrypt_enc_get_block_size($params[ 'handle' ]); |
|
| 699 | + if (in_array(strtolower(mcrypt_enc_get_modes_name($params['handle'])), ['cbc', 'ecb'], true)) { |
|
| 700 | + $block_size = mcrypt_enc_get_block_size($params['handle']); |
|
| 701 | 701 | $pad = $block_size - (self::strlen($data) % $block_size); |
| 702 | 702 | $data .= str_repeat(chr($pad), $pad); |
| 703 | 703 | } |
@@ -713,13 +713,13 @@ discard block |
||
| 713 | 713 | // This probably would've been fine (even though still wasteful), |
| 714 | 714 | // but OpenSSL isn't that dumb and we need to make the process |
| 715 | 715 | // portable, so ... |
| 716 | - $data = (mcrypt_enc_get_modes_name($params[ 'handle' ]) !== 'ECB') |
|
| 717 | - ? $iv . mcrypt_generic($params[ 'handle' ], $data) |
|
| 718 | - : mcrypt_generic($params[ 'handle' ], $data); |
|
| 716 | + $data = (mcrypt_enc_get_modes_name($params['handle']) !== 'ECB') |
|
| 717 | + ? $iv . mcrypt_generic($params['handle'], $data) |
|
| 718 | + : mcrypt_generic($params['handle'], $data); |
|
| 719 | 719 | |
| 720 | - mcrypt_generic_deinit($params[ 'handle' ]); |
|
| 721 | - if ($params[ 'handle' ] !== $this->handle) { |
|
| 722 | - mcrypt_module_close($params[ 'handle' ]); |
|
| 720 | + mcrypt_generic_deinit($params['handle']); |
|
| 721 | + if ($params['handle'] !== $this->handle) { |
|
| 722 | + mcrypt_module_close($params['handle']); |
|
| 723 | 723 | } |
| 724 | 724 | |
| 725 | 725 | return $data; |
@@ -768,18 +768,18 @@ discard block |
||
| 768 | 768 | */ |
| 769 | 769 | protected function opensslEncrypt($data, $params) |
| 770 | 770 | { |
| 771 | - if (empty($params[ 'handle' ])) { |
|
| 771 | + if (empty($params['handle'])) { |
|
| 772 | 772 | return false; |
| 773 | 773 | } |
| 774 | 774 | |
| 775 | - $iv = ($iv_size = openssl_cipher_iv_length($params[ 'handle' ])) |
|
| 775 | + $iv = ($iv_size = openssl_cipher_iv_length($params['handle'])) |
|
| 776 | 776 | ? $this->createKey($iv_size) |
| 777 | 777 | : null; |
| 778 | 778 | |
| 779 | 779 | $data = openssl_encrypt( |
| 780 | 780 | $data, |
| 781 | - $params[ 'handle' ], |
|
| 782 | - $params[ 'key' ], |
|
| 781 | + $params['handle'], |
|
| 782 | + $params['key'], |
|
| 783 | 783 | 1, // DO NOT TOUCH! |
| 784 | 784 | $iv |
| 785 | 785 | ); |
@@ -803,14 +803,14 @@ discard block |
||
| 803 | 803 | */ |
| 804 | 804 | protected function mcryptDecrypt($data, $params) |
| 805 | 805 | { |
| 806 | - if ( ! is_resource($params[ 'handle' ])) { |
|
| 806 | + if ( ! is_resource($params['handle'])) { |
|
| 807 | 807 | return false; |
| 808 | 808 | } |
| 809 | 809 | |
| 810 | 810 | // The greater-than-1 comparison is mostly a work-around for a bug, |
| 811 | 811 | // where 1 is returned for ARCFour instead of 0. |
| 812 | - if (($iv_size = mcrypt_enc_get_iv_size($params[ 'handle' ])) > 1) { |
|
| 813 | - if (mcrypt_enc_get_modes_name($params[ 'handle' ]) !== 'ECB') { |
|
| 812 | + if (($iv_size = mcrypt_enc_get_iv_size($params['handle'])) > 1) { |
|
| 813 | + if (mcrypt_enc_get_modes_name($params['handle']) !== 'ECB') { |
|
| 814 | 814 | $iv = self::substr($data, 0, $iv_size); |
| 815 | 815 | $data = self::substr($data, $iv_size); |
