o2system /
security
@@ -59,15 +59,15 @@ discard block |
||
| 59 | 59 | |
| 60 | 60 | if (class_exists('\O2System\Framework', false)) { |
| 61 | 61 | $this->options = config()->getItem('cookie')->getArrayCopy(); |
| 62 | - $this->options[ 'expire' ] = time() + $this->options[ 'lifetime' ]; |
|
| 63 | - unset($this->options[ 'lifetime' ]); |
|
| 62 | + $this->options['expire'] = time() + $this->options['lifetime']; |
|
| 63 | + unset($this->options['lifetime']); |
|
| 64 | 64 | } |
| 65 | 65 | |
| 66 | - $this->options[ 'domain' ] = empty($this->options[ 'domain' ]) |
|
| 67 | - ? isset($_SERVER[ 'HTTP_HOST' ]) |
|
| 68 | - ? $_SERVER[ 'HTTP_HOST' ] |
|
| 69 | - : $_SERVER[ 'SERVER_NAME' ] |
|
| 70 | - : $this->options[ 'domain' ]; |
|
| 66 | + $this->options['domain'] = empty($this->options['domain']) |
|
| 67 | + ? isset($_SERVER['HTTP_HOST']) |
|
| 68 | + ? $_SERVER['HTTP_HOST'] |
|
| 69 | + : $_SERVER['SERVER_NAME'] |
|
| 70 | + : $this->options['domain']; |
|
| 71 | 71 | } |
| 72 | 72 | |
| 73 | 73 | // ------------------------------------------------------------------------ |
@@ -85,7 +85,7 @@ discard block |
||
| 85 | 85 | { |
| 86 | 86 | foreach ($options as $key => $value) { |
| 87 | 87 | if (array_key_exists($key, $this->options)) { |
| 88 | - $this->options[ $key ] = $value; |
|
| 88 | + $this->options[$key] = $value; |
|
| 89 | 89 | } |
| 90 | 90 | } |
| 91 | 91 | |
@@ -110,8 +110,8 @@ discard block |
||
| 110 | 110 | ? serialize($value) |
| 111 | 111 | : $value; |
| 112 | 112 | |
| 113 | - $name = isset($this->options[ 'prefix' ]) |
|
| 114 | - ? $this->options[ 'prefix' ] . $name |
|
| 113 | + $name = isset($this->options['prefix']) |
|
| 114 | + ? $this->options['prefix'] . $name |
|
| 115 | 115 | : $name; |
| 116 | 116 | |
| 117 | 117 | $value = $this->crypt->encrypt($value); |
@@ -119,9 +119,9 @@ discard block |
||
| 119 | 119 | return setcookie( |
| 120 | 120 | $name, |
| 121 | 121 | $value, |
| 122 | - $this->options[ 'expire' ], |
|
| 123 | - $this->options[ 'path' ], |
|
| 124 | - '.' . ltrim($this->options[ 'domain' ], '.'), |
|
| 122 | + $this->options['expire'], |
|
| 123 | + $this->options['path'], |
|
| 124 | + '.' . ltrim($this->options['domain'], '.'), |
|
| 125 | 125 | false, |
| 126 | 126 | false |
| 127 | 127 | ); |
@@ -140,8 +140,8 @@ discard block |
||
| 140 | 140 | */ |
| 141 | 141 | public function decrypt($name) |
| 142 | 142 | { |
| 143 | - $name = isset($this->options[ 'prefix' ]) |
|
| 144 | - ? $this->options[ 'prefix' ] . $name |
|
| 143 | + $name = isset($this->options['prefix']) |
|
| 144 | + ? $this->options['prefix'] . $name |
|
| 145 | 145 | : $name; |
| 146 | 146 | |
| 147 | 147 | if ($value = input()->cookie($name)) { |
@@ -131,7 +131,7 @@ discard block |
||
| 131 | 131 | 'openssl' => extension_loaded('openssl'), |
| 132 | 132 | ]; |
| 133 | 133 | |
| 134 | - if ( ! $this->drivers[ 'mcrypt' ] && ! $this->drivers[ 'openssl' ]) { |
|
| 134 | + if ( ! $this->drivers['mcrypt'] && ! $this->drivers['openssl']) { |
|
| 135 | 135 | //Encryption: Unable to find an available encryption driver. |
| 136 | 136 | throw new BadPhpExtensionCallException('E_SECURITY_CRYPT_UNABLE_TO_FIND_DRIVER'); |
| 137 | 137 | } |
@@ -163,14 +163,14 @@ discard block |
||
| 163 | 163 | */ |
| 164 | 164 | public function initialize(array $params) |
| 165 | 165 | { |
| 166 | - if ( ! empty($params[ 'driver' ])) { |
|
| 167 | - if (isset($this->drivers[ $params[ 'driver' ] ])) { |
|
| 168 | - if ($this->drivers[ $params[ 'driver' ] ]) { |
|
| 169 | - $this->driver = $params[ 'driver' ]; |
|
| 166 | + if ( ! empty($params['driver'])) { |
|
| 167 | + if (isset($this->drivers[$params['driver']])) { |
|
| 168 | + if ($this->drivers[$params['driver']]) { |
|
| 169 | + $this->driver = $params['driver']; |
|
| 170 | 170 | } else { |
| 171 | 171 | //"Encryption: Driver '" . $params[ 'driver' ] . "' is not available." |
| 172 | 172 | throw new BadPhpExtensionCallException( |
| 173 | - 'E_SECURITY_CRYPT_DRIVER_NOT_AVAILABLE', $params[ 'driver' ] |
