webcol /
Calima
@@ -41,155 +41,155 @@ |
||
| 41 | 41 | private $bdchar = CF_BD_CHAR; |
| 42 | 42 | private $bdconector = CF_BD_CONECTOR; |
| 43 | 43 | |
| 44 | - public function __construct() { |
|
| 45 | - session_regenerate_id(true); |
|
| 46 | - // set our custom session functions. |
|
| 47 | - session_set_save_handler(array($this, 'abrir'), array($this, 'cerrar'), array($this, 'leer'), array($this, 'escribir'), array($this, 'destruir'), array($this, 'gc')); |
|
| 48 | - // This line prevents unexpected effects when using objects as save handlers. |
|
| 49 | - register_shutdown_function('session_write_close'); |
|
| 50 | - } |
|
| 51 | - /* public function __destruct() { |
|
| 44 | + public function __construct() { |
|
| 45 | + session_regenerate_id(true); |
|
| 46 | + // set our custom session functions. |
|
| 47 | + session_set_save_handler(array($this, 'abrir'), array($this, 'cerrar'), array($this, 'leer'), array($this, 'escribir'), array($this, 'destruir'), array($this, 'gc')); |
|
| 48 | + // This line prevents unexpected effects when using objects as save handlers. |
|
| 49 | + register_shutdown_function('session_write_close'); |
|
| 50 | + } |
|
| 51 | + /* public function __destruct() { |
|
| 52 | 52 | session_regenerate_id(true); |
| 53 | 53 | }*/ |
| 54 | - function iniciarSesion($session_name, $secure) { |
|
| 55 | - // Make sure the session cookie is not accessable via javascript. |
|
| 56 | - $httpunico = true; |
|
| 54 | + function iniciarSesion($session_name, $secure) { |
|
| 55 | + // Make sure the session cookie is not accessable via javascript. |
|
| 56 | + $httpunico = true; |
|
| 57 | 57 | |
| 58 | - // Hash algorithm to use for the sessionid. (use hash_algos() to get a list of available hashes.) |
|
| 59 | - $sesion_hash = 'sha512'; |
|
| 58 | + // Hash algorithm to use for the sessionid. (use hash_algos() to get a list of available hashes.) |
|
| 59 | + $sesion_hash = 'sha512'; |
|
| 60 | 60 | |
| 61 | - // Check if hash is available |
|
| 62 | - if (in_array($sesion_hash, hash_algos())) { |
|
| 61 | + // Check if hash is available |
|
| 62 | + if (in_array($sesion_hash, hash_algos())) { |
|
| 63 | 63 | // Set the has function. |
| 64 | 64 | ini_set('session.hash_function', $sesion_hash); |
| 65 | - } |
|
| 66 | - // How many bits per character of the hash. |
|
| 67 | - // The possible values are '4' (0-9, a-f), '5' (0-9, a-v), and '6' (0-9, a-z, A-Z, "-", ","). |
|
| 68 | - ini_set('session.hash_bits_per_character', 5); |
|
| 69 | - |
|
| 70 | - // Force the session to only use cookies, not URL variables. |
|
| 71 | - ini_set('session.use_only_cookies', 1); |
|
| 72 | - |
|
| 73 | - // Get session cookie parameters |
|
| 74 | - $cookieParams = session_get_cookie_params(); |
|
| 75 | - // Set the parameters |
|
| 76 | - session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httpunico); |
|
| 77 | - // Change the session name |
|
| 78 | - session_name($session_name); |
|
| 79 | - // Now we cat start the session |
|
| 80 | - session_start(); |
|
| 65 | + } |
|
| 66 | + // How many bits per character of the hash. |
|
| 67 | + // The possible values are '4' (0-9, a-f), '5' (0-9, a-v), and '6' (0-9, a-z, A-Z, "-", ","). |
|
| 68 | + ini_set('session.hash_bits_per_character', 5); |
|
| 69 | + |
|