| 816 | 816 | } else { |
@@ -821,23 +821,23 @@ discard block |
||
| 821 | 821 | $iv = null; |
| 822 | 822 | } |
| 823 | 823 | |
| 824 | - if (mcrypt_generic_init($params[ 'handle' ], $params[ 'key' ], $iv) < 0) { |
|
| 825 | - if ($params[ 'handle' ] !== $this->handle) { |
|
| 826 | - mcrypt_module_close($params[ 'handle' ]); |
|
| 824 | + if (mcrypt_generic_init($params['handle'], $params['key'], $iv) < 0) { |
|
| 825 | + if ($params['handle'] !== $this->handle) { |
|
| 826 | + mcrypt_module_close($params['handle']); |
|
| 827 | 827 | } |
| 828 | 828 | |
| 829 | 829 | return false; |
| 830 | 830 | } |
| 831 | 831 | |
| 832 | - $data = mdecrypt_generic($params[ 'handle' ], $data); |
|
| 832 | + $data = mdecrypt_generic($params['handle'], $data); |
|
| 833 | 833 | // Remove PKCS#7 padding, if necessary |
| 834 | - if (in_array(strtolower(mcrypt_enc_get_modes_name($params[ 'handle' ])), ['cbc', 'ecb'], true)) { |
|
| 835 | - $data = self::substr($data, 0, -ord($data[ self::strlen($data) - 1 ])); |
|
| 834 | + if (in_array(strtolower(mcrypt_enc_get_modes_name($params['handle'])), ['cbc', 'ecb'], true)) { |
|
| 835 | + $data = self::substr($data, 0, -ord($data[self::strlen($data) - 1])); |
|
| 836 | 836 | } |
| 837 | 837 | |
| 838 | - mcrypt_generic_deinit($params[ 'handle' ]); |
|
| 839 | - if ($params[ 'handle' ] !== $this->handle) { |
|
| 840 | - mcrypt_module_close($params[ 'handle' ]); |
|
| 838 | + mcrypt_generic_deinit($params['handle']); |
|
| 839 | + if ($params['handle'] !== $this->handle) { |
|
| 840 | + mcrypt_module_close($params['handle']); |
|
| 841 | 841 | } |
| 842 | 842 | |
| 843 | 843 | return $data; |
@@ -855,19 +855,19 @@ discard block |
||
| 855 | 855 | */ |
| 856 | 856 | protected function opensslDecrypt($data, $params) |
| 857 | 857 | { |
| 858 | - if ($iv_size = openssl_cipher_iv_length($params[ 'handle' ])) { |
|
| 858 | + if ($iv_size = openssl_cipher_iv_length($params['handle'])) { |
|
| 859 | 859 | $iv = self::substr($data, 0, $iv_size); |
| 860 | 860 | $data = self::substr($data, $iv_size); |
| 861 | 861 | } else { |
| 862 | 862 | $iv = null; |
| 863 | 863 | } |
| 864 | 864 | |
| 865 | - return empty($params[ 'handle' ]) |
|
| 865 | + return empty($params['handle']) |
|
| 866 | 866 | ? false |
| 867 | 867 | : openssl_decrypt( |
| 868 | 868 | $data, |
| 869 | - $params[ 'handle' ], |
|
| 870 | - $params[ 'key' ], |
|
| 869 | + $params['handle'], |
|
| 870 | + $params['key'], |
|
| 871 | 871 | 1, // DO NOT TOUCH! |
| 872 | 872 | $iv |
| 873 | 873 | ); |
@@ -160,7 +160,7 @@ discard block |
||
| 160 | 160 | |
| 161 | 161 | if ($cryptoKey > 0) { |
| 162 | 162 | foreach ($charactersMap as $key => $value) { |
| 163 | - static::$charactersMap[ $key * $cryptoKey ] = $value; |
|
| 163 | + static::$charactersMap[$key * $cryptoKey] = $value; |
|
| 164 | 164 | } |
| 165 | 165 | } |
| 166 | 166 | } |
@@ -217,7 +217,7 @@ discard block |
||
| 217 | 217 | |
| 218 | 218 | foreach ($numbers as $number) { |
| 219 | 219 | if (array_key_exists($number, static::$charactersMap)) { |
| 220 | - $letters[] = static::$charactersMap[ $number ]; |
|