|
| 173 | + 'E_SECURITY_CRYPT_DRIVER_NOT_AVAILABLE', $params['driver'] |
|
| 174 | 174 | ); |
| 175 | 175 | } |
| 176 | 176 | } else { |
@@ -178,19 +178,19 @@ discard block |
||
| 178 | 178 | throw new BadPhpExtensionCallException( |
| 179 | 179 | 'E_SECURITY_CRYPT_DRIVER_NOT_CONFIGURED', |
| 180 | 180 | 0, |
| 181 | - [$params[ 'driver' ]] |
|
| 181 | + [$params['driver']] |
|
| 182 | 182 | ); |
| 183 | 183 | } |
| 184 | 184 | } |
| 185 | 185 | |
| 186 | 186 | if (empty($this->driver)) { |
| 187 | - $this->driver = ($this->drivers[ 'openssl' ] === true) |
|
| 187 | + $this->driver = ($this->drivers['openssl'] === true) |
|
| 188 | 188 | ? 'openssl' |
| 189 | 189 | : 'mcrypt'; |
| 190 | 190 | } |
| 191 | 191 | |
| 192 | - empty($params[ 'cipher' ]) && $params[ 'cipher' ] = $this->cipher; |
|
| 193 | - empty($params[ 'key' ]) OR $this->key = $params[ 'key' ]; |
|
| 192 | + empty($params['cipher']) && $params['cipher'] = $this->cipher; |
|
| 193 | + empty($params['key']) OR $this->key = $params['key']; |
|
| 194 | 194 | $this->{$this->driver . 'Initialize'}($params); |
| 195 | 195 | |
| 196 | 196 | return $this; |
@@ -237,20 +237,20 @@ discard block |
||
| 237 | 237 | return false; |
| 238 | 238 | } |
| 239 | 239 | |
| 240 | - isset($params[ 'key' ]) OR |
|
| 241 | - $params[ 'key' ] = $this->hkdf($this->key, 'sha512', null, self::strlen($this->key), 'encryption'); |
|
| 240 | + isset($params['key']) OR |
|
| 241 | + $params['key'] = $this->hkdf($this->key, 'sha512', null, self::strlen($this->key), 'encryption'); |
|
| 242 | 242 | |
| 243 | 243 | if (($data = $this->{$this->driver . 'Encrypt'}($data, $params)) === false) { |
| 244 | 244 | return false; |
| 245 | 245 | } |
| 246 | 246 | |
| 247 | - $params[ 'base64' ] && $data = base64_encode($data); |
|
| 247 | + $params['base64'] && $data = base64_encode($data); |
|
| 248 | 248 | |
| 249 | - if (isset($params[ 'hmac_digest' ])) { |
|
| 250 | - isset($params[ 'hmac_key' ]) OR |
|
| 251 | - $params[ 'hmac_key' ] = $this->hkdf($this->key, 'sha512', null, null, 'authentication'); |
|
| 249 | + if (isset($params['hmac_digest'])) { |
|
| 250 | + isset($params['hmac_key']) OR |
|
| 251 | + $params['hmac_key'] = $this->hkdf($this->key, 'sha512', null, null, 'authentication'); |
|
| 252 | 252 | |
| 253 | - return hash_hmac($params[ 'hmac_digest' ], $data, $params[ 'hmac_key' ], ! $params[ 'base64' ]) . $data; |
|
| 253 | + return hash_hmac($params['hmac_digest'], $data, $params['hmac_key'], ! $params['base64']) . $data; |
|
| 254 | 254 | } |
| 255 | 255 | |
| 256 | 256 | return $data; |
@@ -277,49 +277,49 @@ discard block |
||
| 277 | 277 | 'hmac_key' => null, |
| 278 | 278 | ] |
| 279 | 279 | : false; |
| 280 | - } elseif ( ! isset($params[ 'cipher' ], $params[ 'mode' ], $params[ 'key' ])) { |
|
| 280 | + } elseif ( ! isset($params['cipher'], $params['mode'], $params['key'])) { |
|
| 281 | 281 | return false; |
| 282 | 282 | } |
| 283 | 283 | |
| 284 | - if (isset($params[ 'mode' ])) { |
|
| 285 | - $params[ 'mode' ] = strtolower($params[ 'mode' ]); |
|
| 286 | - if ( ! isset($this->modes[ $this->driver ][ $params[ 'mode' ] ])) { |
|
| 284 | + if (isset($params['mode'])) { |
|
| 285 | + $params['mode'] = strtolower($params['mode']); |
|
| 286 | + if ( ! isset($this->modes[$this->driver][$params['mode']])) { |
|
| 287 | 287 | return false; |
| 288 | 288 | } else { |
| 289 | - $params[ 'mode' ] = $this->modes[ $this->driver ][ $params[ 'mode' ] ]; |
|
| 289 | + $params['mode'] = $this->modes[$this->driver][$params['mode']]; |
|
| 290 | 290 | } |
| 291 | 291 | } |
| 292 | 292 | |
| 293 | - if (isset($params[ 'hmac' ]) && $params[ 'hmac' ] === false) { |
|
| 294 | - $params[ 'hmac_digest' ] = $params[ 'hmac_key' ] = null; |
|
| 293 | + if (isset($params['hmac']) && $params['hmac'] === false) { |
|
| 294 | + $params['hmac_digest'] = $params['hmac_key'] = null; |
|
| 295 | 295 | } else { |
| 296 | - if ( ! isset($params[ 'hmac_key' ])) { |
|
| 296 | + if ( ! isset($params['hmac_key'])) { |
