-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsecurity.php
58 lines (48 loc) · 1.63 KB
/
security.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
<?php if (!defined('DIRECTSCRIPT')) exit('No direct script access allowed');
class Security {
function Security(){
$this->mcrypt_cipher = $GLOBALS['security']['mcrypt']['cipher'] || MCRYPT_RIJNDAEL_256;
$this->mcrypt_mode = $GLOBALS['security']['mcrypt']['mode'] || MCRYPT_MODE_ECB;
$this->key = $GLOBALS['security']['key'];
}
function access_control(){
if($GLOBALS['security']['whitelist_ip'] && count($GLOBALS['security']['whitelist_ip']) > 0) {
if(!in_array($_SERVER['REMOTE_ADDR'], $GLOBALS['security']['whitelist_ip'])){
$api =& get_instance();
$api->output->error('unauthorized', 'Access Denied');
}
}
}
function _docrypt($fields, &$rec, $encrypt){
if ($fields){
foreach($fields as $field){
if (isset($rec[$field]) && $rec[$field] != ''){
if ($encrypt){
$this->_encrypt_data($rec[$field]);
} else {
$this->_decrypt_data($rec[$field]);
}
}
}
}
}
function _encrypt_data(&$value){
$text = $value;
$iv_size = mcrypt_get_iv_size($this->mcrypt_cipher, $this->mcrypt_mode);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$value = mcrypt_encrypt($this->mcrypt_cipher, $this->key, $text, $this->mcrypt_mode, $iv);
}
function _decrypt_data(&$value){
$crypttext = $value;
$iv_size = mcrypt_get_iv_size($this->mcrypt_cipher, $this->mcrypt_mode);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$value = trim(mcrypt_decrypt($this->mcrypt_cipher, $this->key, $crypttext, $this->mcrypt_mode, $iv));
}
function encrypt($fields, &$rec){
$this->_docrypt($fields, $rec, true);
}
function decrypt($fields, &$rec){
$this->_docrypt($fields, $rec, false);
}
}
?>