| 220 | + $letters[] = static::$charactersMap[$number]; |
|
| 221 | 221 | } |
| 222 | 222 | } |
| 223 | 223 | |
@@ -197,13 +197,13 @@ discard block |
||
| 197 | 197 | public static function isUrl($string) |
| 198 | 198 | {
|
| 199 | 199 | if (preg_match('/^(?:([^:]*)\:)?\/\/(.+)$/', $string, $matches)) {
|
| 200 | - if (empty($matches[ 2 ])) {
|
|
| 200 | + if (empty($matches[2])) {
|
|
| 201 | 201 | return false; |
| 202 | - } elseif ( ! in_array($matches[ 1 ], ['http', 'https'], true)) {
|
|
| 202 | + } elseif ( ! in_array($matches[1], ['http', 'https'], true)) {
|
|
| 203 | 203 | return false; |
| 204 | 204 | } |
| 205 | 205 | |
| 206 | - $string = $matches[ 2 ]; |
|
| 206 | + $string = $matches[2]; |
|
| 207 | 207 | } |
| 208 | 208 | |
| 209 | 209 | $string = 'http://' . $string; |
@@ -599,18 +599,18 @@ discard block |
||
| 599 | 599 | switch ($type) {
|
| 600 | 600 | case 'uppercase': |
| 601 | 601 | if (preg_match_all('/[A-Z]/', $string, $uppercase)) {
|
| 602 | - $valid[ $type ] = count($uppercase[ 0 ]); |
|
| 602 | + $valid[$type] = count($uppercase[0]); |
|
| 603 | 603 | } |
| 604 | 604 | break; |
| 605 | 605 | case 'lowercase': |
| 606 | 606 | if (preg_match_all('/[a-z]/', $string, $lowercase)) {
|
| 607 | - $valid[ $type ] = count($lowercase[ 0 ]); |
|
| 607 | + $valid[$type] = count($lowercase[0]); |
|
| 608 | 608 | } |
| 609 | 609 | break; |
| 610 | 610 | case 'number': |
| 611 | 611 | case 'numbers': |
| 612 | 612 | if (preg_match_all('/[0-9]/', $string, $numbers)) {
|
| 613 | - $valid[ $type ] = count($numbers[ 0 ]); |
|
| 613 | + $valid[$type] = count($numbers[0]); |
|
| 614 | 614 | } |
| 615 | 615 | break; |
| 616 | 616 | case 'special character': |
@@ -618,7 +618,7 @@ discard block |
||
| 618 | 618 | case 'special': |
| 619 | 619 | // Special Characters |
| 620 | 620 | if (preg_match_all('/[!@#$%^&*()\-_=+{};:,<.>]/', $string, $special)) {
|
| 621 | - $valid[ $type ] = count($special[ 0 ]); |
|
| 621 | + $valid[$type] = count($special[0]); |
|
| 622 | 622 | } |
| 623 | 623 | break; |
| 624 | 624 | } |
@@ -29,7 +29,7 @@ discard block |
||
| 29 | 29 | * in it's constructor, but it's _not_ class-specific. |
| 30 | 30 | * |
| 31 | 31 | */ |
| 32 | -$charset = strtoupper(o2system()->config[ 'charset' ]); |
|
| 32 | +$charset = strtoupper(o2system()->config['charset']); |
|
| 33 | 33 | ini_set('default_charset', $charset);
|
| 34 | 34 | |
| 35 | 35 | if (extension_loaded('mbstring')) {
|
@@ -84,7 +84,7 @@ discard block |
||
| 84 | 84 | if ( |
| 85 | 85 | defined('PREG_BAD_UTF8_ERROR') // PCRE must support UTF-8
|
| 86 | 86 | AND (ICONV_ENABLED === true || MB_ENABLED === true) // iconv or mbstring must be installed |
| 87 | - AND strtoupper(o2system()->config[ 'charset' ]) === 'UTF-8' // Application charset must be UTF-8 |
|
| 87 | + AND strtoupper(o2system()->config['charset']) === 'UTF-8' // Application charset must be UTF-8 |
|
| 88 | 88 | ) {
|
| 89 | 89 | $this->isEnabled = true; |
| 90 | 90 | logger()->debug('LOG_DEBUG_UTF8_SUPPORT_ENABLED');
|
@@ -56,8 +56,8 @@ |
||
| 56 | 56 | |
| 57 | 57 | $uri = new Uri(); |
| 58 | 58 | |
| 59 | - $metadata[ 'domain' ] = $uri->getHost(); |
|
