X-Git-Url: http://git.roojs.org/?p=Pman.Core;a=blobdiff_plain;f=DataObjects%2FCore_setting.php;h=97ec8bd3742a1f88bc0646132f2a02af0931bb29;hp=bbe5eb7e5465736841827409dbe116cd64409368;hb=HEAD;hpb=22c577fafa02b5433bc418856d0d7e424bb6028c diff --git a/DataObjects/Core_setting.php b/DataObjects/Core_setting.php index bbe5eb7e..e1eea761 100644 --- a/DataObjects/Core_setting.php +++ b/DataObjects/Core_setting.php @@ -8,13 +8,18 @@ class Pman_Core_DataObjects_Core_setting extends DB_DataObject function initKeys() { + // return false when fail + $dir = $this->getKeyDirectory(); + + if(!$dir) { + return false; // only fail case? + } - $dir = $this->keyDir(); if( file_exists("{$dir}/pub.key") || file_exists("{$dir}/pri.key") ){ - return; + return true; } $ssl = openssl_pkey_new(array( @@ -29,78 +34,130 @@ class Pman_Core_DataObjects_Core_setting extends DB_DataObject file_put_contents("{$dir}/pub.key",$pub_key); file_put_contents("{$dir}/pri.key",$pri_key); + + return true; } - function getSetting($m,$n) + function lookup($m,$n) { $s = DB_DataObject::factory('core_setting'); $s->setFrom(array( 'module' => $m, 'name' => $n )); + if($s->find(true)) { return $s; } + return false; } function beforeInsert($q, $roo) { - exit; - - return; + if (isset($q['is_encrypt'])) { + $roo->jerr("no direct access for setting encrypted data at present?"); + } + // we store column data in here now - so it has to be insertable. + //exit; } - function keyDir() + function getKeyDirectory() { - $d = HTML_FlexyFramework::get()->Pman['storedir'].'/key'; - if(!file_exists($d)) { - $oldumask = umask(0); - mkdir($d, 0775, true); - umask($oldumask); + $client_dir = HTML_FlexyFramework::get()->Pman['storedir']; + + $key_dir = $client_dir.'/keys'; + + if(file_exists($key_dir)) { + return $key_dir; + } + + if(!is_writable($key_dir)) { + return false; } - return $d; + + mkdir($key_dir, 0755, true); + + return $key_dir; } - + // FIXME - this needs to go in beforeInsert/beforeUpdate + // should not be sending this the values.. function initSetting($a) { if(empty($a)) { return; } - $c = $this->getSetting($a['module'], $a['name']); - if($c) { - return; - } - - $this->initKeys(); - $val = $a['val']; - if(!isset($a['is_encrypt']) || $a['is_encrypt'] == 1) { - $val = $this->encrypt($val); - } + $c = $this->lookup($a['module'], $a['name']); - $s = DB_DataObject::factory('core_setting'); - $s->setFrom(array( - 'module' => $a['module'], - 'name' => $a['name'], - 'description' => $a['description'], - 'val' =>$val, - 'is_encrypt' => isset($a['is_encrypt']) ? $a['is_encrypt'] : 1 + $o = $c ? clone($c) : false; + + $c = $c ? $c : DB_DataObject::factory('core_setting'); + + $c->setFrom(array( + 'module' => $a['module'], + 'name' => $a['name'], + 'description' => $a['description'], + 'val' => (!isset($a['is_encrypt']) || $a['is_encrypt'] == 1) ? + $this->encrypt($a['val']) : $a['val'], + 'is_encrypt' => isset($a['is_encrypt']) ? $a['is_encrypt'] : 1, + 'is_valid' => 1 )); - $s->insert(); + $o ? $c->update($o) : $c->insert(); } + //one key for encrypting all the settings function encrypt($v) { - $pub_key = file_get_contents("{$this->keyDir()}/pub.key"); + $key_dir = "{$this->getKeyDirectory()}/pub.key"; + + if(!file_exists($key_dir)) { + return false; + } + + $pub_key = file_get_contents($key_dir); if(!$pub_key) { - return; + return false; } - openssl_public_encrypt($v, $cipher, $pub_key); - return $cipher; + openssl_public_encrypt($v, $ciphertext, $pub_key); + return $ciphertext; } + + function decrypt($v) + { + $key_dir = "{$this->getKeyDirectory()}/pri.key"; + + if(!file_exists($key_dir)) { + return false; + } + + $pri_key = file_get_contents($key_dir); + + if(!$pri_key) { + return false; + } + + openssl_private_decrypt($v, $plaintext, $pri_key); + + return $plaintext; + } + + function getDecryptVal() + { + + if(empty($this->val)) { + return false; + } + + if(empty($this->is_encrypt)) { + return $this->val; + } + + return $this->decrypt($this->val); + } + }