joomla/Component-Builder
39
25
Fork 11
Code Issues 75 Pull Requests Projects 4 Wiki Activity

Added medium enencryption and added an over all improvment to the encryption implementation. Added extra security to EXTERNALCODE feature that only allows admin to make use of this feature.

Browse Source
This commit is contained in:
Llewellyn van der Merwe
2018-03-06 04:28:44 +02:00
parent a39289ac9c
commit 417076243d
26 changed files with 583 additions and 326 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
admin/helpers/compiler/a_Get.php
View File

@ -471,11 +471,18 @@ class Get
public $layoutData = array();
/**
* The Advanced Encryption Switch
* The Encryption Types
*
* @var array
*/
public $cryptionTypes = array('basic','medium','whmcs');
/**
* The WHMCS Encryption Switch
*
* @var boolean
*/
public $advancedEncryption = false;
public $whmcsEncryption = false;
/**
* The Basic Encryption Switch
@ -484,6 +491,13 @@ class Get
*/
public $basicEncryption = false;
/**
* The Medium Encryption Switch
*
* @var boolean
*/
public $mediumEncryption = false;
/**
* The Custom field Switch per view
*
@ -1956,16 +1970,21 @@ class Get
{
$field->properties = array_values($field->properties);
}
// check if we have advanced encryption
if (4 == $field->store && (!isset($this->advancedEncryption) || !$this->advancedEncryption))
// check if we have WHMCS encryption
if (4 == $field->store && (!isset($this->whmcsEncryption) || !$this->whmcsEncryption))
{
$this->advancedEncryption = true;
$this->whmcsEncryption = true;
}
// check if we have basic encryption
elseif (3 == $field->store && (!isset($this->basicEncryption) || !$this->basicEncryption))
{
$this->basicEncryption = true;
}
// check if we have better encryption
elseif (5 == $field->store && (!isset($this->mediumEncryption) || !$this->mediumEncryption))
{
$this->mediumEncryption = true;
}
// get the last used version
$field->history = $this->getHistoryWatch('field', $id);
@ -3701,21 +3720,34 @@ class Get
// build local bucket
foreach ($found as $target)
{
// check if the target is valid URL or path
if ((!filter_var($target, FILTER_VALIDATE_URL) === false && ComponentbuilderHelper::urlExists($target))
|| (JPath::clean($target) === $target && JFile::exists($target)))
// check if user has permission to use EXTERNAL code (we may add a custom access switch - use ADMIN for now)
if ($this->user->authorise('core.admin', 'com_componentbuilder'))
{
$this->getExternalCodeString($target, $bucket);
// check if the target is valid URL or path
if ((!filter_var($target, FILTER_VALIDATE_URL) === false && ComponentbuilderHelper::urlExists($target))
|| (JPath::clean($target) === $target && JFile::exists($target)))
{
$this->getExternalCodeString($target, $bucket);
}
// give notice that target is not a valid url/path
else
{
// set key
$key = '[EXTERNA'.'LCODE='.$target.']';
// set the notice
$this->app->enqueueMessage(JText::_('<hr /><h3>External Code Warning</h3>'), 'Warning');
$this->app->enqueueMessage(JText::sprintf('The <b>%s</b> is not a valid url/path!', $key), 'Warning');
$this->app->enqueueMessage('<hr />', 'Warning');
// remove the placeholder
$bucket[$key] = '';
}
}
// give notice that target is not a valid url/path
else
{
// set key
$key = '[EXTERNA'.'LCODE='.$target.']';
// set the notice
$this->app->enqueueMessage(JText::_('<hr /><h3>External Code Warning</h3>'), 'Warning');
$this->app->enqueueMessage(JText::sprintf('The <b>%s</b> is not a valid url/path!', $key), 'Warning');
$this->app->enqueueMessage('<hr />', 'Warning');
$this->app->enqueueMessage(JText::sprintf('%s, you do not have permission to use <b>EXTERNALCODE</b> feature (so it was removed from the compilation), please contact you system administrator for more info!<br /><small>(admin access required)</small>', $this->user->get('name')), 'Error');
// remove the placeholder
$bucket[$key] = '';
}