| 70 | + // Force the session to only use cookies, not URL variables. |
|
| 71 | + ini_set('session.use_only_cookies', 1); |
|
| 72 | + |
|
| 73 | + // Get session cookie parameters |
|
| 74 | + $cookieParams = session_get_cookie_params(); |
|
| 75 | + // Set the parameters |
|
| 76 | + session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httpunico); |
|
| 77 | + // Change the session name |
|
| 78 | + session_name($session_name); |
|
| 79 | + // Now we cat start the session |
|
| 80 | + session_start(); |
|
| 81 | 81 | |
| 82 | - // This line regenerates the session and delete the old one. |
|
| 83 | - // It also generates a new encryption key in the database. |
|
| 82 | + // This line regenerates the session and delete the old one. |
|
| 83 | + // It also generates a new encryption key in the database. |
|
| 84 | 84 | |
| 85 | - } |
|
| 85 | + } |
|
| 86 | 86 | |
| 87 | 87 | // ingrese la informacion de conexion a su base de datos, debe ser igual a la que esta en CFConfiguracion.php |
| 88 | - function abrir() { |
|
| 89 | - $host = $this->host; |
|
| 90 | - $user = $this->usuario; |
|
| 91 | - $pass = $this->clave; |
|
| 92 | - $name = $this->bdnombre; |
|
| 88 | + function abrir() { |
|
| 89 | + $host = $this->host; |
|
| 90 | + $user = $this->usuario; |
|
| 91 | + $pass = $this->clave; |
|
| 92 | + $name = $this->bdnombre; |
|
| 93 | 93 | |
| 94 | - $mysqli = new \mysqli($host, $user, $pass, $name); |
|
| 95 | - $this->db = $mysqli; |
|
| 96 | - return true; |
|
| 97 | - } |
|
| 94 | + $mysqli = new \mysqli($host, $user, $pass, $name); |
|
| 95 | + $this->db = $mysqli; |
|
| 96 | + return true; |
|
| 97 | + } |
|
| 98 | 98 | |
| 99 | - function cerrar() { |
|
| 100 | - $this->db->close(); |
|
| 101 | - return true; |
|
| 102 | - } |
|
| 99 | + function cerrar() { |
|
| 100 | + $this->db->close(); |
|
| 101 | + return true; |
|
| 102 | + } |
|
| 103 | 103 | |
| 104 | 104 | |
| 105 | - function leer($id) { |
|
| 106 | - if(!isset($this->read_stmt)) { |
|
| 107 | - $this->read_stmt = $this->db->prepare("SELECT data FROM sesiones WHERE id = ? LIMIT 1"); |
|
| 108 | - } |
|
| 109 | - $this->read_stmt->bind_param('s', $id); |
|
| 110 | - $this->read_stmt->execute(); |
|
| 111 | - $this->read_stmt->store_result(); |
|
| 112 | - $this->read_stmt->bind_result($data); |
|
| 113 | - $this->read_stmt->fetch(); |
|
| 114 | - $key = $this->getkey($id); |
|
| 115 | - $data = $this->decrypt($data, $key); |
|
| 116 | - return $data; |
|
| 117 | - } |
|
| 105 | + function leer($id) { |
|
| 106 | + if(!isset($this->read_stmt)) { |
|
| 107 | + $this->read_stmt = $this->db->prepare("SELECT data FROM sesiones WHERE id = ? LIMIT 1"); |
|
| 108 | + } |
|
| 109 | + $this->read_stmt->bind_param('s', $id); |
|
| 110 | + $this->read_stmt->execute(); |
|
| 111 | + $this->read_stmt->store_result(); |
|
| 112 | + $this->read_stmt->bind_result($data); |
|
| 113 | + $this->read_stmt->fetch(); |
|
| 114 | + $key = $this->getkey($id); |
|
| 115 | + $data = $this->decrypt($data, $key); |
|
| 116 | + return $data; |
|
| 117 | + } |
|
| 118 | 118 | |
| 119 | 119 | |
| 120 | 120 | |
| 121 | 121 | |
| 122 | 122 | |
| 123 | - function escribir($id, $data) { |
|
| 124 | - // Get unique key |
|
| 125 | - $key = $this->getkey($id); |
|
| 126 | - // Encrypt the data |