|
| 297 | 297 | return false; |
| 298 | - } elseif (isset($params[ 'hmac_digest' ])) { |
|
| 299 | - $params[ 'hmac_digest' ] = strtolower($params[ 'hmac_digest' ]); |
|
| 300 | - if ( ! isset($this->digests[ $params[ 'hmac_digest' ] ])) { |
|
| 298 | + } elseif (isset($params['hmac_digest'])) { |
|
| 299 | + $params['hmac_digest'] = strtolower($params['hmac_digest']); |
|
| 300 | + if ( ! isset($this->digests[$params['hmac_digest']])) { |
|
| 301 | 301 | return false; |
| 302 | 302 | } |
| 303 | 303 | } else { |
| 304 | - $params[ 'hmac_digest' ] = 'sha512'; |
|
| 304 | + $params['hmac_digest'] = 'sha512'; |
|
| 305 | 305 | } |
| 306 | 306 | } |
| 307 | 307 | |
| 308 | 308 | $params = [ |
| 309 | 309 | 'handle' => null, |
| 310 | - 'cipher' => $params[ 'cipher' ], |
|
| 311 | - 'mode' => $params[ 'mode' ], |
|
| 312 | - 'key' => $params[ 'key' ], |
|
| 313 | - 'base64' => isset($params[ 'raw_data' ]) |
|
| 314 | - ? ! $params[ 'raw_data' ] |
|
| 310 | + 'cipher' => $params['cipher'], |
|
| 311 | + 'mode' => $params['mode'], |
|
| 312 | + 'key' => $params['key'], |
|
| 313 | + 'base64' => isset($params['raw_data']) |
|
| 314 | + ? ! $params['raw_data'] |
|
| 315 | 315 | : false, |
| 316 | - 'hmac_digest' => $params[ 'hmac_digest' ], |
|
| 317 | - 'hmac_key' => $params[ 'hmac_key' ], |
|
| 316 | + 'hmac_digest' => $params['hmac_digest'], |
|
| 317 | + 'hmac_key' => $params['hmac_key'], |
|
| 318 | 318 | ]; |
| 319 | 319 | |
| 320 | - $this->cipherAlias($params[ 'cipher' ]); |
|
| 321 | - $params[ 'handle' ] = ($params[ 'cipher' ] !== $this->cipher OR $params[ 'mode' ] !== $this->mode) |
|
| 322 | - ? $this->{$this->driver . 'GetHandle'}($params[ 'cipher' ], $params[ 'mode' ]) |
|
| 320 | + $this->cipherAlias($params['cipher']); |
|
| 321 | + $params['handle'] = ($params['cipher'] !== $this->cipher OR $params['mode'] !== $this->mode) |
|
| 322 | + ? $this->{$this->driver . 'GetHandle'}($params['cipher'], $params['mode']) |
|
| 323 | 323 | : $this->handle; |
| 324 | 324 | |
| 325 | 325 | return $params; |
@@ -394,8 +394,8 @@ discard block |
||
| 394 | 394 | // confirms that it is MCrypt's fault. |
| 395 | 395 | } |
| 396 | 396 | |
| 397 | - if (isset($dictionary[ $this->driver ][ $cipher ])) { |
|
| 398 | - $cipher = $dictionary[ $this->driver ][ $cipher ]; |
|
| 397 | + if (isset($dictionary[$this->driver][$cipher])) { |
|
| 398 | + $cipher = $dictionary[$this->driver][$cipher]; |
|
| 399 | 399 | } |
| 400 | 400 | } |
| 401 | 401 | |
@@ -416,17 +416,17 @@ discard block |
||
| 416 | 416 | */ |
| 417 | 417 | public function hkdf($key, $digest = 'sha512', $salt = null, $length = null, $info = '') |
| 418 | 418 | { |
| 419 | - if ( ! isset($this->digests[ $digest ])) { |
|
| 419 | + if ( ! isset($this->digests[$digest])) { |
|
| 420 | 420 | return false; |
| 421 | 421 | } |
| 422 | 422 | |
| 423 | 423 | if (empty($length) OR ! is_int($length)) { |
| 424 | - $length = $this->digests[ $digest ]; |
|
| 425 | - } elseif ($length > (255 * $this->digests[ $digest ])) { |
|
| 424 | + $length = $this->digests[$digest]; |
|
| 425 | + } elseif ($length > (255 * $this->digests[$digest])) { |
|
| 426 | 426 | return false; |
| 427 | 427 | } |
| 428 | 428 | |
| 429 | - self::strlen($salt) OR $salt = str_repeat("\0", $this->digests[ $digest ]); |
|
| 429 | + self::strlen($salt) OR $salt = str_repeat("\0", $this->digests[$digest]); |
|
| 430 | 430 | |
| 431 | 431 | $prk = hash_hmac($digest, $key, $salt, true); |
| 432 | 432 | $key = ''; |
@@ -482,12 +482,12 @@ discard block |
||
| 482 | 482 | return false; |
| 483 | 483 | } |
| 484 | 484 | |
| 485 | - if (isset($params[ 'hmac_digest' ])) { |
|
| 485 | + if (isset($params['hmac_digest'])) { |
|
| 486 | 486 | // This might look illogical, but it is done during encryption as well ... |
| 487 | 487 | // The 'base64' value is effectively an inverted "raw data" parameter |
| 488 | - $digest_size = ($params[ 'base64' ]) |
|
| 489 | - ? $this->digests[ $params[ 'hmac_digest' ] ] * 2 |
|