| 60 | - $metadata[ 'ipAddress' ] = $_SERVER[ 'SERVER_ADDR' ]; |
|
| 59 | + $metadata['domain'] = $uri->getHost(); |
|
| 60 | + $metadata['ipAddress'] = $_SERVER['SERVER_ADDR']; |
|
| 61 | 61 | |
| 62 | 62 | $string = json_encode($metadata); |
| 63 | 63 | $string = md5($string); |
@@ -54,8 +54,8 @@ discard block |
||
| 54 | 54 | */ |
| 55 | 55 | public function getToken() |
| 56 | 56 | {
|
| 57 | - if (isset($_SESSION[ 'xssToken' ])) {
|
|
| 58 | - return $_SESSION[ 'xssToken' ]; |
|
| 57 | + if (isset($_SESSION['xssToken'])) {
|
|
| 58 | + return $_SESSION['xssToken']; |
|
| 59 | 59 | } |
| 60 | 60 | |
| 61 | 61 | return false; |
@@ -72,7 +72,7 @@ discard block |
||
| 72 | 72 | */ |
| 73 | 73 | public function regenerate() |
| 74 | 74 | {
|
| 75 | - $_SESSION[ 'xssToken' ] = $this->token = 'XSS-' . bin2hex(random_bytes(32)); |
|
| 75 | + $_SESSION['xssToken'] = $this->token = 'XSS-' . bin2hex(random_bytes(32)); |
|
| 76 | 76 | } |
| 77 | 77 | |
| 78 | 78 | // ------------------------------------------------------------------------ |
@@ -64,16 +64,16 @@ discard block |
||
| 64 | 64 | |
| 65 | 65 | if ($this->repository->has($consumerId)) { |
| 66 | 66 | $consumerData = $this->repository->get($consumerId); |
| 67 | - $consumerData[ 'id' ] = $consumerId; |
|
| 68 | - $consumerData[ 'currentCallTime' ] = $request->getTime(); |
|
| 69 | - $consumerData[ 'attempts' ] = 1; |
|
| 67 | + $consumerData['id'] = $consumerId; |
|
| 68 | + $consumerData['currentCallTime'] = $request->getTime(); |
|
| 69 | + $consumerData['attempts'] = 1; |
|
| 70 | 70 | |
| 71 | 71 | $this->consumer->merge($consumerData); |
| 72 | 72 | } else { |
| 73 | 73 | $consumerData = $this->consumer->getArrayCopy(); |
| 74 | - $consumerData[ 'id' ] = $consumerId; |
|
| 75 | - $consumerData[ 'lastCallTime' ] = $consumerData[ 'currentCallTime' ] = $request->getTime(); |
|
| 76 | - $consumerData[ 'attempts' ] = $consumerData[ 'attempts' ] + 1; |
|
| 74 | + $consumerData['id'] = $consumerId; |
|
| 75 | + $consumerData['lastCallTime'] = $consumerData['currentCallTime'] = $request->getTime(); |
|
| 76 | + $consumerData['attempts'] = $consumerData['attempts'] + 1; |
|
| 77 | 77 | |
| 78 | 78 | $this->repository->store($consumerId, $consumerData); |
| 79 | 79 | } |
@@ -82,13 +82,13 @@ discard block |
||
| 82 | 82 | public function verify() |
| 83 | 83 | { |
| 84 | 84 | $currentTime = strtotime(date('r')); |
| 85 | - $timeCall = abs($this->consumer[ 'lastCallTime' ] - $currentTime); |
|
| 85 | + $timeCall = abs($this->consumer['lastCallTime'] - $currentTime); |
|
| 86 | 86 | |
| 87 | - $this->consumer[ 'lastCallTime' ] = $currentTime; |
|
| 87 | + $this->consumer['lastCallTime'] = $currentTime; |
|
| 88 | 88 | |
| 89 | - if ($timeCall > $this->rate[ 'span' ]) { |
|
| 89 | + if ($timeCall > $this->rate['span']) { |
|
| 90 | 90 | return false; |
| 91 | - } elseif ($this->consumer[ 'attempts' ] > $this->rate[ 'attempts' ]) { |
|
| 91 | + } elseif ($this->consumer['attempts'] > $this->rate['attempts']) { |
|
| 92 | 92 | return false; |
| 93 | 93 | } |
| 94 | 94 | |
@@ -60,8 +60,8 @@ discard block |
||
| 60 | 60 | */ |
| 61 | 61 | protected function getToken() |
