Update: Added password protection to phpBB3

Closes #39
author: Kelly Rauchenberger <fefferburbia@gmail.com> 2008-08-24 19:55:44 +0000
committer: Kelly Rauchenberger <fefferburbia@gmail.com> 2008-08-24 19:55:44 +0000
commit: 2795a0f652f0160ead045830f422fae3ac08c706 (patch)
tree: 924268cc646f31bba5e242ac5f120769bd6e2902 /update/plugin/phpBB3/trunk/root
parent: 0632618a9d0afe4a6a6d9785777ffae079ba56b8 (diff)
download: instadisc-2795a0f652f0160ead045830f422fae3ac08c706.tar.gz
instadisc-2795a0f652f0160ead045830f422fae3ac08c706.tar.bz2
instadisc-2795a0f652f0160ead045830f422fae3ac08c706.zip
1 files changed, 36 insertions, 3 deletions
diff --git a/update/plugin/phpBB3/trunk/root/includes/functions_instadisc.php b/update/plugin/phpBB3/trunk/root/includes/functions_instadisc.php
index 714a47b..02675ed 100644
--- a/update/plugin/phpBB3/trunk/root/includes/functions_instadisc.php
+++ b/update/plugin/phpBB3/trunk/root/includes/functions_instadisc.php

@@ -24,7 +24,7 @@ include($phpbb_root_path . 'includes/xmlrpc/xmlrpc.inc');
 function sendItem($title, $userID, $url, $fourm)
 {
        global $config, $db, $phpbb_root_path;
-        $verID = rand(1,2147483647);
+        $verID = rand(1,65536);
        $da = array('user_id' => $userID);
        $getuser = "SELECT * FROM " . USERS_TABLE . " WHERE " . $db->sql_build_array('SELECT', $da);
@@ -33,7 +33,7 @@ function sendItem($title, $userID, $url, $fourm)
        $db->sql_freeresult($getuser2);
        $author = $getuser3['username'];
-        $url = str_replace($phpbb_root_path, generate_board_url() . '/', $url);
+        $url = html_entity_decode(str_replace($phpbb_root_path, generate_board_url() . '/', $url));
        $da = array('forum_id' => $fourm);
        $getfourm = "SELECT * FROM " . FORUMS_TABLE . " WHERE " . $db->sql_build_array('SELECT', $da);
@@ -42,6 +42,29 @@ function sendItem($title, $userID, $url, $fourm)
        $db->sql_freeresult($getfourm2);
        $semantics = array('forum' => $getfourm3['forum_name']);
+        $encID = 0;
+        if (($config['id_encryption_key'] != '') && extension_loaded('mcrypt'))
+        {
+                $encID = rand(1,2147483647);
+                $cipher = 'rijndael-128';
+                $mode = 'cbc';
+                $key = substr(md5(substr(str_pad($config['id_encryption_key'],16,$encID),0,16)),0,16);
+                $td = mcrypt_module_open($cipher, "", $mode, "");
+                $title = encryptString($td, $key, $title);
+                $author = encryptString($td, $key, $author);
+                $url = encryptString($td, $key, $url);
+                foreach ($semantics as $name => $value)
+                {
+                        $semantics[$name] = encryptString($td, $key, $value);
+                }
+                mcrypt_module_close($td);
+        }
        $client = new xmlrpc_client($config['id_central_server']);
        $msg = new xmlrpcmsg("InstaDisc.sendFromUpdate", array( new xmlrpcval($config['id_username'], 'string'),
                                                                new xmlrpcval(md5($config['id_username'] . ':' . md5($config['id_password']) . ':' . $verID), 'string'),
@@ -50,7 +73,8 @@ function sendItem($title, $userID, $url, $fourm)
                                                                new xmlrpcval($title, 'string'),
                                                                new xmlrpcval($author, 'string'),
                                                                new xmlrpcval($url, 'string'),
-                                                                new xmlrpcval(serialize($semantics), 'string')));
+                                                                new xmlrpcval(serialize($semantics), 'string'),
+                                                                new xmlrpcval($encID, 'int')));
        $resp = $client->send($msg);
        $val = $resp->value()->scalarVal();
@@ -60,4 +84,13 @@ function sendItem($title, $userID, $url, $fourm)
        }
 }
+function encryptString($td, $key, $string)
+{
+        mcrypt_generic_init($td, $key, strrev($key));
+        $string = bin2hex(mcrypt_generic($td, $string));
+        mcrypt_generic_deinit($td);
+        return $string;
+}
 ?>
author	Kelly Rauchenberger <fefferburbia@gmail.com>	2008-08-24 19:55:44 +0000
committer	Kelly Rauchenberger <fefferburbia@gmail.com>	2008-08-24 19:55:44 +0000
commit	2795a0f652f0160ead045830f422fae3ac08c706 (patch)
tree	924268cc646f31bba5e242ac5f120769bd6e2902 /update/plugin/phpBB3/trunk/root
parent	0632618a9d0afe4a6a6d9785777ffae079ba56b8 (diff)
download	instadisc-2795a0f652f0160ead045830f422fae3ac08c706.tar.gz instadisc-2795a0f652f0160ead045830f422fae3ac08c706.tar.bz2 instadisc-2795a0f652f0160ead045830f422fae3ac08c706.zip