| 490 | - : $this->digests[ $params[ 'hmac_digest' ] ]; |
|
| 488 | + $digest_size = ($params['base64']) |
|
| 489 | + ? $this->digests[$params['hmac_digest']] * 2 |
|
| 490 | + : $this->digests[$params['hmac_digest']]; |
|
| 491 | 491 | |
| 492 | 492 | if (self::strlen($data) <= $digest_size) { |
| 493 | 493 | return false; |
@@ -496,14 +496,14 @@ discard block |
||
| 496 | 496 | $hmac_input = self::substr($data, 0, $digest_size); |
| 497 | 497 | $data = self::substr($data, $digest_size); |
| 498 | 498 | |
| 499 | - isset($params[ 'hmac_key' ]) OR |
|
| 500 | - $params[ 'hmac_key' ] = $this->hkdf($this->key, 'sha512', null, null, 'authentication'); |
|
| 501 | - $hmac_check = hash_hmac($params[ 'hmac_digest' ], $data, $params[ 'hmac_key' ], ! $params[ 'base64' ]); |
|
| 499 | + isset($params['hmac_key']) OR |
|
| 500 | + $params['hmac_key'] = $this->hkdf($this->key, 'sha512', null, null, 'authentication'); |
|
| 501 | + $hmac_check = hash_hmac($params['hmac_digest'], $data, $params['hmac_key'], ! $params['base64']); |
|
| 502 | 502 | |
| 503 | 503 | // Time-attack-safe comparison |
| 504 | 504 | $diff = 0; |
| 505 | 505 | for ($i = 0; $i < $digest_size; $i++) { |
| 506 | - $diff |= ord($hmac_input[ $i ]) ^ ord($hmac_check[ $i ]); |
|
| 506 | + $diff |= ord($hmac_input[$i]) ^ ord($hmac_check[$i]); |
|
| 507 | 507 | } |
| 508 | 508 | |
| 509 | 509 | if ($diff !== 0) { |
@@ -511,12 +511,12 @@ discard block |
||
| 511 | 511 | } |
| 512 | 512 | } |
| 513 | 513 | |
| 514 | - if ($params[ 'base64' ]) { |
|
| 514 | + if ($params['base64']) { |
|
| 515 | 515 | $data = base64_decode($data); |
| 516 | 516 | } |
| 517 | 517 | |
| 518 | - isset($params[ 'key' ]) OR |
|
| 519 | - $params[ 'key' ] = $this->hkdf($this->key, 'sha512', null, self::strlen($this->key), 'encryption'); |
|
| 518 | + isset($params['key']) OR |
|
| 519 | + $params['key'] = $this->hkdf($this->key, 'sha512', null, self::strlen($this->key), 'encryption'); |
|
| 520 | 520 | |
| 521 | 521 | return $this->{$this->driver . 'Decrypt'}($data, $params); |
| 522 | 522 | } |
@@ -534,7 +534,7 @@ discard block |
||
| 534 | 534 | { |
| 535 | 535 | // Because aliases |
| 536 | 536 | if ($key === 'mode') { |
| 537 | - return array_search($this->mode, $this->modes[ $this->driver ], true); |
|
| 537 | + return array_search($this->mode, $this->modes[$this->driver], true); |
|
| 538 | 538 | } elseif (in_array($key, ['cipher', 'driver', 'drivers', 'digests'], true)) { |
| 539 | 539 | return $this->{'_' . $key}; |
| 540 | 540 | } |
@@ -553,33 +553,33 @@ discard block |
||
| 553 | 553 | */ |
| 554 | 554 | protected function mcryptInitialize($params) |
| 555 | 555 | { |
| 556 | - if ( ! empty($params[ 'cipher' ])) { |
|
| 557 | - $params[ 'cipher' ] = strtolower($params[ 'cipher' ]); |
|
| 558 | - $this->cipherAlias($params[ 'cipher' ]); |
|
| 556 | + if ( ! empty($params['cipher'])) { |
|
| 557 | + $params['cipher'] = strtolower($params['cipher']); |
|
| 558 | + $this->cipherAlias($params['cipher']); |
|
| 559 | 559 | |
| 560 | - if ( ! in_array($params[ 'cipher' ], mcrypt_list_algorithms(), true)) { |
|
| 560 | + if ( ! in_array($params['cipher'], mcrypt_list_algorithms(), true)) { |
|
| 561 | 561 | // 'Encryption: MCrypt cipher ' . strtoupper( $params[ 'cipher' ] ) . ' is not available.' |
| 562 | 562 | throw new BadFunctionCallException( |
| 563 | 563 | 'E_SECURITY_MCRYPT_CIPHER_UNAVAILABLE', |
| 564 | 564 | 0, |
| 565 | - [strtoupper($params[ 'cipher' ])] |
|
| 565 | + [strtoupper($params['cipher'])] |
|
| 566 | 566 | ); |
| 567 | 567 | } else { |
| 568 | - $this->cipher = $params[ 'cipher' ]; |
|
| 568 | + $this->cipher = $params['cipher']; |
|
| 569 | 569 | } |
| 570 | 570 | } |
| 571 | 571 | |
| 572 | - if ( ! empty($params[ 'mode' ])) { |
|
| 573 | - $params[ 'mode' ] = strtolower($params[ 'mode' ]); |
|
| 574 | - if ( ! isset($this->modes[ 'mcrypt' ][ $params[ 'mode' ] ])) { |
|
| 572 | + if ( ! empty($params['mode'])) { |
|
| 573 | + $params['mode'] = strtolower($params['mode']); |
|