| 62 | 62 | { |
| 63 | - if (isset($_SESSION[ 'captchaToken' ])) { |
|
| 64 | - return $_SESSION[ 'captchaToken' ]; |
|
| 63 | + if (isset($_SESSION['captchaToken'])) { |
|
| 64 | + return $_SESSION['captchaToken']; |
|
| 65 | 65 | } |
| 66 | 66 | |
| 67 | 67 | return false; |
@@ -78,7 +78,7 @@ discard block |
||
| 78 | 78 | */ |
| 79 | 79 | public function regenerate() |
| 80 | 80 | { |
| 81 | - $_SESSION[ 'captchaToken' ] = $this->token = strtoupper( |
|
| 81 | + $_SESSION['captchaToken'] = $this->token = strtoupper( |
|
| 82 | 82 | substr( |
| 83 | 83 | md5( |
| 84 | 84 | uniqid( |
@@ -37,8 +37,8 @@ discard block |
||
| 37 | 37 | */ |
| 38 | 38 | public function __construct() |
| 39 | 39 | { |
| 40 | - if (empty($_SESSION[ 'throttle' ])) { |
|
| 41 | - $_SESSION[ 'throttle' ] = []; |
|
| 40 | + if (empty($_SESSION['throttle'])) { |
|
| 41 | + $_SESSION['throttle'] = []; |
|
| 42 | 42 | } |
| 43 | 43 | } |
| 44 | 44 | |
@@ -54,7 +54,7 @@ discard block |
||
| 54 | 54 | */ |
| 55 | 55 | public function getIterator() |
| 56 | 56 | { |
| 57 | - return new \ArrayIterator($_SESSION[ 'throttle' ]); |
|
| 57 | + return new \ArrayIterator($_SESSION['throttle']); |
|
| 58 | 58 | } |
| 59 | 59 | |
| 60 | 60 | // ------------------------------------------------------------------------ |
@@ -110,7 +110,7 @@ discard block |
||
| 110 | 110 | */ |
| 111 | 111 | public function offsetExists($offset) |
| 112 | 112 | { |
| 113 | - return isset($_SESSION[ 'throttle' ][ $offset ]); |
|
| 113 | + return isset($_SESSION['throttle'][$offset]); |
|
| 114 | 114 | } |
| 115 | 115 | |
| 116 | 116 | // ------------------------------------------------------------------------ |
@@ -127,7 +127,7 @@ discard block |
||
| 127 | 127 | */ |
| 128 | 128 | public function &__get($offset) |
| 129 | 129 | { |
| 130 | - return $_SESSION[ 'throttle' ][ $offset ]; |
|
| 130 | + return $_SESSION['throttle'][$offset]; |
|
| 131 | 131 | } |
| 132 | 132 | |
| 133 | 133 | // ------------------------------------------------------------------------ |
@@ -183,7 +183,7 @@ discard block |
||
| 183 | 183 | */ |
| 184 | 184 | public function offsetSet($offset, $value) |
| 185 | 185 | { |
| 186 | - $_SESSION[ 'throttle' ][ $offset ] = $value; |
|
| 186 | + $_SESSION['throttle'][$offset] = $value; |
|
| 187 | 187 | } |
| 188 | 188 | |
| 189 | 189 | // ------------------------------------------------------------------------ |
@@ -236,8 +236,8 @@ discard block |
||
| 236 | 236 | */ |
| 237 | 237 | public function offsetUnset($offset) |
| 238 | 238 | { |
| 239 | - if (isset($_SESSION[ 'throttle' ][ $offset ])) { |
|
| 240 | - unset($_SESSION[ 'throttle' ][ $offset ]); |
|
| 239 | + if (isset($_SESSION['throttle'][$offset])) { |
|
| 240 | + unset($_SESSION['throttle'][$offset]); |
|
| 241 | 241 | } |
| 242 | 242 | } |
| 243 | 243 | |
@@ -254,8 +254,8 @@ discard block |
||
| 254 | 254 | */ |
| 255 | 255 | public function merge(array $data) |
| 256 | 256 | { |
| 257 | - $oldData = $_SESSION[ 'throttle' ]; |
|
| 258 | - $_SESSION[ 'throttle' ] = array_merge($_SESSION[ 'throttle' ], $data); |
|
| 257 | + $oldData = $_SESSION['throttle']; |