|
| 127 | - $data = $this->encrypt($data, $key); |
|
| 123 | + function escribir($id, $data) { |
|
| 124 | + // Get unique key |
|
| 125 | + $key = $this->getkey($id); |
|
| 126 | + // Encrypt the data |
|
| 127 | + $data = $this->encrypt($data, $key); |
|
| 128 | 128 | |
| 129 | - $time = time(); |
|
| 130 | - if(!isset($this->w_stmt)) { |
|
| 131 | - $this->w_stmt = $this->db->prepare("REPLACE INTO sesiones (id, set_time, data, session_key) VALUES (?, ?, ?, ?)"); |
|
| 132 | - } |
|
| 129 | + $time = time(); |
|
| 130 | + if(!isset($this->w_stmt)) { |
|
| 131 | + $this->w_stmt = $this->db->prepare("REPLACE INTO sesiones (id, set_time, data, session_key) VALUES (?, ?, ?, ?)"); |
|
| 132 | + } |
|
| 133 | 133 | |
| 134 | - $this->w_stmt->bind_param('siss', $id, $time, $data, $key); |
|
| 135 | - $this->w_stmt->execute(); |
|
| 136 | - return true; |
|
| 137 | - } |
|
| 138 | - |
|
| 139 | - function destruir($id) { |
|
| 140 | - if(!isset($this->delete_stmt)) { |
|
| 141 | - $this->delete_stmt = $this->db->prepare("DELETE FROM sesiones WHERE id = ?"); |
|
| 142 | - } |
|
| 143 | - $this->delete_stmt->bind_param('s', $id); |
|
| 144 | - $this->delete_stmt->execute(); |
|
| 145 | - return true; |
|
| 146 | - } |
|
| 147 | - |
|
| 148 | - function gc($max) { |
|
| 149 | - if(!isset($this->gc_stmt)) { |
|
| 150 | - $this->gc_stmt = $this->db->prepare("DELETE FROM sesiones WHERE set_time < ?"); |
|
| 151 | - } |
|
| 152 | - $old = time() - $max; |
|
| 153 | - $this->gc_stmt->bind_param('s', $old); |
|
| 154 | - $this->gc_stmt->execute(); |
|
| 155 | - return true; |
|
| 156 | - } |
|
| 157 | - |
|
| 158 | - private function getkey($id) { |
|
| 134 | + $this->w_stmt->bind_param('siss', $id, $time, $data, $key); |
|
| 135 | + $this->w_stmt->execute(); |
|
| 136 | + return true; |
|
| 137 | + } |
|
| 138 | + |
|
| 139 | + function destruir($id) { |
|
| 140 | + if(!isset($this->delete_stmt)) { |
|
| 141 | + $this->delete_stmt = $this->db->prepare("DELETE FROM sesiones WHERE id = ?"); |
|
| 142 | + } |
|
| 143 | + $this->delete_stmt->bind_param('s', $id); |
|
| 144 | + $this->delete_stmt->execute(); |
|
| 145 | + return true; |
|
| 146 | + } |
|
| 147 | + |
|
| 148 | + function gc($max) { |
|
| 149 | + if(!isset($this->gc_stmt)) { |
|
| 150 | + $this->gc_stmt = $this->db->prepare("DELETE FROM sesiones WHERE set_time < ?"); |
|
| 151 | + } |
|
| 152 | + $old = time() - $max; |
|
| 153 | + $this->gc_stmt->bind_param('s', $old); |
|
| 154 | + $this->gc_stmt->execute(); |
|
| 155 | + return true; |
|
| 156 | + } |
|
| 157 | + |
|
| 158 | + private function getkey($id) { |
|
| 159 | 159 | |
| 160 | 160 | |
| 161 | - if(!isset($this->key_stmt)) { |
|
| 162 | - $this->key_stmt = $this->db->prepare("SELECT session_key FROM sesiones WHERE id = ? LIMIT 1"); |
|
| 163 | - } |
|
| 164 | - $this->key_stmt->bind_param('s', $id); |
|
| 165 | - $this->key_stmt->execute(); |
|
| 166 | - $this->key_stmt->store_result(); |
|
| 167 | - if($this->key_stmt->num_rows == 1) { |
|
| 168 | - $this->key_stmt->bind_result($key); |
|
| 169 | - $this->key_stmt->fetch(); |
|
| 170 | - return $key; |
|
| 171 | - } else { |
|
| 172 | - $random_key = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true)); |
|
| 173 | - return $random_key; |
|
| 174 | - } |
|