| 574 | + if ( ! isset($this->modes['mcrypt'][$params['mode']])) { |
|
| 575 | 575 | // 'Encryption: MCrypt mode ' . strtoupper( $params[ 'mode' ] ) . ' is not available.' |
| 576 | 576 | throw new BadFunctionCallException( |
| 577 | 577 | 'E_SECURITY_MCRYPT_MODE_UNAVAILABLE', |
| 578 | 578 | 0, |
| 579 | - [strtoupper($params[ 'mode' ])] |
|
| 579 | + [strtoupper($params['mode'])] |
|
| 580 | 580 | ); |
| 581 | 581 | } else { |
| 582 | - $this->mode = $this->modes[ 'mcrypt' ][ $params[ 'mode' ] ]; |
|
| 582 | + $this->mode = $this->modes['mcrypt'][$params['mode']]; |
|
| 583 | 583 | } |
| 584 | 584 | } |
| 585 | 585 | |
@@ -618,23 +618,23 @@ discard block |
||
| 618 | 618 | */ |
| 619 | 619 | protected function opensslInitialize($params) |
| 620 | 620 | { |
| 621 | - if ( ! empty($params[ 'cipher' ])) { |
|
| 622 | - $params[ 'cipher' ] = strtolower($params[ 'cipher' ]); |
|
| 623 | - $this->cipherAlias($params[ 'cipher' ]); |
|
| 624 | - $this->cipher = $params[ 'cipher' ]; |
|
| 621 | + if ( ! empty($params['cipher'])) { |
|
| 622 | + $params['cipher'] = strtolower($params['cipher']); |
|
| 623 | + $this->cipherAlias($params['cipher']); |
|
| 624 | + $this->cipher = $params['cipher']; |
|
| 625 | 625 | } |
| 626 | 626 | |
| 627 | - if ( ! empty($params[ 'mode' ])) { |
|
| 628 | - $params[ 'mode' ] = strtolower($params[ 'mode' ]); |
|
| 629 | - if ( ! isset($this->modes[ 'openssl' ][ $params[ 'mode' ] ])) { |
|
| 627 | + if ( ! empty($params['mode'])) { |
|
| 628 | + $params['mode'] = strtolower($params['mode']); |
|
| 629 | + if ( ! isset($this->modes['openssl'][$params['mode']])) { |
|
| 630 | 630 | // 'Encryption: OpenSSL mode ' . strtoupper( $params[ 'mode' ] ) . ' is not available.' |
| 631 | 631 | throw new BadFunctionCallException( |
| 632 | 632 | 'E_SECURITY_CRYPT_OPENSSL_MODE_UNAVAILABLE', |
| 633 | 633 | 0, |
| 634 | - [strtoupper($params[ 'mode' ])] |
|
| 634 | + [strtoupper($params['mode'])] |
|
| 635 | 635 | ); |
| 636 | 636 | } else { |
| 637 | - $this->mode = $this->modes[ 'openssl' ][ $params[ 'mode' ] ]; |
|
| 637 | + $this->mode = $this->modes['openssl'][$params['mode']]; |
|
| 638 | 638 | } |
| 639 | 639 | } |
| 640 | 640 | |
@@ -676,19 +676,19 @@ discard block |
||
| 676 | 676 | */ |
| 677 | 677 | protected function mcryptEncrypt($data, $params) |
| 678 | 678 | { |
| 679 | - if ( ! is_resource($params[ 'handle' ])) { |
|
| 679 | + if ( ! is_resource($params['handle'])) { |
|
| 680 | 680 | return false; |
| 681 | 681 | } |
| 682 | 682 | |
| 683 | 683 | // The greater-than-1 comparison is mostly a work-around for a bug, |
| 684 | 684 | // where 1 is returned for ARCFour instead of 0. |
| 685 | - $iv = (($iv_size = mcrypt_enc_get_iv_size($params[ 'handle' ])) > 1) |
|
| 685 | + $iv = (($iv_size = mcrypt_enc_get_iv_size($params['handle'])) > 1) |
|
| 686 | 686 | ? $this->createKey($iv_size) |
| 687 | 687 | : null; |
| 688 | 688 | |
| 689 | - if (mcrypt_generic_init($params[ 'handle' ], $params[ 'key' ], $iv) < 0) { |
|
| 690 | - if ($params[ 'handle' ] !== $this->handle) { |
|
| 691 | - mcrypt_module_close($params[ 'handle' ]); |
|
| 689 | + if (mcrypt_generic_init($params['handle'], $params['key'], $iv) < 0) { |
|
| 690 | + if ($params['handle'] !== $this->handle) { |
|
| 691 | + mcrypt_module_close($params['handle']); |
|
| 692 | 692 | } |
| 693 | 693 | |
| 694 | 694 | return false; |
@@ -696,8 +696,8 @@ discard block |
||
| 696 | 696 | |
| 697 | 697 | // Use PKCS#7 padding in order to ensure compatibility with OpenSSL |
| 698 | 698 | // and other implementations outside of PHP. |
| 699 | - if (in_array(strtolower(mcrypt_enc_get_modes_name($params[ 'handle' ])), ['cbc', 'ecb'], true)) { |
|
| 700 | - $block_size = mcrypt_enc_get_block_size($params[ 'handle' ]); |
|
| 699 | + if (in_array(strtolower(mcrypt_enc_get_modes_name($params['handle'])), ['cbc', 'ecb'], true)) { |
|
| 700 | + $block_size = mcrypt_enc_get_block_size($params['handle']); |
|
| 701 | 701 | $pad = $block_size - (self::strlen($data) % $block_size); |
| 702 | 702 | $data .= str_repeat(chr($pad), $pad); |
