-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathencryption.php
136 lines (111 loc) · 5.31 KB
/
encryption.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
<?php
/*
Plugin Name: ClassicPress Encryption
Plugin URI: https://github.com/ClassicPress-research/encryption-functions/
Description: Encryption features for GDPR and privacy laws compliance.
Author: Raymund John Ang
Author URI: https://open-nis.org/
Text Domain: cp-encryption
Version: 0.9.1
Credits: BasicPHP [Source code]. https://github.com/ray-ang/basicphp
Open-NIS Nursing ekardex [Source code]. https://github.com/ray-ang/open-nis-patient-care-summary
*/
if ( ! class_exists('Basic') ) require __DIR__ . '/Basic.php'; // BasicPHP class library
add_filter( 'admin_init', 'cp_check_pass_phrase' ); // Require passphrase alert
function cp_check_pass_phrase() {
if ( ! defined( 'CP_PASS_PHRASE' ) && is_admin() && ! wp_doing_ajax() && ( stristr($_SERVER['REQUEST_URI'], 'post.php') || stristr($_SERVER['REQUEST_URI'], 'post-new.php') ) ) {
?>
<script>alert('Warning: Constant CP_PASS_PHRASE is not defined in wp-config.php file.');</script>
<?php
}
if ( defined( 'CP_PASS_PHRASE' ) && is_admin() && ! wp_doing_ajax() && ( stristr($_SERVER['REQUEST_URI'], 'post.php') || stristr($_SERVER['REQUEST_URI'], 'post-new.php') ) ) {
if ( filter_var(CP_PASS_PHRASE, FILTER_VALIDATE_URL) ) {
$api = CP_PASS_PHRASE . '?action=encrypt';
$response = Basic::apiCall('POST', $api, ['key' => CP_PASS_PHRASE]);
if ($response['code'] !== 200) {
?>
<script>alert('Warning: Invalid Key-Encryption-Key API server URL.');</script>
<?php
}
}
}
}
/**
* Open-NIS Nursing ekardex post meta encrypt & decrypt buttons
*/
add_action( 'admin_init', 'cp_admin_encrypt_btn' ); // Encrypt and decrypt buttons
function cp_admin_encrypt_btn() {
if( is_admin() && ! wp_doing_ajax() && isset($_POST['encrypt']) && $_POST['encrypt'] === 'Encrypt' && ! empty($_POST) ) {
// Default WordPress custom fields
if ( isset($_POST['meta']) ) {
foreach ( $_POST['meta'] as $meta ) {
if ( substr( ltrim($meta['value']), 0, 4 ) !== 'encv' ) {
$index = array_search($meta, $_POST['meta']);
$_POST['meta'][$index]['value'] = Basic::encrypt($meta['value'], CP_PASS_PHRASE);
}
}
}
// Advanced Custom Fields compatibility
if ( isset($_POST['acf']) ) {
foreach ( $_POST['acf'] as $key => $value ) {
if ( substr( ltrim($value), 0, 4 ) !== 'encv' ) {
if ( is_array($value) ) {
foreach ($value as $sub_key => $sub_value) {
$_POST['acf'][$sub_key] = Basic::encrypt($sub_value, CP_PASS_PHRASE);
}
} else {
$_POST['acf'][$key] = Basic::encrypt($value, CP_PASS_PHRASE);
}
}
}
}
}
if( is_admin() && ! wp_doing_ajax() && isset($_POST['decrypt']) && $_POST['decrypt'] === 'Decrypt' && ! empty($_POST) ) {
// Default WordPress custom fields
if ( isset($_POST['meta']) ) {
foreach ( $_POST['meta'] as $meta ) {
if ( substr( ltrim($meta['value']), 0, 4 ) === 'encv' ) {
$index = array_search($meta, $_POST['meta']);
$_POST['meta'][$index]['value'] = Basic::decrypt($meta['value'], CP_PASS_PHRASE);
}
}
}
// Advanced Custom Fields compatibility
if ( isset($_POST['acf']) ) {
foreach ( $_POST['acf'] as $key => $value ) {
if ( substr( ltrim($value), 0, 4 ) === 'encv' ) {
if ( is_array($value) ) {
foreach ($value as $sub_key => $sub_value) {
$_POST['acf'][$sub_key] = Basic::decrypt($sub_value, CP_PASS_PHRASE);
}
} else {
$_POST['acf'][$key] = Basic::decrypt($value, CP_PASS_PHRASE);
}
}
}
}
}
}
add_action( 'admin_footer', 'cp_admin_footer' ); // Admin - footer
function cp_admin_footer() {
if ( is_admin() && ! wp_doing_ajax() && ( stristr($_SERVER['REQUEST_URI'], 'post.php') || stristr($_SERVER['REQUEST_URI'], 'post-new.php') ) ) {
?>
<script>
// Render encrypt and decrypt buttons
const encryptBtn = document.createElement('input'); // Encrypt button
encryptBtn.classList.add('button', 'button-info', 'button-large');
encryptBtn.type = 'submit';
encryptBtn.name = 'encrypt';
encryptBtn.value = 'Encrypt';
encryptBtn.style.marginRight = '3px';
document.querySelector('#publishing-action').appendChild(encryptBtn);
const decryptBtn = document.createElement('input'); // Decrypt button
decryptBtn.classList.add('button', 'button-info', 'button-large');
decryptBtn.type = 'submit';
decryptBtn.name = 'decrypt';
decryptBtn.value = 'Decrypt';
document.querySelector('#publishing-action').appendChild(decryptBtn);
</script>
<?php
}
}