| 175 | - } |
|
| 176 | - |
|
| 177 | - private function encrypt($data, $key) { |
|
| 178 | - $salt = 'cH!swe!retReGu7W6bEDRup7usuDUh9THeD2CHeGE*ewr4n39=E@rAsp7c-Ph@pH'; |
|
| 179 | - $key = substr(hash('sha256', $salt.$key.$salt), 0, 32); |
|
| 180 | - $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); |
|
| 181 | - $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); |
|
| 182 | - $encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $data, MCRYPT_MODE_ECB, $iv)); |
|
| 183 | - return $encrypted; |
|
| 184 | - } |
|
| 185 | - private function decrypt($data, $key) { |
|
| 186 | - $salt = 'cH!swe!retReGu7W6bEDRup7usuDUh9THeD2CHeGE*ewr4n39=E@rAsp7c-Ph@pH'; |
|
| 187 | - $key = substr(hash('sha256', $salt.$key.$salt), 0, 32); |
|
| 188 | - $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); |
|
| 189 | - $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); |
|
| 190 | - $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($data), MCRYPT_MODE_ECB, $iv); |
|
| 191 | - return $decrypted; |
|
| 192 | - } |
|
| 161 | + if(!isset($this->key_stmt)) { |
|
| 162 | + $this->key_stmt = $this->db->prepare("SELECT session_key FROM sesiones WHERE id = ? LIMIT 1"); |
|
| 163 | + } |
|
| 164 | + $this->key_stmt->bind_param('s', $id); |
|
| 165 | + $this->key_stmt->execute(); |
|
| 166 | + $this->key_stmt->store_result(); |
|
| 167 | + if($this->key_stmt->num_rows == 1) { |
|
| 168 | + $this->key_stmt->bind_result($key); |
|
| 169 | + $this->key_stmt->fetch(); |
|
| 170 | + return $key; |
|
| 171 | + } else { |
|
| 172 | + $random_key = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true)); |
|
| 173 | + return $random_key; |
|
| 174 | + } |
|
| 175 | + } |
|
| 176 | + |
|
| 177 | + private function encrypt($data, $key) { |
|
| 178 | + $salt = 'cH!swe!retReGu7W6bEDRup7usuDUh9THeD2CHeGE*ewr4n39=E@rAsp7c-Ph@pH'; |
|
| 179 | + $key = substr(hash('sha256', $salt.$key.$salt), 0, 32); |
|
| 180 | + $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); |
|
| 181 | + $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); |
|
| 182 | + $encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $data, MCRYPT_MODE_ECB, $iv)); |
|
| 183 | + return $encrypted; |
|
| 184 | + } |
|
| 185 | + private function decrypt($data, $key) { |
|
| 186 | + $salt = 'cH!swe!retReGu7W6bEDRup7usuDUh9THeD2CHeGE*ewr4n39=E@rAsp7c-Ph@pH'; |
|
| 187 | + $key = substr(hash('sha256', $salt.$key.$salt), 0, 32); |
|
| 188 | + $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); |
|
| 189 | + $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); |
|
| 190 | + $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($data), MCRYPT_MODE_ECB, $iv); |
|
| 191 | + return $decrypted; |
|
| 192 | + } |
|
| 193 | 193 | |
| 194 | 194 | } |
| 195 | 195 | |
@@ -26,7 +26,7 @@ discard block |
||
| 26 | 26 | //verificamos la version de php en tu servidor web o local |
| 27 | 27 | if (version_compare(PHP_VERSION, '5.3.20', '<')) |
| 28 | 28 | { |
| 29 | - die('Su Hosting tiene una version < a PHP 5.3.20 debes actualizar para esta version de Calima. su version actual de PHP es: '.PHP_VERSION); |
|
| 29 | + die('Su Hosting tiene una version < a PHP 5.3.20 debes actualizar para esta version de Calima. su version actual de PHP es: '.PHP_VERSION); |
|
| 30 | 30 | } |