| 703 | 703 | } |
@@ -713,13 +713,13 @@ discard block |
||
| 713 | 713 | // This probably would've been fine (even though still wasteful), |
| 714 | 714 | // but OpenSSL isn't that dumb and we need to make the process |
| 715 | 715 | // portable, so ... |
| 716 | - $data = (mcrypt_enc_get_modes_name($params[ 'handle' ]) !== 'ECB') |
|
| 717 | - ? $iv . mcrypt_generic($params[ 'handle' ], $data) |
|
| 718 | - : mcrypt_generic($params[ 'handle' ], $data); |
|
| 716 | + $data = (mcrypt_enc_get_modes_name($params['handle']) !== 'ECB') |
|
| 717 | + ? $iv . mcrypt_generic($params['handle'], $data) |
|
| 718 | + : mcrypt_generic($params['handle'], $data); |
|
| 719 | 719 | |
| 720 | - mcrypt_generic_deinit($params[ 'handle' ]); |
|
| 721 | - if ($params[ 'handle' ] !== $this->handle) { |
|
| 722 | - mcrypt_module_close($params[ 'handle' ]); |
|
| 720 | + mcrypt_generic_deinit($params['handle']); |
|
| 721 | + if ($params['handle'] !== $this->handle) { |
|
| 722 | + mcrypt_module_close($params['handle']); |
|
| 723 | 723 | } |
| 724 | 724 | |
| 725 | 725 | return $data; |
@@ -768,18 +768,18 @@ discard block |
||
| 768 | 768 | */ |
| 769 | 769 | protected function opensslEncrypt($data, $params) |
| 770 | 770 | { |
| 771 | - if (empty($params[ 'handle' ])) { |
|
| 771 | + if (empty($params['handle'])) { |
|
| 772 | 772 | return false; |
| 773 | 773 | } |
| 774 | 774 | |
| 775 | - $iv = ($iv_size = openssl_cipher_iv_length($params[ 'handle' ])) |
|
| 775 | + $iv = ($iv_size = openssl_cipher_iv_length($params['handle'])) |
|
| 776 | 776 | ? $this->createKey($iv_size) |
| 777 | 777 | : null; |
| 778 | 778 | |
| 779 | 779 | $data = openssl_encrypt( |
| 780 | 780 | $data, |
| 781 | - $params[ 'handle' ], |
|
| 782 | - $params[ 'key' ], |
|
| 781 | + $params['handle'], |
|
| 782 | + $params['key'], |
|
| 783 | 783 | 1, // DO NOT TOUCH! |
| 784 | 784 | $iv |
| 785 | 785 | ); |
@@ -803,14 +803,14 @@ discard block |
||
| 803 | 803 | */ |
| 804 | 804 | protected function mcryptDecrypt($data, $params) |
| 805 | 805 | { |
| 806 | - if ( ! is_resource($params[ 'handle' ])) { |
|
| 806 | + if ( ! is_resource($params['handle'])) { |
|
| 807 | 807 | return false; |
| 808 | 808 | } |
| 809 | 809 | |
| 810 | 810 | // The greater-than-1 comparison is mostly a work-around for a bug, |
| 811 | 811 | // where 1 is returned for ARCFour instead of 0. |
| 812 | - if (($iv_size = mcrypt_enc_get_iv_size($params[ 'handle' ])) > 1) { |
|
| 813 | - if (mcrypt_enc_get_modes_name($params[ 'handle' ]) !== 'ECB') { |
|
| 812 | + if (($iv_size = mcrypt_enc_get_iv_size($params['handle'])) > 1) { |
|
| 813 | + if (mcrypt_enc_get_modes_name($params['handle']) !== 'ECB') { |
|
| 814 | 814 | $iv = self::substr($data, 0, $iv_size); |
| 815 | 815 | $data = self::substr($data, $iv_size); |
| 816 | 816 | } else { |
@@ -821,23 +821,23 @@ discard block |
||
| 821 | 821 | $iv = null; |
| 822 | 822 | } |
| 823 | 823 | |
| 824 | - if (mcrypt_generic_init($params[ 'handle' ], $params[ 'key' ], $iv) < 0) { |
|
| 825 | - if ($params[ 'handle' ] !== $this->handle) { |
|
| 826 | - mcrypt_module_close($params[ 'handle' ]); |
|
| 824 | + if (mcrypt_generic_init($params['handle'], $params['key'], $iv) < 0) { |
|
| 825 | + if ($params['handle'] !== $this->handle) { |
|
| 826 | + mcrypt_module_close($params['handle']); |
|
| 827 | 827 | } |
| 828 | 828 | |
| 829 | 829 | return false; |
| 830 | 830 | } |
| 831 | 831 | |
| 832 | - $data = mdecrypt_generic($params[ 'handle' ], $data); |
|
| 832 | + $data = mdecrypt_generic($params['handle'], $data); |
|
| 833 | 833 | // Remove PKCS#7 padding, if necessary |
| 834 | - if (in_array(strtolower(mcrypt_enc_get_modes_name($params[ 'handle' ])), ['cbc', 'ecb'], true)) { |
|
| 835 | - $data = self::substr($data, 0, -ord($data[ self::strlen($data) - 1 ])); |
|
| 834 | + if (in_array(strtolower(mcrypt_enc_get_modes_name($params['handle'])), ['cbc', 'ecb'], true)) { |
|
| 835 | + $data = self::substr($data, 0, -ord($data[self::strlen($data) - 1])); |
