X-Git-Url: http://git.roojs.org/?a=blobdiff_plain;f=DataObjects%2FCore_setting.php;h=05816c4e578f50c9626c7678f136cd001943be19;hb=f61e0023b975638a8a1c239decbdcc45e87f192d;hp=d24121a378730f9600e2409b1fcb80e45de15a42;hpb=b6d0410aa5d0eacd1d8dca1c856f8850b0bad8d4;p=Pman.Core diff --git a/DataObjects/Core_setting.php b/DataObjects/Core_setting.php index d24121a3..05816c4e 100644 --- a/DataObjects/Core_setting.php +++ b/DataObjects/Core_setting.php @@ -8,13 +8,18 @@ class Pman_Core_DataObjects_Core_setting extends DB_DataObject function initKeys() { + // return false when fail $dir = $this->getKeyDirectory(); + if(!$dir) { + return false; // only fail case? + } + if( file_exists("{$dir}/pub.key") || file_exists("{$dir}/pri.key") ){ - return; + return true; } $ssl = openssl_pkey_new(array( @@ -29,6 +34,8 @@ class Pman_Core_DataObjects_Core_setting extends DB_DataObject file_put_contents("{$dir}/pub.key",$pub_key); file_put_contents("{$dir}/pri.key",$pri_key); + + return true; } function lookup($m,$n) @@ -38,9 +45,11 @@ class Pman_Core_DataObjects_Core_setting extends DB_DataObject 'module' => $m, 'name' => $n )); + if($s->find(true)) { return $s; } + return false; } @@ -52,11 +61,19 @@ class Pman_Core_DataObjects_Core_setting extends DB_DataObject function getKeyDirectory() { $client_dir = HTML_FlexyFramework::get()->Pman['storedir']; + $key_dir = $client_dir.'/keys'; - if(!file_exists($key_dir)) { - $this->checkWritable(get_class($this),__FUNCTION__,$client_dir); - exec("mkdir -m775 {$key_dir}"); + + if(file_exists($key_dir)) { + return $key_dir; } + + if(!is_writable($key_dir)) { + return false; + } + + mkdir($key_dir, 0755, true); + return $key_dir; } @@ -64,33 +81,32 @@ class Pman_Core_DataObjects_Core_setting extends DB_DataObject // should not be sending this the values.. function initSetting($a) { - $dir = $this->getKeyDirectory(); - if(empty($a)) { return; } + $this->initKeys(); + $c = $this->lookup($a['module'], $a['name']); - if($c) { - return; - } - $this->initKeys(); + $o = $c ? clone($c) : false; - $s = DB_DataObject::factory('core_setting'); + $c = $c ? $c : DB_DataObject::factory('core_setting'); - $s->setFrom(array( + $c->setFrom(array( 'module' => $a['module'], 'name' => $a['name'], 'description' => $a['description'], 'val' => (!isset($a['is_encrypt']) || $a['is_encrypt'] == 1) ? $this->encrypt($a['val']) : $a['val'], - 'is_encrypt' => isset($a['is_encrypt']) ? $a['is_encrypt'] : 1 + 'is_encrypt' => isset($a['is_encrypt']) ? $a['is_encrypt'] : 1, + 'is_valid' => 1 )); - $s->insert(); + $o ? $c->update($o) : $c->insert(); } + //one key for encrypting all the settings function encrypt($v) { $key_dir = "{$this->getKeyDirectory()}/pub.key"; @@ -104,18 +120,41 @@ class Pman_Core_DataObjects_Core_setting extends DB_DataObject if(!$pub_key) { return; } - openssl_public_encrypt($v, $cipher, $pub_key); - return $cipher; + openssl_public_encrypt($v, $ciphertext, $pub_key); + return $ciphertext; } - function checkWritable($cls_name,$func_name,$dir) + function getDecryptVal() { - if(!is_writable($dir)) { - print_r("Cannot run {$cls_name} :: {$func_name}\n"); - print_r("Directory: {$dir} is not writable by current user\n"); - exit; + $dir = $this->getKeyDirectory(); + + if(!$dir) { + return false; } - return true; + if(empty($this->val)) { + return false; + } + + if(empty($this->is_encrypt)) { + return $this->val; + } + + $key_dir = "{$dir}/pri.key"; + + if(!file_exists($key_dir)) { + return false; + } + + $pri_key = file_get_contents($key_dir); + + if(!$pri_key) { + return false; + } + + openssl_private_decrypt($this->val, $plaintext, $pri_key); + + return $plaintext; } + }