|
| 258 | + $_SESSION['throttle'] = array_merge($_SESSION['throttle'], $data); |
|
| 259 | 259 | |
| 260 | 260 | return $oldData; |
| 261 | 261 | } |
@@ -273,8 +273,8 @@ discard block |
||
| 273 | 273 | */ |
| 274 | 274 | public function exchange(array $data) |
| 275 | 275 | { |
| 276 | - $oldData = $_SESSION[ 'throttle' ]; |
|
| 277 | - $_SESSION[ 'throttle' ] = $data; |
|
| 276 | + $oldData = $_SESSION['throttle']; |
|
| 277 | + $_SESSION['throttle'] = $data; |
|
| 278 | 278 | |
| 279 | 279 | return $oldData; |
| 280 | 280 | } |
@@ -290,9 +290,9 @@ discard block |
||
| 290 | 290 | */ |
| 291 | 291 | public function destroy() |
| 292 | 292 | { |
| 293 | - $storage = $_SESSION[ 'throttle' ]; |
|
| 293 | + $storage = $_SESSION['throttle']; |
|
| 294 | 294 | |
| 295 | - $_SESSION[ 'throttle' ] = []; |
|
| 295 | + $_SESSION['throttle'] = []; |
|
| 296 | 296 | |
| 297 | 297 | return $storage; |
| 298 | 298 | } |
@@ -309,7 +309,7 @@ discard block |
||
| 309 | 309 | */ |
| 310 | 310 | public function count() |
| 311 | 311 | { |
| 312 | - return (int)count($_SESSION[ 'throttle' ]); |
|
| 312 | + return (int)count($_SESSION['throttle']); |
|
| 313 | 313 | } |
| 314 | 314 | |
| 315 | 315 | // ------------------------------------------------------------------------ |
@@ -325,7 +325,7 @@ discard block |
||
| 325 | 325 | */ |
| 326 | 326 | public function serialize() |
| 327 | 327 | { |
| 328 | - return serialize($_SESSION[ 'throttle' ]); |
|
| 328 | + return serialize($_SESSION['throttle']); |
|
| 329 | 329 | } |
| 330 | 330 | |
| 331 | 331 | // ------------------------------------------------------------------------ |
@@ -343,7 +343,7 @@ discard block |
||
| 343 | 343 | */ |
| 344 | 344 | public function unserialize($serialized) |
| 345 | 345 | { |
| 346 | - $_SESSION[ 'throttle' ] = unserialize($serialized); |
|
| 346 | + $_SESSION['throttle'] = unserialize($serialized); |
|
| 347 | 347 | } |
| 348 | 348 | |
| 349 | 349 | // ------------------------------------------------------------------------ |
@@ -360,7 +360,7 @@ discard block |
||
| 360 | 360 | */ |
| 361 | 361 | public function jsonSerialize() |
| 362 | 362 | { |
| 363 | - return $_SESSION[ 'throttle' ]; |
|
| 363 | + return $_SESSION['throttle']; |
|
| 364 | 364 | } |
| 365 | 365 | |
| 366 | 366 | // ------------------------------------------------------------------------ |
@@ -374,7 +374,7 @@ discard block |
||
| 374 | 374 | */ |
| 375 | 375 | public function getArrayCopy() |
| 376 | 376 | { |
| 377 | - return $_SESSION[ 'throttle' ]; |
|
| 377 | + return $_SESSION['throttle']; |
|
| 378 | 378 | } |
| 379 | 379 | |
| 380 | 380 | // ------------------------------------------------------------------------ |
@@ -432,6 +432,6 @@ discard block |
||
| 432 | 432 | */ |
| 433 | 433 | public function offsetGet($offset) |
| 434 | 434 | { |
| 435 | - return (isset($_SESSION[ 'throttle' ][ $offset ])) ? $_SESSION[ 'throttle' ][ $offset ] : false; |
|
| 435 | + return (isset($_SESSION['throttle'][$offset])) ? $_SESSION['throttle'][$offset] : false; |
|
| 436 | 436 | } |
| 437 | 437 | } |
| 438 | 438 | \ No newline at end of file |