|
| 836 | 836 | } |
| 837 | 837 | |
| 838 | - mcrypt_generic_deinit($params[ 'handle' ]); |
|
| 839 | - if ($params[ 'handle' ] !== $this->handle) { |
|
| 840 | - mcrypt_module_close($params[ 'handle' ]); |
|
| 838 | + mcrypt_generic_deinit($params['handle']); |
|
| 839 | + if ($params['handle'] !== $this->handle) { |
|
| 840 | + mcrypt_module_close($params['handle']); |
|
| 841 | 841 | } |
| 842 | 842 | |
| 843 | 843 | return $data; |
@@ -855,19 +855,19 @@ discard block |
||
| 855 | 855 | */ |
| 856 | 856 | protected function opensslDecrypt($data, $params) |
| 857 | 857 | { |
| 858 | - if ($iv_size = openssl_cipher_iv_length($params[ 'handle' ])) { |
|
| 858 | + if ($iv_size = openssl_cipher_iv_length($params['handle'])) { |
|
| 859 | 859 | $iv = self::substr($data, 0, $iv_size); |
| 860 | 860 | $data = self::substr($data, $iv_size); |
| 861 | 861 | } else { |
| 862 | 862 | $iv = null; |
| 863 | 863 | } |
| 864 | 864 | |
| 865 | - return empty($params[ 'handle' ]) |
|
| 865 | + return empty($params['handle']) |
|
| 866 | 866 | ? false |
| 867 | 867 | : openssl_decrypt( |
| 868 | 868 | $data, |
| 869 | - $params[ 'handle' ], |
|
| 870 | - $params[ 'key' ], |
|
| 869 | + $params['handle'], |
|
| 870 | + $params['key'], |
|
| 871 | 871 | 1, // DO NOT TOUCH! |
| 872 | 872 | $iv |
| 873 | 873 | ); |
@@ -160,7 +160,7 @@ discard block |
||
| 160 | 160 | |
| 161 | 161 | if ($cryptoKey > 0) { |
| 162 | 162 | foreach ($charactersMap as $key => $value) { |
| 163 | - static::$charactersMap[ $key * $cryptoKey ] = $value; |
|
| 163 | + static::$charactersMap[$key * $cryptoKey] = $value; |
|
| 164 | 164 | } |
| 165 | 165 | } |
| 166 | 166 | } |
@@ -217,7 +217,7 @@ discard block |
||
| 217 | 217 | |
| 218 | 218 | foreach ($numbers as $number) { |
| 219 | 219 | if (array_key_exists($number, static::$charactersMap)) { |
| 220 | - $letters[] = static::$charactersMap[ $number ]; |
|
| 220 | + $letters[] = static::$charactersMap[$number]; |
|
| 221 | 221 | } |
| 222 | 222 | } |
| 223 | 223 | |
@@ -197,13 +197,13 @@ discard block |
||
| 197 | 197 | public static function isUrl($string) |
| 198 | 198 | {
|
| 199 | 199 | if (preg_match('/^(?:([^:]*)\:)?\/\/(.+)$/', $string, $matches)) {
|
| 200 | - if (empty($matches[ 2 ])) {
|
|
| 200 | + if (empty($matches[2])) {
|
|
| 201 | 201 | return false; |
| 202 | - } elseif ( ! in_array($matches[ 1 ], ['http', 'https'], true)) {
|
|
| 202 | + } elseif ( ! in_array($matches[1], ['http', 'https'], true)) {
|
|
| 203 | 203 | return false; |
| 204 | 204 | } |
| 205 | 205 | |
| 206 | - $string = $matches[ 2 ]; |
|
| 206 | + $string = $matches[2]; |
|
| 207 | 207 | } |
| 208 | 208 | |
| 209 | 209 | $string = 'http://' . $string; |
@@ -599,18 +599,18 @@ discard block |
||
| 599 | 599 | switch ($type) {
|
| 600 | 600 | case 'uppercase': |
| 601 | 601 | if (preg_match_all('/[A-Z]/', $string, $uppercase)) {
|
| 602 | - $valid[ $type ] = count($uppercase[ 0 ]); |
|
| 602 | + $valid[$type] = count($uppercase[0]); |
|
| 603 | 603 | } |
| 604 | 604 | break; |
| 605 | 605 | case 'lowercase': |
| 606 | 606 | if (preg_match_all('/[a-z]/', $string, $lowercase)) {
|
| 607 | - $valid[ $type ] = count($lowercase[ 0 ]); |
|
| 607 | + $valid[$type] = count($lowercase[0]); |
|
| 608 | 608 | } |
| 609 | 609 | break; |
| 610 | 610 | case 'number': |
| 611 | 611 | case 'numbers': |
| 612 | 612 | if (preg_match_all('/[0-9]/', $string, $numbers)) {
|
| 613 | - $valid[ $type ] = count($numbers[ 0 ]); |
|
| 613 | + $valid[$type] = count($numbers[0]); |
|
| 614 | 614 | } |
| 615 | 615 | break; |
| 616 | 616 | case 'special character': |
@@ -618,7 +618,7 @@ discard block |
||
| 618 | 618 | case 'special': |
| 619 | 619 | // Special Characters |
| 620 | 620 | if (preg_match_all('/[!@#$%^&*()\-_=+{};:,<.>]/', $string, $special)) {
|
| 621 | - $valid[ $type ] = count($special[ 0 ]); |
|
| 621 | + $valid[$type] = count($special[0]); |
|
| 622 | 622 | } |
| 623 | 623 | break; |
| 624 | 624 | } |
@@ -29,7 +29,7 @@ discard block |
||