| 31 | 31 | |
| 32 | 32 | |
@@ -45,7 +45,7 @@ discard block |
||
| 45 | 45 | private $_analytics; |
| 46 | 46 | public function __construct() { |
| 47 | 47 | parent::__construct(); |
| 48 | - $this->_basedatos=$this->cargaModelo('instalador'); |
|
| 48 | + $this->_basedatos=$this->cargaModelo('instalador'); |
|
| 49 | 49 | |
| 50 | 50 | $this->_ayuda= new Sisayu\CFPHPAyuda; |
| 51 | 51 | } |
@@ -68,29 +68,29 @@ discard block |
||
| 68 | 68 | |
| 69 | 69 | public function verificarBd(){ |
| 70 | 70 | |
| 71 | - $proyecto=$_POST['proyecto']; |
|
| 72 | - if(isset($_POST['analytics'])!=''){ |
|
| 71 | + $proyecto=$_POST['proyecto']; |
|
| 72 | + if(isset($_POST['analytics'])!=''){ |
|
| 73 | 73 | $this->_analytics="'".$_POST['analytics']."'"; |
| 74 | - } |
|
| 75 | - $this->_analytics="'"."UA-xxxxxx"."'"; |
|
| 74 | + } |
|
| 75 | + $this->_analytics="'"."UA-xxxxxx"."'"; |
|
| 76 | 76 | |
| 77 | 77 | |
| 78 | - $analytics=$this->_analytics; |
|
| 79 | - $hostbd="'".$_POST['hostbd']."'"; |
|
| 80 | - $nombrebd="'".$_POST['nombrebd']."'"; |
|
| 81 | - $usuariobd="'".$_POST['usuariobd']."'"; |
|
| 82 | - $clavebd="'".$_POST['clavebd']."'"; |
|
| 83 | - $config="'".$_POST['config']."'"; |
|
| 78 | + $analytics=$this->_analytics; |
|
| 79 | + $hostbd="'".$_POST['hostbd']."'"; |
|
| 80 | + $nombrebd="'".$_POST['nombrebd']."'"; |
|
| 81 | + $usuariobd="'".$_POST['usuariobd']."'"; |
|
| 82 | + $clavebd="'".$_POST['clavebd']."'"; |
|
| 83 | + $config="'".$_POST['config']."'"; |
|
| 84 | 84 | |
| 85 | - $a= $this->_basedatos->verificarBdM($_POST['nombrebd'],$_POST['usuariobd'],$_POST['clavebd']); |
|
| 85 | + $a= $this->_basedatos->verificarBdM($_POST['nombrebd'],$_POST['usuariobd'],$_POST['clavebd']); |
|
| 86 | 86 | |
| 87 | - if($a){ |
|
| 87 | + if($a){ |
|
| 88 | 88 | |
| 89 | 89 | $this->paso1($proyecto,$analytics,$hostbd,$nombrebd,$usuariobd,$usuariobd,$clavebd,$config); |
| 90 | 90 | |
| 91 | - }else{ |
|
| 92 | - $this->_ayuda->redireccionUrl('instalador?error="Los datos que estas ingresando no coniciden con los de la BD"'); |
|
| 93 | - } |
|
| 91 | + }else{ |
|
| 92 | + $this->_ayuda->redireccionUrl('instalador?error="Los datos que estas ingresando no coniciden con los de la BD"'); |
|
| 93 | + } |
|
| 94 | 94 | |
| 95 | 95 | } |
| 96 | 96 | |
@@ -177,7 +177,7 @@ discard block |
||
| 177 | 177 | fwrite($file, "/* en el controlador concatena la constante con el llamado a la funcion generarCadenaAleatoria() de Cf_PHPSeguridad */" . PHP_EOL); |
| 178 | 178 | fwrite($file, "define('Cf_CSRF_SECRET','Cfbeta');" . PHP_EOL.PHP_EOL); |
| 179 | 179 | |
| 180 | - fwrite($file, "/* Si usted va a utilizar SSL debe de cambiar a true */" . PHP_EOL); |
|
| 180 | + fwrite($file, "/* Si usted va a utilizar SSL debe de cambiar a true */" . PHP_EOL); |
|
| 181 | 181 | fwrite($file, "define('Cf_SESION_PARAMETRO_SEGURO','false');" . PHP_EOL.PHP_EOL); |
| 182 | 182 | |
| 183 | 183 | fwrite($file, "/* #base de datos */" . PHP_EOL. PHP_EOL); |
@@ -192,7 +192,7 @@ discard block |
||
| 192 | 192 | fwrite($file, ""); |
| 193 | 193 | fclose($file); |
| 194 | 194 | |
| 195 | - $this->_ayuda->redireccionUrl('instalador/crearBaseDatos'); |
|
| 195 | + $this->_ayuda->redireccionUrl('instalador/crearBaseDatos'); |
|
| 196 | 196 | |
| 197 | 197 | } |
| 198 | 198 | |