diff --git a/update/plugin/phpBB3/trunk/root/includes/functions_instadisc.php b/update/plugin/phpBB3/trunk/root/includes/functions_instadisc.php index 714a47b..02675ed 100644 --- a/update/plugin/phpBB3/trunk/root/includes/functions_instadisc.php +++ b/update/plugin/phpBB3/trunk/root/includes/functions_instadisc.php
@@ -24,7 +24,7 @@ include($phpbb_root_path . 'includes/xmlrpc/xmlrpc.inc');
24	function sendItem($title, $userID, $url, $fourm)	24	function sendItem($title, $userID, $url, $fourm)
25	{	25	{
26	global $config, $db, $phpbb_root_path;	26	global $config, $db, $phpbb_root_path;
27	$verID = rand(1,2147483647);	27	$verID = rand(1,65536);
28		28
29	$da = array('user_id' => $userID);	29	$da = array('user_id' => $userID);
30	$getuser = "SELECT * FROM " . USERS_TABLE . " WHERE " . $db->sql_build_array('SELECT', $da);	30	$getuser = "SELECT * FROM " . USERS_TABLE . " WHERE " . $db->sql_build_array('SELECT', $da);
@@ -33,7 +33,7 @@ function sendItem($title, $userID, $url, $fourm)
33	$db->sql_freeresult($getuser2);	33	$db->sql_freeresult($getuser2);
34	$author = $getuser3['username'];	34	$author = $getuser3['username'];
35		35
36	$url = str_replace($phpbb_root_path, generate_board_url() . '/', $url);	36	$url = html_entity_decode(str_replace($phpbb_root_path, generate_board_url() . '/', $url));
37		37
38	$da = array('forum_id' => $fourm);	38	$da = array('forum_id' => $fourm);
39	$getfourm = "SELECT * FROM " . FORUMS_TABLE . " WHERE " . $db->sql_build_array('SELECT', $da);	39	$getfourm = "SELECT * FROM " . FORUMS_TABLE . " WHERE " . $db->sql_build_array('SELECT', $da);
@@ -42,6 +42,29 @@ function sendItem($title, $userID, $url, $fourm)
42	$db->sql_freeresult($getfourm2);	42	$db->sql_freeresult($getfourm2);
43	$semantics = array('forum' => $getfourm3['forum_name']);	43	$semantics = array('forum' => $getfourm3['forum_name']);
44		44
		45	$encID = 0;
		46	if (($config['id_encryption_key'] != '') && extension_loaded('mcrypt'))
		47	{
		48	$encID = rand(1,2147483647);
		49
		50	$cipher = 'rijndael-128';
		51	$mode = 'cbc';
		52	$key = substr(md5(substr(str_pad($config['id_encryption_key'],16,$encID),0,16)),0,16);
		53
		54	$td = mcrypt_module_open($cipher, "", $mode, "");
		55
		56	$title = encryptString($td, $key, $title);
		57	$author = encryptString($td, $key, $author);
		58	$url = encryptString($td, $key, $url);
		59
		60	foreach ($semantics as $name => $value)
		61	{
		62	$semantics[$name] = encryptString($td, $key, $value);
		63	}
		64
		65	mcrypt_module_close($td);
		66	}
		67
45	$client = new xmlrpc_client($config['id_central_server']);	68	$client = new xmlrpc_client($config['id_central_server']);
46	$msg = new xmlrpcmsg("InstaDisc.sendFromUpdate", array( new xmlrpcval($config['id_username'], 'string'),	69	$msg = new xmlrpcmsg("InstaDisc.sendFromUpdate", array( new xmlrpcval($config['id_username'], 'string'),
47	new xmlrpcval(md5($config['id_username'] . ':' . md5($config['id_password']) . ':' . $verID), 'string'),	70	new xmlrpcval(md5($config['id_username'] . ':' . md5($config['id_password']) . ':' . $verID), 'string'),
@@ -50,7 +73,8 @@ function sendItem($title, $userID, $url, $fourm)
50	new xmlrpcval($title, 'string'),	73	new xmlrpcval($title, 'string'),
51	new xmlrpcval($author, 'string'),	74	new xmlrpcval($author, 'string'),
52	new xmlrpcval($url, 'string'),	75	new xmlrpcval($url, 'string'),
53	new xmlrpcval(serialize($semantics), 'string')));	76	new xmlrpcval(serialize($semantics), 'string'),
		77	new xmlrpcval($encID, 'int')));
54	$resp = $client->send($msg);	78	$resp = $client->send($msg);
55	$val = $resp->value()->scalarVal();	79	$val = $resp->value()->scalarVal();
56		80
@@ -60,4 +84,13 @@ function sendItem($title, $userID, $url, $fourm)
60	}	84	}
61	}	85	}
62		86
		87	function encryptString($td, $key, $string)
		88	{
		89	mcrypt_generic_init($td, $key, strrev($key));
		90	$string = bin2hex(mcrypt_generic($td, $string));
		91	mcrypt_generic_deinit($td);
		92
		93	return $string;
		94	}
		95
63	?>	96	?>