| 29 | 29 | * in it's constructor, but it's _not_ class-specific. |
| 30 | 30 | * |
| 31 | 31 | */ |
| 32 | -$charset = strtoupper(o2system()->config[ 'charset' ]); |
|
| 32 | +$charset = strtoupper(o2system()->config['charset']); |
|
| 33 | 33 | ini_set('default_charset', $charset);
|
| 34 | 34 | |
| 35 | 35 | if (extension_loaded('mbstring')) {
|
@@ -84,7 +84,7 @@ discard block |
||
| 84 | 84 | if ( |
| 85 | 85 | defined('PREG_BAD_UTF8_ERROR') // PCRE must support UTF-8
|
| 86 | 86 | AND (ICONV_ENABLED === true || MB_ENABLED === true) // iconv or mbstring must be installed |
| 87 | - AND strtoupper(o2system()->config[ 'charset' ]) === 'UTF-8' // Application charset must be UTF-8 |
|
| 87 | + AND strtoupper(o2system()->config['charset']) === 'UTF-8' // Application charset must be UTF-8 |
|
| 88 | 88 | ) {
|
| 89 | 89 | $this->isEnabled = true; |
| 90 | 90 | logger()->debug('LOG_DEBUG_UTF8_SUPPORT_ENABLED');
|
@@ -358,7 +358,7 @@ discard block |
||
| 358 | 358 | // of numerous XSS issues we've had. |
| 359 | 359 | $matches['attributes'] = preg_replace('#^[^a-z]+#i', '', $matches['attributes']);
|
| 360 | 360 | |
| 361 | - if (!preg_match($attributesPattern, $matches['attributes'], $attribute, PREG_OFFSET_CAPTURE)) {
|
|
| 361 | + if ( ! preg_match($attributesPattern, $matches['attributes'], $attribute, PREG_OFFSET_CAPTURE)) {
|
|
| 362 | 362 | // No (valid) attribute found? Discard everything else inside the tag |
| 363 | 363 | break; |
| 364 | 364 | } |
@@ -509,7 +509,7 @@ discard block |
||
| 509 | 509 | $match = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-/]+)|i', self::token . '\\1=\\2', $match[0]);
|
| 510 | 510 | |
| 511 | 511 | $charset = 'UTF-8'; |
| 512 | - if(function_exists('config')) {
|
|
| 512 | + if (function_exists('config')) {
|
|
| 513 | 513 | $charset = config()->getItem('charset');
|
| 514 | 514 | } |
| 515 | 515 | |
@@ -551,7 +551,7 @@ discard block |
||
| 551 | 551 | |
| 552 | 552 | isset($charset) || $charset = 'UTF-8'; |
| 553 | 553 | |
| 554 | - if(function_exists('config')) {
|
|
| 554 | + if (function_exists('config')) {
|
|
| 555 | 555 | $charset = config()->getItem('charset');
|
| 556 | 556 | } |
| 557 | 557 | |
@@ -562,7 +562,7 @@ discard block |
||
| 562 | 562 | |
| 563 | 563 | // Decode standard entities, avoiding false positives |
| 564 | 564 | if ($c = preg_match_all('/&[a-z]{2,}(?![a-z;])/i', $string, $matches)) {
|
| 565 | - if (!isset($entities)) {
|
|
| 565 | + if ( ! isset($entities)) {
|
|
| 566 | 566 | $entities = array_map( |
| 567 | 567 | 'strtolower', |
| 568 | 568 | get_html_translation_table(HTML_ENTITIES, $flag) |
@@ -27,7 +27,7 @@ discard block |
||
| 27 | 27 | public static function encode($string) |
| 28 | 28 | { |
| 29 | 29 | $json = json_encode($string); |
| 30 | - if(JSON_ERROR_NONE === json_last_error()) { |
|
| 30 | + if (JSON_ERROR_NONE === json_last_error()) { |
|
| 31 | 31 | return $json; |
| 32 | 32 | } |
| 33 | 33 | |
@@ -39,7 +39,7 @@ discard block |
||
| 39 | 39 | public static function decode($string) |
| 40 | 40 | { |
| 41 | 41 | $json = json_decode($string, true); |
| 42 | - if(JSON_ERROR_NONE === json_last_error()) { |
|
| 42 | + if (JSON_ERROR_NONE === json_last_error()) { |
|
| 43 | 43 | return new SplArrayObject($json); |
| 44 | 44 | } |
| 45 | 45 | |
@@ -56,8 +56,8 @@ |
||
| 56 | 56 | |
| 57 | 57 | $uri = new Uri(); |
| 58 | 58 | |
| 59 | - $metadata[ 'domain' ] = $uri->getHost(); |
|
| 60 | - $metadata[ 'ipAddress' ] = $_SERVER[ 'SERVER_ADDR' ]; |
|
| 59 | + $metadata['domain'] = $uri->getHost(); |
|
| 60 | + $metadata['ipAddress'] = $_SERVER['SERVER_ADDR']; |
|
| 61 | 61 | |
| 62 | 62 | $string = json_encode($metadata); |
| 63 | 63 | $string = md5($string); |
@@ -86,7 +86,7 @@ |
||
| 86 | 86 | $max = strlen($codeAlphabet); |
| 87 | 87 | |
| 88 | 88 | for ($i = 0; $i < $length; $i++) { |
| 89 | - $token .= $codeAlphabet[ random_int(0, $max - 1) ]; |
|
| 89 | + $token .= $codeAlphabet[random_int(0, $max - 1)]; |
|
| 90 | 90 | } |
| 91 | 91 | |
| 92 | 92 | return $token; |
